LDAP Configuration for JBoss Portal
napsteros Mar 27, 2009 10:44 AMHi everybody,
I'm traying to configure [jboss-portal-2.7.1] to be integrated with our LDAP, but each time I deploy application under [jboss-4.2.3.GA] I receive an exception that I ignore the source.
I edit the [ldap_identity-config.xml] as follows :
<identity-configuration> <datasources> <datasource> <name>LDAP</name> <!-- --> <service-name>portal:service=Module,type=LDAPConnectionContext</service-name> <class>org.jboss.portal.identity.ldap.LDAPConnectionContext</class> <!-- --> <config> <option> <name>ldap</name> <value>company.com</value> </option> <option> <name>port</name> <value>389</value> </option> <option> <name>adminDN</name> <value>company-eduid=123,ou=people,dc=company,dc=com</value> </option> <option> <name>adminPassword</name> <value>xxx</value> </option> </config> </datasource> </datasources> <!-- ------------------------------- --> <modules> <module> <type>User</type> <implementation>LDAP</implementation> <class>org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl</class> <config/> </module> <module> <type>Role</type> <implementation>LDAP</implementation> <class>org.jboss.portal.identity.ldap.LDAPExtRoleModuleImpl</class> <config/> </module> <module> <type>Membership</type> <implementation>LDAP</implementation> <config/> </module> <module> <type>UserProfile</type> <implementation>DELEGATING</implementation> <config> <option> <name>ldapModuleJNDIName</name> <value>java:/portal/LDAPUserProfileModule</value> </option> </config> </module> <module> <type>DBDelegateUserProfile</type> <implementation>DB</implementation> <config> <option> <name>randomSynchronizePassword</name> <value>true</value> </option> </config> </module> <module> <type>LDAPDelegateUserProfile</type> <implementation>LDAP</implementation> <config/> </module> </modules> <!-- ------------------------------- --> <options> <option-group> <group-name>common</group-name> <option> <name>userCtxDN</name> <value>ou=People,dc=company,dc=com</value> </option> <option> <name>userSearchFilter</name> <value><![CDATA[(&(sAMAccountName={0})(objectClass=company-person))]]></value> </option> <option> <name>roleCtxDN</name> <value>ou=Roles,dc=company,dc=com</value> </option> <option> <name>roleSearchFilter</name> <value><![CDATA[(&((sAMAccountName={0})(o=CompanyOraganisation)))]]></value> </option> </option-group> </options> <!-- ------------------------------- --> </identity-configuration>
and the [login-config.xml] :
<policy> <!-- For the JCR CMS --> <application-policy name="cms"> <authentication> <login-module code="org.apache.jackrabbit.core.security.SimpleLoginModule" flag="required"/> </authentication> </application-policy> <application-policy name="portal"> <authentication> <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required"> <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory </module-option> <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory </module-option> <module-option name="java.naming.provider.url">ldap://company.com:389/ </module-option> <module-option name="java.naming.security.authentication">simple</module-option> <module-option name="bindDN">cn=user</module-option> <module-option name="bindCredential">xxx</module-option> <module-option name="baseCtxDN">ou=People,dc=company,dc=com</module-option> <module-option name="baseFilter">(uid={0})</module-option> <module-option name="rolesCtxDN">ou=Roles,dc=company,dc=com</module-option> <module-option name="roleFilter">(member={1})</module-option> <module-option name="roleAttributeID">cn</module-option> <module-option name="roleRecursion">-1</module-option> <module-option name="searchTimeLimit">10000</module-option> <module-option name="searchScope">SUBTREE_SCOPE</module-option> <module-option name="allowEmptyPasswords">false</module-option> </login-module> <login-module code="org.jboss.portal.identity.auth.SynchronizingLoginModule" flag="optional"> <module-option name="synchronizeIdentity">true</module-option> <module-option name="synchronizeRoles">true</module-option> <module-option name="additionalRole">Authenticated</module-option> <module-option name="defaultAssignedRole">User</module-option> <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option> <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option> <module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option> <module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option> </login-module> </authentication> </application-policy> </policy>
But unfortunately, I receive these exceptions :
"-- JBoss AS Log--" ERROR [ModuleServicesMetaData] Default module configuration isn t complete ModuleMetaData[type=User, implementation= LDAP, serviceName=null, className=org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl config=org.jboss.portal.identity.metadata.config.ConfigMetaData@1b22cc7] WARN [ServiceController] Problem starting service portal:service=Module,type=IdentityServiceController org.jboss.portal.identity.IdentityException: Error during processing default configuration file "-- Browser error--" HTTP Status 500 - type Exception report message description The server encountered an internal error () that prevented it from fulfilling this request. exception javax.servlet.ServletException: org.hibernate.HibernateException: Unable to locate current JTA transaction org.jboss.portal.server.servlet.PortalServlet.service(PortalServlet.java:278) javax.servlet.http.HttpServlet.service(HttpServlet.java:803) org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) root cause org.hibernate.HibernateException: Unable to locate current JTA transaction ...
I'll be so gratefull..
NapSteros,