The classes are part of the 'identity' module.

I had some issues when enabling LDAP authentication using JBoss Portal 2.4.1. The authentication worked, but the securities did not. This is what I ended up doing. Maybe it will help you in some way:

- I downloaded the source (2.4.1) so I could build the JBoss Portal myself.
- I DID NOT enable LDAP authenitcation and used the standard setup that comes with JBoss Portal.
- I created all the users I wanted in JBoss Portal the usual way, all with the same password, for example, "mypassword", but made sure that each username corresponded to the user name in my LDAP directory.
- I downloaded the JLdap library from www.openldap.org.
- I put the jar file in the portal lib directory.
- I added the jar file to jboss-portal-2.4.1-src\thirdparty.
- Added the classpath to jboss-portal-2.4.1-src\identity\build.xml.
- I edited jboss-portal-2.4.1-src\identity\src\main\org\jboss\portal\identity\auth\IdentityLoginModule in the JBoss Portal source code and added my own LDAPAuthentication method.
- In IdentityLoginModule, I edited the method validatePassword, and at the top of it, I called my LDAPAuthentication method with the supplied username and password, which then returned true if LDAP authenitcation passed, or false if it failed. If true was returned, I changed the supplied password to "mypassword" in validatePassword method, otherwise I changed it to "incorrect" or some other incorrect string. Now the rest of validatePassword method continues normally, and will login the user locally if they used their correct LDAP password.
- I built the portal source from scratch, and my customized LDAP authentication worked perfectly.

A workaround I know, but it works, and hopefully will help someone else.
When JBoss Portal 2.6 is stable, I will upgrade to that, and all of this will probably fall away

arnieAustin: UserModule and RoleModule are interfaces that you need to implement. UserModuleImpl and RoleModuleImpl are JBP implementation you can use as an example. To plug in your implementation change those class names in core/src/resources/portal-sar/META-INF/jboss-service.xml

dleerob: Did you try using LdapLoginModule from JBossSX and adding all the users in LDAP to a role called "Authenticated"?

JBoss Portal 2.6 will come with some ready implementations of user/roles modules for LDAP

bdaw: I followed the wiki at: http://wiki.jboss.org/wiki/Wiki.jsp?page=UsingAnLDAPSourceForPortalAuthentication

I did create a role "Authenticated" in LDAP and assign it to everyone in our company.

The LDAP authentication did work, but because I also had to create users locally to match the users in LDAP, the securities to pages etc did not work when I used the LDAP password for a user. It only worked when using the local JBoss password for that user. That's why I ended up with my own workaround. Seemed no one could help.

PostPosted: Tue Feb 13, 2007 04:56 AM Post subject: Re: HOWTO: Replace portal authentication and authorization

arnieAustin: UserModule and RoleModule are interfaces that you need to implement. UserModuleImpl and RoleModuleImpl are JBP implementation you can use as an example. To plug in your implementation change those class names in core/src/resources/portal-sar/META-INF/jboss-service.xml

dleerob: Did you try using LdapLoginModule from JBossSX and adding all the users in LDAP to a role called "Authenticated"?

JBoss Portal 2.6 will come with some ready implementations of user/roles modules for LDAP