[JBoss 6.0 M1] javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
longbeach Jan 1, 2010 7:25 AMHi,
Happy new year.
I have a problem when i try to log on a LDAP server through some Java code, using the LdapExtLoginModule login module in JBoss 6.O M1.
Here is my login-config.xml file :
- <application-policy name="venteEnLigne_domaine_LDAP">
- <authentication>
- <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required" >
- <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
- <module-option name="java.naming.provider.url">ldap://localhost:10389</module-option>
- <module-option name="java.naming.security.authentication">simple</module-option>
- <module-option name="bindDN">uid=admin,ou=system</module-option>
- <module-option name="bindCredential">secret</module-option>
- <module-option name="baseCtxDN">ou=users,ou=system</module-option>
- <module-option name="baseFilter">(sAMAccountName={0})</module-option>
- <module-option name="roleFilter">(member={1})</module-option>
- <module-option name="searchScope">ONELEVEL_SCOPE</module-option>
- <module-option name="allowEmptyPasswords">false</module-option>
- </login-module>
- </authentication>
- </application-policy>
Here is my Java code to connect to the LDAP server :
- SecurityClient securityClient;
- securityClient = SecurityClientFactory.getSecurityClient();
- securityClient.setSimple("log6", "pwd6");
- securityClient.login();
Here is the log of the server when i start it :
- etAppConfigurationEntry(venteEnLigne_domaine_LDAP), authInfo=AppConfigurationEntry[]:
- [0]
- LoginModule Class: org.jboss.security.auth.spi.LdapExtLoginModule
- ControlFlag: LoginModuleControlFlag : required
- Options:
- name=baseFilter, value=(sAMAccountName={0})
- name=java.naming.security.authentication, value=simple
- name=java.naming.factory.initial, value=com.sun.jndi.ldap.LdapCtxFactory
- name=allowEmptyPasswords, value=false
- name=roleFilter, value=(member={1})
- name=bindCredential, value=****
- name=bindDN, value=uid=admin,ou=system
- name=java.naming.provider.url, value=ldap://localhost:10389
- name=baseCtxDN, value=ou=users,ou=system
- name=searchScope, value=ONELEVEL_SCOPE
And here is the log when i attempt to connect with the previous Java code :
- 2010-01-01 13:13:56,714 TRACE [org.jboss.security.auth.spi.LdapExtLoginModule] (WorkerThread#0[127.0.0.1:51632]) initialize
- 2010-01-01 13:13:56,714 TRACE [org.jboss.security.auth.spi.LdapExtLoginModule] (WorkerThread#0[127.0.0.1:51632]) Security domain: venteEnLigne_domaine_LDAP
- 2010-01-01 13:13:56,714 TRACE [org.jboss.security.auth.spi.LdapExtLoginModule] (WorkerThread#0[127.0.0.1:51632]) login
- 2010-01-01 13:13:56,714 TRACE [org.jboss.security.auth.spi.LdapExtLoginModule] (WorkerThread#0[127.0.0.1:51632]) Authenticating as unauthenticatedIdentity=null
- 2010-01-01 13:13:56,714 DEBUG [org.jboss.security.auth.spi.LdapExtLoginModule] (WorkerThread#0[127.0.0.1:51632]) Bad password for username=null
- 2010-01-01 13:13:56,715 TRACE [org.jboss.security.auth.spi.LdapExtLoginModule] (WorkerThread#0[127.0.0.1:51632]) abort
- 2010-01-01 13:13:56,715 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.venteEnLigne_domaine_LDAP] (WorkerThread#0[127.0.0.1:51632]) Login failure
- javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
- at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:252)
- at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
- at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
- at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
- at java.lang.reflect.Method.invoke(Unknown Source)
- at javax.security.auth.login.LoginContext.invoke(Unknown Source)
- at javax.security.auth.login.LoginContext.access$000(Unknown Source)
- at javax.security.auth.login.LoginContext$4.run(Unknown Source)
- at java.security.AccessController.doPrivileged(Native Method)
- at javax.security.auth.login.LoginContext.invokePriv(Unknown Source)
- at javax.security.auth.login.LoginContext.login(Unknown Source)
- at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:553)
- at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:487)
- at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
- at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
- at org.jboss.security.javaee.EJBAuthenticationHelper.isValid(EJBAuthenticationHelper.java:87)
- at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:164)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.ejb3.interceptor.EJB3TCCLInterceptor.invoke(EJB3TCCLInterceptor.java:86)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.ejb3.stateful.StatefulContainer.dynamicInvoke(StatefulContainer.java:567)
- at org.jboss.ejb3.session.InvokableContextClassProxyHack._dynamicInvoke(InvokableContextClassProxyHack.java:53)
- at org.jboss.aop.Dispatcher.invoke(Dispatcher.java:91)
- at org.jboss.aspects.remoting.AOPRemotingInvocationHandler.invoke(AOPRemotingInvocationHandler.java:82)
- at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:897)
- at org.jboss.remoting.transport.socket.ServerThread.completeInvocation(ServerThread.java:768)
- at org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:721)
- at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:548)
- at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:234)
- 2010-01-01 13:13:56,715 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.venteEnLigne_domaine_LDAP] (WorkerThread#0[127.0.0.1:51632]) End isValid, false
- 2010-01-01 13:13:56,719 TRACE [org.jboss.security.audit.providers.LogAuditProvider] (WorkerThread#0[127.0.0.1:51632]) [Error]Source=org.jboss.security.javaee.EJBAuthenticationHelper;principal=null;method=sauver;
- javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
- at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:252)
- at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
- at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
- at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
- at java.lang.reflect.Method.invoke(Unknown Source)
- at javax.security.auth.login.LoginContext.invoke(Unknown Source)
- at javax.security.auth.login.LoginContext.access$000(Unknown Source)
- at javax.security.auth.login.LoginContext$4.run(Unknown Source)
- at java.security.AccessController.doPrivileged(Native Method)
- at javax.security.auth.login.LoginContext.invokePriv(Unknown Source)
- at javax.security.auth.login.LoginContext.login(Unknown Source)
- at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:553)
- at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:487)
- at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)
- at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)
- at org.jboss.security.javaee.EJBAuthenticationHelper.isValid(EJBAuthenticationHelper.java:87)
- at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:164)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.ejb3.interceptor.EJB3TCCLInterceptor.invoke(EJB3TCCLInterceptor.java:86)
- at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102)
- at org.jboss.ejb3.stateful.StatefulContainer.dynamicInvoke(StatefulContainer.java:567)
- at org.jboss.ejb3.session.InvokableContextClassProxyHack._dynamicInvoke(InvokableContextClassProxyHack.java:53)
- at org.jboss.aop.Dispatcher.invoke(Dispatcher.java:91)
- at org.jboss.aspects.remoting.AOPRemotingInvocationHandler.invoke(AOPRemotingInvocationHandler.java:82)
- at org.jboss.remoting.ServerInvoker.invoke(ServerInvoker.java:897)
- at org.jboss.remoting.transport.socket.ServerThread.completeInvocation(ServerThread.java:768)
- at org.jboss.remoting.transport.socket.ServerThread.processInvocation(ServerThread.java:721)
- at org.jboss.remoting.transport.socket.ServerThread.dorun(ServerThread.java:548)
- at org.jboss.remoting.transport.socket.ServerThread.run(ServerThread.java:234)
That's very strange because i can connect with that use using
DirContext context = new InitialDirContext(env); // env is an Hashmap with the correct options
How come it ignores the password, says it's incorrect / missing ?
Thanks for helping.