5 Replies Latest reply on Jul 30, 2008 4:09 PM by sguilhen

    JBOSS LDAP Integration

    indra_joy
    indra_joy Jul 25, 2008 12:47 PM

      Hi folks,

      I wanted to do JBOSS LDAP Integration and my Login-config.xml is as below

      --<application-policy name="ldap-security">
      --
      --<login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">
      --<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
      --<module-option name="java.naming.provider.url">ldap://IP Address:389/</module-option>
      --<module-option name="java.naming.security.authentication">simple</module-option>
      --<module-option name="principalDNPrefix">cn=</module-option>
      --<module-option name="principalDNSuffix">,CN=users,dc=lab,dc=com</module-option>
      --<module-option name="rolesCtxDN">o=test</module-option>
      --<module-option name="uidAttributeID">member</module-option>
      --<module-option name="matchOnUserDN">true</module-option>
      --<module-option name="roleAttributeID">cn</module-option>
      --<module-option name="roleAttributeIsDN">false</module-option>
      --<module-option name="searchTimeLimit">5000</module-option>
      --<module-option name="searchScope">SUBTREE_SCOPE</module-option>
      --</login-module>
      --
      --</application-policy>

      But I am not able to see the Login popup when I am there in my jmx_console. Means it's not validatiing.

      In my Server Log I am able to see
      Started jboss.security:service
      And this is a debig message. There is no error. Could you please help me in this.

      Thanks in advance.

      • 2564 Views
      • Tags:
        • 1. Re: JBOSS LDAP Integration
          sfisque
          sfisque Jul 25, 2008 12:53 PM (in response to indra_joy)

          is this a web app or a web service?

          if it is a webapp, have you connected the security handler ( in your code, "ldap-security") with the security-constraints in your app. there is documentation for doing this so i will not repeat it here.

          if it is a web service, make sure the end point knows about the security handler. if you are using EJB3 endpoints, you will need to add the @WebContext and @SecurityDomain annotations. if you are deploying it in a more traditional format, the xml descriptor files will need to be updated to include this linkage.

          == stanton

            • Actions
          • 2. Re: JBOSS LDAP Integration
            indra_joy
            indra_joy Jul 25, 2008 1:25 PM (in response to indra_joy)

            You Are correct. But My problem is little different. I want to validate LDAP user when I click on http://localhost:8080/jmx_console. If I defined the application policy in the Login-config to authenticate. I should get a pop-up for logging in the JMX_CONSOLE. Where this user will be from LDAP.

            Please correct if I am wrong.

              • Actions
            • 3. Re: JBOSS LDAP Integration
              sfisque
              sfisque Jul 25, 2008 2:12 PM (in response to indra_joy)

              does the jboss-web.xml inside the jmx-console.war have a reference to the security domain?

              e.g.

              <jboss-web>
              <security-domain>java:/jaas/ldap-security</security-domain>
              </jboss-web>


              note the java:/jaas/ in front of the name you gave it in the login-config.xml

              == stanton

                • Actions
              • 4. Re: JBOSS LDAP Integration
                indra_joy
                indra_joy Jul 28, 2008 9:42 AM (in response to indra_joy)

                Thanks sir tried the same but it's no good. Still it's saying no security domain given

                  • Actions
                • 5. Re: JBOSS LDAP Integration
                  sguilhen
                  sguilhen Jul 30, 2008 4:09 PM (in response to indra_joy)

                  indra_joy: try following this documentation in order to secure the jmx-console: http://wiki.jboss.org/wiki/SecureTheJmxConsole

                    • Actions