Hi all,
I'm trying to get JBoss to secure a web app for me. I initially tried this just against Tomcat using a context.xml file and got it working. I've now "moved up a level" to JBoss and can't see where I'm going wrong.
I've put the following at the bottom of my login-config.xml:
<application-policy name="ldapsecurity">
<login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option name="java.naming.provider.url">ldap://127.0.0.1:10389/</module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
<module-option name="bindDN">uid=admin, ou=system</module-option>
<module-option name="bindCredential">secret</module-option>
<module-option name="baseFilter">(uid={0})</module-option>
<module-option name="baseCtxDN">ou=Users,dc=example,dc=com</module-option>
<module-option name="rolesCtxDN">ou=Groups,dc=example,dc=com</module-option>
<module-option name="roleFilter">(uniquemember={0})</module-option>
<module-option name="roleAttributeID">cn</module-option>
<module-option name="roleRecursion">-1</module-option>
</login-module>
</application-policy>
....and I created a jboss-web.xml in the WEB-INF folder of my web app and put this in it:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE jboss-web PUBLIC
"-//JBoss//DTD Web Application 2.4//EN"
"http://www.jboss.org/j2ee/dtd/jboss-web_4_0.dtd">
<jboss-web>
<security-domain>java:/jaas/ldapsecurity</security-domain>
</jboss-web>
...but when i try and access my restricted content, I get asked for my username and password as expected, but they aren't recognised.
Is there anything obvious I'm missing?
Thanks for any help,
Phil.