LDAP Configuration for JBoss Portal
Hi everybody,
I'm traying to configure [jboss-portal-2.7.1] to be integrated with our LDAP, but each time I deploy application under [jboss-4.2.3.GA] I receive an exception that I ignore the source.
I edit the [ldap_identity-config.xml] as follows :
<identity-configuration>
<datasources>
<datasource>
<name>LDAP</name>
<!-- -->
<service-name>portal:service=Module,type=LDAPConnectionContext</service-name>
<class>org.jboss.portal.identity.ldap.LDAPConnectionContext</class>
<!-- -->
<config>
<option>
<name>ldap</name>
<value>company.com</value>
</option>
<option>
<name>port</name>
<value>389</value>
</option>
<option>
<name>adminDN</name>
<value>company-eduid=123,ou=people,dc=company,dc=com</value>
</option>
<option>
<name>adminPassword</name>
<value>xxx</value>
</option>
</config>
</datasource>
</datasources>
<!-- ------------------------------- -->
<modules>
<module>
<type>User</type>
<implementation>LDAP</implementation>
<class>org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl</class>
<config/>
</module>
<module>
<type>Role</type>
<implementation>LDAP</implementation>
<class>org.jboss.portal.identity.ldap.LDAPExtRoleModuleImpl</class>
<config/>
</module>
<module>
<type>Membership</type>
<implementation>LDAP</implementation>
<config/>
</module>
<module>
<type>UserProfile</type>
<implementation>DELEGATING</implementation>
<config>
<option>
<name>ldapModuleJNDIName</name>
<value>java:/portal/LDAPUserProfileModule</value>
</option>
</config>
</module>
<module>
<type>DBDelegateUserProfile</type>
<implementation>DB</implementation>
<config>
<option>
<name>randomSynchronizePassword</name>
<value>true</value>
</option>
</config>
</module>
<module>
<type>LDAPDelegateUserProfile</type>
<implementation>LDAP</implementation>
<config/>
</module>
</modules>
<!-- ------------------------------- -->
<options>
<option-group>
<group-name>common</group-name>
<option>
<name>userCtxDN</name>
<value>ou=People,dc=company,dc=com</value>
</option>
<option>
<name>userSearchFilter</name>
<value><![CDATA[(&(sAMAccountName={0})(objectClass=company-person))]]></value>
</option>
<option>
<name>roleCtxDN</name>
<value>ou=Roles,dc=company,dc=com</value>
</option>
<option>
<name>roleSearchFilter</name>
<value><![CDATA[(&((sAMAccountName={0})(o=CompanyOraganisation)))]]></value>
</option>
</option-group>
</options>
<!-- ------------------------------- -->
</identity-configuration>
and the [login-config.xml] :
<policy>
<!-- For the JCR CMS -->
<application-policy name="cms">
<authentication>
<login-module code="org.apache.jackrabbit.core.security.SimpleLoginModule" flag="required"/>
</authentication>
</application-policy>
<application-policy name="portal">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory </module-option>
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory </module-option>
<module-option name="java.naming.provider.url">ldap://company.com:389/ </module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
<module-option name="bindDN">cn=user</module-option>
<module-option name="bindCredential">xxx</module-option>
<module-option name="baseCtxDN">ou=People,dc=company,dc=com</module-option>
<module-option name="baseFilter">(uid={0})</module-option>
<module-option name="rolesCtxDN">ou=Roles,dc=company,dc=com</module-option>
<module-option name="roleFilter">(member={1})</module-option>
<module-option name="roleAttributeID">cn</module-option>
<module-option name="roleRecursion">-1</module-option>
<module-option name="searchTimeLimit">10000</module-option>
<module-option name="searchScope">SUBTREE_SCOPE</module-option>
<module-option name="allowEmptyPasswords">false</module-option>
</login-module>
<login-module code="org.jboss.portal.identity.auth.SynchronizingLoginModule" flag="optional">
<module-option name="synchronizeIdentity">true</module-option>
<module-option name="synchronizeRoles">true</module-option>
<module-option name="additionalRole">Authenticated</module-option>
<module-option name="defaultAssignedRole">User</module-option>
<module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
<module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
<module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option>
<module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option>
</login-module>
</authentication>
</application-policy>
</policy>
But unfortunately, I receive these exceptions :
"-- JBoss AS Log--" ERROR [ModuleServicesMetaData] Default module configuration isn t complete ModuleMetaData[type=User, implementation= LDAP, serviceName=null, className=org.jboss.portal.identity.ldap.LDAPExtUserModuleImpl config=org.jboss.portal.identity.metadata.config.ConfigMetaData@1b22cc7] WARN [ServiceController] Problem starting service portal:service=Module,type=IdentityServiceController org.jboss.portal.identity.IdentityException: Error during processing default configuration file "-- Browser error--" HTTP Status 500 - type Exception report message description The server encountered an internal error () that prevented it from fulfilling this request. exception javax.servlet.ServletException: org.hibernate.HibernateException: Unable to locate current JTA transaction org.jboss.portal.server.servlet.PortalServlet.service(PortalServlet.java:278) javax.servlet.http.HttpServlet.service(HttpServlet.java:803) org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) root cause org.hibernate.HibernateException: Unable to locate current JTA transaction ...
I'll be so gratefull..
NapSteros,