3 Replies Latest reply on Mar 6, 2017 2:23 AM by mchoma

    j_username null after successful ldap authentication

    mustafasayem

      I am migrating one of the web app that use ldap authentication from jboss4.2.2 to wildfly 10. The authentication works fine in jboss, however I am getting j_username as null after the authentication in wildfly 10. I am migrating the java version from 1.5 to 1.8. The files are as follows:

       

      standalone.xml configuration:

       

      <security-domain name="ldapSecurity">

           <authentication>

                 <login-module code="LdapExtended" flag="required">

                     <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>

                     <module-option name="java.naming.provider.url" value="xxx.xxx.xxx"/>

                     <module-option name="java.naming.security.authentication" value="simple"/>

                     <module-option name="bindDN" value="xxxxxx"/>

                     <module-option name="bindCredential" value="xxxxx"/>

                     <module-option name="baseCtxDN" value="DC=xx,DC=xxxx,DC=com"/>

                     <module-option name="baseFilter" value="(sAMAccountName={0})"/>

                     <module-option name="rolesCtxDN" value="DC=xx,DC=xxx,DC=com"/>

                     <module-option name="roleFilter" value="(sAMAccountName={0})"/>

                     <module-option name="roleAttributeID" value="memberOf"/>

                     <module-option name="roleAttributeIsDN" value="true"/>

                     <module-option name="roleNameAttributeID" value="cn"/>

                     <module-option name="roleRecursion" value="-1"/>

                     <module-option name="allowEmptyPasswords" value="false"/>

                  </login-module>

           </authentication>

      </security-domain>

       

      web.xml

       

      <welcome-file-list><welcome-file>index.jsp</welcome-file></welcome-file-list>

      <filter><filter-name>struts2</filter-name><filter-class>org.apache.struts2.dispatcher.FilterDispatcher</filter-class></filter>

       

       

      <filter-mapping><filter-name>struts2</filter-name><url-pattern>/*</url-pattern></filter-mapping>

      <security-role><role-name>*</role-name></security-role>

      <security-constraint>

        <display-name>ldap</display-name>

        <web-resource-collection>

        <web-resource-name>All JSP Pages</web-resource-name>

        <url-pattern>*.jsp</url-pattern>

        <http-method>POST</http-method>

        <http-method>GET</http-method>

        </web-resource-collection>

        <auth-constraint>

        <role-name>*</role-name>

        </auth-constraint>

      </security-constraint>

      <login-config>

        <auth-method>FORM</auth-method>

        <realm-name>internalAD</realm-name>

        <form-login-config>

        <form-login-page>/jsp/security/login.jsp</form-login-page>

        <form-error-page>/jsp/security/error.jsp</form-error-page>

        </form-login-config>

      </login-config>

       

      index.jsp (I am just trying to get the value for j_username. I tried to get it from the Action class by session.get("j_username") but didn't work as well. )

       

      <%@ page contentType="text/html"%>

      <%@ page import = "javax.servlet.RequestDispatcher" %>

      <%@taglib prefix="c" uri="http://java.sun.com/jstl/core_rt"%>

       

       

      <c:out value="${request.userPrincipal}"></c:out>

      <c:out value="${request.userPrincipal.name}"></c:out>

      <c:out value="${j_exception.class.name}"></c:out>

      <c:out value="${j_username}"></c:out>

      <c:out value="${request.j_username}"></c:out>

      <c:out value="${request.j_security_check}"></c:out>

      <c:out value="${j_security_check}"></c:out>

       

       

      jbossweb.xml

       

      <?xml version="1.0" encoding="UTF-8"?>

      <!DOCTYPE jboss-web PUBLIC

          "-//JBoss//DTD Web Application 4.2//EN"

          "http://www.jboss.org/j2ee/dtd/jboss-web_4_2.dtd">

      <jboss-web>

              <security-domain>ldapSecurity</security-domain>

              <context-root>abcd</context-root>

      </jboss-web>

       

      context.xml

       

      <Context cookies="true" crossContext="true">

          <Valve className="org.jboss.web.tomcat.security.FormAuthValve" includePassword="true"/>

      </Context>

       

       

      Thanks.