3 Replies Latest reply on Apr 25, 2014 4:35 AM by swiderski.maciej

    LDAP JBPM Integration in Version 6

    venumadhavp
    venumadhavp Apr 24, 2014 9:06 AM

      Hi,

       

      Can anyone assist with LDAP integration of JBPM v6 and User Task Service.

       

      Thanks.

      • 943 Views
      • Categories: jBPM 6.0
      • Tags:
        • 1. Re: LDAP JBPM Integration in Version 6
          swiderski.maciej
          swiderski.maciej Apr 24, 2014 12:56 PM (in response to venumadhavp)

          are you running with jbpm console (aka kie-wb) or your custom application?

           

          In case you use jbpm console, it should be enough to configure JBoss login module to be bound to LDAP and all other components of jbpm should make use of that.

           

          HTH

            • Actions
          • 2. Re: LDAP JBPM Integration in Version 6
            venumadhavp
            venumadhavp Apr 25, 2014 3:09 AM (in response to swiderski.maciej)

            Hi,

             

            I did the LDAP and JBPM Standalone.xml configuration. I am able to connect and perform operations in LDAP from LDAP Browser but when I try to login from JBPM Console or user REST API, it throws the below exception: (I can login using LDAP Browser using the same combination of user name and password and security authentication as simple.

             

            08:02:13,173 INFO  [org.jboss.resteasy.cdi.CdiInjectorFactory] (http-localhost-127.0.0.1-8080-1) Found BeanManager at java:comp/BeanManager

            08:02:13,280 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http-localhost-127.0.0.1-8080-1) Login failure: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required

              at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:270) [picketbox-4.0.7.Final.jar:4.0.7.Final]

              at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_55]

              at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_55]

              at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_55]

              at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_55]

              at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762) [rt.jar:1.7.0_55]

              at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) [rt.jar:1.7.0_55]

              at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690) [rt.jar:1.7.0_55]

              at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688) [rt.jar:1.7.0_55]

              at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_55]

              at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687) [rt.jar:1.7.0_55]

              at javax.security.auth.login.LoginContext.login(LoginContext.java:595) [rt.jar:1.7.0_55]

              at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]

              at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]

              at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]

              at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]

              at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:214) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]

              at org.apache.catalina.authenticator.AuthenticatorBase.login(AuthenticatorBase.java:324) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.connector.Request.login(Request.java:3252) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1082) [jbossweb-7.0.13.Final.jar:]

              at org.uberfire.security.server.auth.source.HttpServletRequestAuthenticationSource.authenticate(HttpServletRequestAuthenticationSource.java:38) [uberfire-security-server-0.3.1.Final.jar:0.3.1.Final]

              at org.uberfire.security.server.auth.DefaultAuthenticationProvider.authenticate(DefaultAuthenticationProvider.java:81) [uberfire-security-server-0.3.1.Final.jar:0.3.1.Final]

              at org.uberfire.security.server.auth.HttpAuthenticationManager.authenticate(HttpAuthenticationManager.java:129) [uberfire-security-server-0.3.1.Final.jar:0.3.1.Final]

              at org.uberfire.security.server.HttpSecurityManagerImpl.authenticate(HttpSecurityManagerImpl.java:215) [uberfire-security-server-0.3.1.Final.jar:0.3.1.Final]

              at org.uberfire.security.server.UberFireSecurityFilter.authenticate(UberFireSecurityFilter.java:316) [uberfire-security-server-0.3.1.Final.jar:0.3.1.Final]

              at org.uberfire.security.server.UberFireSecurityFilter.doFilter(UberFireSecurityFilter.java:261) [uberfire-security-server-0.3.1.Final.jar:0.3.1.Final]

              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:397) [jbossweb-7.0.13.Final.jar:]

              at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.1.1.Final.jar:7.1.1.Final]

              at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]

              at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:397) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]

              at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]

              at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]

              at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]

              at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_55]

              • Actions
            • 3. Re: LDAP JBPM Integration in Version 6
              swiderski.maciej
              swiderski.maciej Apr 25, 2014 4:35 AM (in response to venumadhavp)

              it does not seem to be using LDAP configuration on JBoss - still refers to UsernamePasswordLoginModule while it should use one dedicated for LDAP. Make sure you have proper configuration of the login module and valid login module is used by security domain used by jbpm console.

               

              HTH

                • Actions