LDAP Connection error
saigon_man Sep 22, 2007 9:05 PMHi,
I am trying to set up an LDAP connection to the ApacheDS. However I got an error when trying to connect to the server. Here are my setup
in jboss-service.xml
change the name of identity-config.xml to ldap_identity-config.xml (as said in the document, chapter 16)
in ldap_identity-config.xml: change the following codes
<datasource> <name>LDAP</name> <config> <option> <name>host</name> <value>localhost</value> </option> <option> <name>port</name> <value>10389</value> </option> <option> <name>adminDN</name> <value>uid=admin,ou=system</value> </option> <option> <name>adminPassword</name> <value>secret</value> </option> <!--<option> <name>protocol</name> <value>ssl</value> </option>--> <option> <name>externalContextJndiName</name> <value>external/ldap/jboss</value> </option> </config> </datasource> </datasources>
in login-config.xml: change the following codes (as said in the wiki: http://wiki.jboss.org/wiki/Wiki.jsp?page=UsingAnLDAPSourceForPortalAuthentication)
<application-policy name="portal"> <authentication> <!--To configure LDAP support with IdentityLoginModule please check documentation on how to configure portal identity modules for this--> <login-module code="org.jboss.portal.identity.auth.IdentityLoginModule" flag="sufficient"> <module-option name="unauthenticatedIdentity">guest</module-option> <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option> <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option> <module-option name="additionalRole">Authenticated</module-option> <module-option name="password-stacking">useFirstPass</module-option> </login-module> <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required" > <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option> <module-option name="java.naming.provider.url">ldap://localhost:10389</module-option> <module-option name="java.naming.security.authentication">simple</module-option> <module-option name="baseCtxDN">ou=People,o=portal</module-option> <module-option name="baseFilter">(uid={0})</module-option> <module-option name="rolesCtxDN">ou=Groups,o=portal</module-option> <module-option name="roleFilter">(member={1})</module-option> <module-option name="roleAttributeID">member</module-option> <module-option name="roleRecursion">-1</module-option> <module-option name="roleNameAttributeID">cn</module-option> <module-option name="roleAttributeIsDN">true</module-option> <module-option name="searchTimeLimit">5000</module-option> <module-option name="searchScope">SUBTREE_SCOPE</module-option> </login-module> </authentication>
I am using the ldif file: portal-sample-local.ldif provided in jboss source
I am able to connect to the server using jxplorer application with the same admin user name and password (as stated in the ldap_identity-config.xml)
However, from within jboss server, when I try to login using the username/password: admin/admin, I recieved errors
ERROR [IdentityLoginModule] Error when validating password
org.jboss.portal.common.transaction.NestedException: javax.security.auth.login.LoginException: org.jboss.portal.identity.IdentityException: Unable to connect to
LDAP: Name: null, Host: localhost, Port: 10389, Context factory: com.sun.jndi.ldap.LdapCtxFactory, Admin user: uid=admin,ou=system, Admin password: ***, Authen
tication: simple, Protocol: null
I am using Jboss portal 2.6.1
What am I missing here? Or is there any step should I follow?
Your help is greatly appreciated
Thanks,
SGM