4 Replies Latest reply on Aug 11, 2017 9:20 AM by hamzawi007

    Wildfly 10 and ldaps integration

    george.liolios

      I have create a new security domain in standalone.xml file:

       

      <security-domain name="LDAPAuth">
        
      <authentication>
        
      <login-module code="LdapExtended" flag="required">
        
      <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
        
      <module-option name="java.naming.provider.url" value="ldaps://10.0.0.11:636"/>
        
      <module-option name="java.naming.security.authentication" value="simple"/>
        
      <module-option name="bindDN" value="CN=admin user,OU=It,OU=Employees,OU=SOL sa,DC=sol,DC=solsa,DC=gr"/>
        
      <module-option name="bindCredential" value="somepasswd"/>
        
      <module-option name="baseCtxDN" value="OU=SOL sa,DC=sol,DC=solsa,DC=gr"/>
        
      <module-option name="baseFilter" value="(uid={0})"/>
        
      <module-option name="rolesCtxDN" value="OU=SOL sa,DC=sol,DC=solsa,DC=gr"/>
        
      <module-option name="roleFilter" value="(member={1})"/>
        
      <module-option name="roleAttributeID" value="cn"/>
        
      <module-option name="searchScope" value="ONELEVEL_SCOPE"/>
        
      <module-option name="allowEmptyPasswords" value="true"/>
        
      </login-module>
        
      </authentication>
        
      </security-domain>

       

      In web.xml I have add:

       

      <security-constraint>

          <web-resource-collection>

              <web-resource-name>HtmlAuth</web-resource-name>

              <description>application security constraints</description>

              <url-pattern>/*</url-pattern>

              <http-method>GET</http-method>

              <http-method>POST</http-method>

          </web-resource-collection>

          <auth-constraint>

              <role-name>LDAPgroup</role-name>

          </auth-constraint>

          </security-constraint>

          <login-config>

              <auth-method>FORM</auth-method>

              <realm-name>LDAPAuth</realm-name>

              <form-login-config>

                  <form-login-page>/members/logon/login.jsp</form-login-page>

                  <form-error-page>/members/logon/loginError.jsp</form-error-page>

              </form-login-config>

          </login-config>

          <security-role>

              <role-name>Domain users</role-name>

          </security-role>

       

      I create jboss-web.xml:

       

      <?xml version="1.0" encoding="UTF-8"?>
      <jboss-web>
        
      <security-domain>java:/jaas/LDAPAuth</security-domain>
      </jboss-web>

       

      The user login fail to loginError.jsp with Login failure: javax.security.auth.login.FailedLoginException: PBOX00070: Password invalid/Password required in log.

       

      Any idea?