wildfly 8 security realm through ldaps
ninjasftw May 20, 2015 5:50 AMHi,
I'm trying to get ldap over SSL management authentication working. It works fine over non SSL traffic but as soon as I change to SSL and try to connect with jboss-cli.sh it fails with:
Caused by: javax.security.sasl.SaslException: Authentication failed: the server presented no authentication mechanisms
My Realm is setup as follows
<security-realm name="LdapConnection">
<server-identities>
<ssl>
<keystore provider="PKCS12" path="server.p12" relative-to="jboss.server.config.dir" keystore-password="password"/>
</ssl>
</server-identities>
<authentication>
<truststore provider="PKCS12" path="server.p12" relative-to="jboss.server.config.dir" keystore-password="password"/>
<ldap connection="remoteLdap" base-dn="ou=People,dc=sssl,dc=company,dc=com" recursive="true">
<username-filter attribute="uid"/>
</ldap>
</authentication>
<authorization>
<ldap connection="remoteLdap">
<username-to-dn force="true">
<username-filter base-dn="ou=People,dc=sssl,dc=company,dc=com" recursive="false" user-dn-attribute="dn" attribute="uid"/>
</username-to-dn>
<group-search group-name="SIMPLE" iterative="true" group-dn-attribute="dn" group-name-attribute="cn">
<group-to-principal search-by="DISTINGUISHED_NAME" base-dn="ou=Groups,ou=Apps,dc=sssl,dc=company,dc=com">
<membership-filter principal-attribute="member"/>
</group-to-principal>
</group-search>
</ldap>
</authorization>
</security-realm>
With my LDAP connection as follows;
<outbound-connections>
<ldap name="remoteLdap" url="ldaps://ldap-server:636" security-realm="LdapConnection"/>
</outbound-connections>
I can't seem to get any actual log information about what is failing even though i've added the below logging tags
<logger category="org.jboss.as.security">
<level name="TRACE"/>
</logger>
<logger category="org.jboss.as.cli">
<level name="TRACE"/>
</logger>
<logger category="org.jboss.remoting">
<level name="TRACE"/>
</logger>
Any help with either the issue or how to get some useful log messages would be greatly appreciated!