Problem using LdapExtLoginModule - javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
naislav Jul 11, 2013 4:49 AMHi!
We are exposing a web service via ESB service using JBoss SOA Platform Version 5.3.0.GA.
In the jboss-esb.xml for that service we define the following:
<service
category="SampleServiceCategory"
name="SampleServiceName"
description="SampleService description">
<security moduleName="testLDAP"
>
<property name="org.jboss.soa.esb.services.security.contextTimeout" value="100000"/>
</security>
<listeners>
In the login-config.xml on the server, we define the following:
<application-policy name="testLDAP">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
<module-option name="java.naming.provider.url" value="ldap\://192.168.**.**\:389"/>
<module-option name="java.naming.referral" value="follow"/>
<module-option name="bindDN" value="cn\=admin,cn\=Users,dc\=admin,dc\=org"/> <!-- admin@admin.org-->
<module-option name="bindCredential">******</module-option>
<module-option name="baseCtxDN" value="ou\=alabala,dc\=admin,dc\=org"/>
<module-option name="baseFilter" value="(sAMAccountName={0})"/>
<module-option name="rolesCtxDN" value="ou\=alabala,dc\=admin,dc\=org"/>
<module-option name="roleFilter" value="(sAMAccountName={0})"/>
<module-option name="roleAttributeID" value="memberOf"/>
<module-option name="roleAttributeIsDN" value="true"/>
<module-option name="roleNameAttributeID" value="CN"/>
<module-option name="roleRecursion" value="2"/>
<module-option name="searchScope" value="SUBTREE_SCOPE"/>
<module-option name="java.naming.security.authentication" value="simple"/>
<module-option name="allowEmptyPasswords" value="false"/>
<module-option name="throwValidateError" value="true"/>
</login-module>
</authentication>
</application-policy>
However, we keep getting the same error:
17:06:13,437 ERROR [ActionProcessingPipeline] SecurityService exception :
org.jboss.soa.esb.services.security.SecurityServiceException: Exception while trying to login:
at org.jboss.internal.soa.esb.services.security.JaasSecurityService.authenticate(JaasSecurityService.java:102)
at org.jboss.soa.esb.listeners.message.ActionProcessingPipeline.processPipeline(ActionProcessingPipeline.java:558)
at org.jboss.soa.esb.listeners.message.ActionProcessingPipeline.process(ActionProcessingPipeline.java:442)
at org.jboss.soa.esb.listeners.message.MessageAwareListener$TransactionalRunner.run(MessageAwareListener.java:587)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:252)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
We know for sure that this LDAP server is up and running and our login credentials are correct.
I tried to check a bit that problem and tried to raise the debug level as suggested by here:https://community.jboss.org/thread/221368
with little success.
Maybe we should change the debug level somewhere else? Or if someone have more ideas what can be reason for that exception
would be of a great value to us