3 Replies Latest reply on Jul 21, 2011 9:12 AM by Wolfgang Knauf

    own LdapLoginModul in JBoss 6

    Carmen Teich Newbie

      Hello,

       

      I migrate my applcation from JBoss 4.4 to JBoss 6 and I have a own LdapLoginModul which I have to integrate.

       

      So I create a edesk-login-jboss-beans.xml like it is describe here: http://anil-identity.blogspot.com/2009/05/as5-specifying-security-domain.html

       

      But I always get errors, when I start the server.

       

      edesk-login-jboss-beans.xml:

       

      <?xml version="1.0" encoding="UTF-8"?>

       

      <deployment xmlns="urn:jboss:bean-deployer:2.0">

       

      <!-- Used by edesk server -->

          <application-policy xmlns="urn:jboss:security-beans:1.0" name="edesk">

              <authentication>

                  <login-module code="de.xcom.edesk.jboss.EdeskLdapLoginModule" flag="required">

                      <!-- Connect to XCOM Domino Server to use the Notes DB for authentication -->

                      <module-option name="ExternalUserManagerJNDI">ejb3/edesk/LocalExternalUserManagerImpl</module-option>

                      <!--

                          The URL for the LDAP connection. Do not specify a port. By default, port 389 is used.

                          To specify an ssl connection, use the java.naming.security.protocol option.

                          The default value is: ldap://localhost

                      -->

                      <module-option name="ldap.servers">10.40.21.32</module-option>

                      <!--

                          The security to use on the connection. The default is to use no security.

                          Set this option to ssl for an ssl connection on port 636.

                      -->

                      <module-option name="java.naming.security.protocol">none</module-option>

       

                      <module-option name="unauthenticatedIdentity">Nobody</module-option>

       

                      <module-option name="java.naming.security.authentication">simple</module-option>

                      <!--

                          The name of the attribute that identifies a User uniquely. This value can never change.

                          Some LDAP systems don't have an immutable User id. In these cases, the name of the User

                          can be used, but the User can never change their name.

                      -->

                      <module-option name="userUID">uid</module-option>

                      <!--

                          The name of the attribute in the person LDAP object containing extra information. Up

                          to 9 of these are supported, named "userAttr1", "userAttr2", ... "userAttr9".

                          The value is either the name of the ldap field, or the name and an optional description. The

                          name and description are separated by a comma.

                      -->

                      <module-option name="userAttr1">companyname, Firma</module-option>

                      <module-option name="userAttr2">mail, Email Adresse</module-option>

                      <module-option name="userAttr3"></module-option>

                      <module-option name="userAttr4"></module-option>

                      <module-option name="userAttr5"></module-option>

                      <module-option name="userAttr6"></module-option>

                      <module-option name="userAttr7"></module-option>

                      <module-option name="userAttr8"></module-option>

                      <module-option name="userAttr9"></module-option>

                  </login-module>

              </authentication>

          </application-policy>

       

      </deployment>

       

      the stacktrace:

       

      11:29:06,534 ERROR [AbstractKernelController] Error installing to Start: name=eDesk:service=Admin state=Create mode=Manual requiredState=Installed: javax.ejb.EJBAccessException: Invalid User

          at org.jboss.ejb3.security.Ejb3AuthenticationInterceptorv2.invoke(Ejb3AuthenticationInterceptorv2.java:161) [:1.7.17]

          at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]

          at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:41) [:1.7.17]

          at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]

          at org.jboss.ejb3.BlockContainerShutdownInterceptor.invoke(BlockContainerShutdownInterceptor.java:67) [:1.7.17]

          at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]

          at org.jboss.ejb3.core.context.CurrentInvocationContextInterceptor.invoke(CurrentInvocationContextInterceptor.java:47) [:1.7.17]

          at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]

          at org.jboss.aspects.currentinvocation.CurrentInvocationInterceptor.invoke(CurrentInvocationInterceptor.java:67) [:1.0.1]

          at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]

          at org.jboss.ejb3.interceptor.EJB3TCCLInterceptor.invoke(EJB3TCCLInterceptor.java:86) [:1.7.17]

          at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]

          at org.jboss.ejb3.stateless.StatelessContainer.dynamicInvoke(StatelessContainer.java:392) [:1.7.17]

          at org.jboss.ejb3.remoting.IsLocalInterceptor.invokeLocal(IsLocalInterceptor.java:88) [:1.7.17]

          at org.jboss.ejb3.remoting.IsLocalInterceptor.invoke(IsLocalInterceptor.java:75) [:1.7.17]

          at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]

          at org.jboss.ejb3.async.impl.interceptor.AsynchronousClientInterceptor.invoke(AsynchronousClientInterceptor.java:143) [:1.7.17]

          at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:102) [jboss-aop.jar:2.2.1.GA]

          at org.jboss.aspects.remoting.PojiProxy.invoke(PojiProxy.java:62) [:1.0.1.GA]

          at $Proxy304.invoke(Unknown Source)    at org.jboss.ejb3.proxy.impl.handler.session.SessionProxyInvocationHandlerBase.invoke(SessionProxyInvocationHandlerBase.java:185) [:1.0.11]

          at $Proxy293.checkAndRepairDB(Unknown Source)    at de.xcom.edesk.jboss.AdminService.checkAndRepairDB(AdminService.java:147)

          at de.xcom.edesk.jboss.AdminService.startService(AdminService.java:125)

          at org.jboss.system.ServiceMBeanSupport.jbossInternalStart(ServiceMBeanSupport.java:355) [:6.0.0.Final (Build SVNTag:JBoss_6.0.0.Final date: 20101228)]

          at org.jboss.system.ServiceMBeanSupport.start(ServiceMBeanSupport.java:248) [:6.0.0.Final (Build SVNTag:JBoss_6.0.0.Final date: 20101228)]

          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_25]

          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_25]

          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_25]

          at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_25]

          at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:157) [:6.0.0.GA]

          at org.jboss.mx.server.Invocation.dispatch(Invocation.java:96) [:6.0.0.GA]

          at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:138) [:6.0.0.GA]

          at org.jboss.mx.server.Invocation.invoke(Invocation.java:90) [:6.0.0.GA]

          at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:140) [:6.0.0.GA]

          at org.jboss.mx.server.Invocation.invoke(Invocation.java:90) [:6.0.0.GA]

          at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:271) [:6.0.0.GA]

          at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:670) [:6.0.0.GA]

          at org.jboss.system.microcontainer.ServiceProxy.invoke(ServiceProxy.java:206) [:2.2.0.GA]

          at $Proxy41.start(Unknown Source)    at org.jboss.system.microcontainer.StartStopLifecycleAction.installAction(StartStopLifecycleAction.java:53) [:2.2.0.GA]

          at org.jboss.system.microcontainer.StartStopLifecycleAction.installAction(StartStopLifecycleAction.java:41) [:2.2.0.GA]

          at org.jboss.dependency.plugins.action.SimpleControllerContextAction.simpleInstallAction(SimpleControllerContextAction.java:62) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.action.AccessControllerContextAction.install(AccessControllerContextAction.java:71) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractControllerContextActions.install(AbstractControllerContextActions.java:51) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractControllerContext.install(AbstractControllerContext.java:379) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.system.microcontainer.ServiceControllerContext.install(ServiceControllerContext.java:301) [:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.install(AbstractController.java:2044) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.incrementState(AbstractController.java:1083) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.executeOrIncrementStateDirectly(AbstractController.java:1322) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:1246) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:1139) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.install(AbstractController.java:894) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.install(AbstractController.java:641) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.deployers.vfs.deployer.kernel.BeanMetaDataDeployer.deploy(BeanMetaDataDeployer.java:182) [:2.2.0.GA]

          at org.jboss.deployers.vfs.deployer.kernel.BeanMetaDataDeployer.deploy(BeanMetaDataDeployer.java:58) [:2.2.0.GA]

          at org.jboss.deployers.spi.deployer.helpers.AbstractSimpleRealDeployer.internalDeploy(AbstractSimpleRealDeployer.java:62) [:2.2.0.GA]

          at org.jboss.deployers.spi.deployer.helpers.AbstractRealDeployer.deploy(AbstractRealDeployer.java:55) [:2.2.0.GA]

          at org.jboss.deployers.plugins.deployers.DeployerWrapper.deploy(DeployerWrapper.java:179) [:2.2.0.GA]

          at org.jboss.deployers.plugins.deployers.DeployersImpl.doDeploy(DeployersImpl.java:1832) [:2.2.0.GA]

          at org.jboss.deployers.plugins.deployers.DeployersImpl.doInstallParentFirst(DeployersImpl.java:1550) [:2.2.0.GA]

          at org.jboss.deployers.plugins.deployers.DeployersImpl.doInstallParentFirst(DeployersImpl.java:1571) [:2.2.0.GA]

          at org.jboss.deployers.plugins.deployers.DeployersImpl.doInstallParentFirst(DeployersImpl.java:1603) [:2.2.0.GA]

          at org.jboss.deployers.plugins.deployers.DeployersImpl.install(DeployersImpl.java:1491) [:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractControllerContext.install(AbstractControllerContext.java:379) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.install(AbstractController.java:2044) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.incrementState(AbstractController.java:1083) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.executeOrIncrementStateDirectly(AbstractController.java:1322) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:1246) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:1139) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.change(AbstractController.java:939) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.change(AbstractController.java:654) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.deployers.plugins.deployers.DeployersImpl.change(DeployersImpl.java:1983) [:2.2.0.GA]

          at org.jboss.deployers.plugins.deployers.DeployersImpl.process(DeployersImpl.java:1076) [:2.2.0.GA]

          at org.jboss.deployers.plugins.main.MainDeployerImpl.process(MainDeployerImpl.java:679) [:2.2.0.GA]

          at org.jboss.system.server.profileservice.deployers.MainDeployerPlugin.process(MainDeployerPlugin.java:106) [:6.0.0.Final]

          at org.jboss.profileservice.dependency.ProfileControllerContext$DelegateDeployer.process(ProfileControllerContext.java:143) [:0.2.2]

          at org.jboss.profileservice.dependency.ProfileDeployAction.deploy(ProfileDeployAction.java:151) [:0.2.2]

          at org.jboss.profileservice.dependency.ProfileDeployAction.installActionInternal(ProfileDeployAction.java:94) [:0.2.2]

          at org.jboss.kernel.plugins.dependency.InstallsAwareAction.installAction(InstallsAwareAction.java:54) [jboss-kernel.jar:2.2.0.GA]

          at org.jboss.kernel.plugins.dependency.InstallsAwareAction.installAction(InstallsAwareAction.java:42) [jboss-kernel.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.action.SimpleControllerContextAction.simpleInstallAction(SimpleControllerContextAction.java:62) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.action.AccessControllerContextAction.install(AccessControllerContextAction.java:71) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractControllerContextActions.install(AbstractControllerContextActions.java:51) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractControllerContext.install(AbstractControllerContext.java:379) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.install(AbstractController.java:2044) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.incrementState(AbstractController.java:1083) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.executeOrIncrementStateDirectly(AbstractController.java:1322) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:1246) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.resolveContexts(AbstractController.java:1139) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.change(AbstractController.java:939) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.dependency.plugins.AbstractController.change(AbstractController.java:654) [jboss-dependency.jar:2.2.0.GA]

          at org.jboss.profileservice.dependency.ProfileActivationWrapper$BasicProfileActivation.start(ProfileActivationWrapper.java:190) [:0.2.2]

          at org.jboss.profileservice.dependency.ProfileActivationWrapper.start(ProfileActivationWrapper.java:87) [:0.2.2]

          at org.jboss.profileservice.dependency.ProfileActivationService.activateProfile(ProfileActivationService.java:215) [:0.2.2]

          at org.jboss.profileservice.dependency.ProfileActivationService.activate(ProfileActivationService.java:159) [:0.2.2]

          at org.jboss.profileservice.bootstrap.AbstractProfileServiceBootstrap.activate(AbstractProfileServiceBootstrap.java:112) [:0.2.2]

          at org.jboss.profileservice.resolver.BasicResolverFactory$ProfileResolverFacade.deploy(BasicResolverFactory.java:87) [:0.2.2]

          at org.jboss.profileservice.bootstrap.AbstractProfileServiceBootstrap.start(AbstractProfileServiceBootstrap.java:91) [:0.2.2]

          at org.jboss.system.server.profileservice.bootstrap.BasicProfileServiceBootstrap.start(BasicProfileServiceBootstrap.java:132) [:6.0.0.Final]

          at org.jboss.system.server.profileservice.bootstrap.BasicProfileServiceBootstrap.start(BasicProfileServiceBootstrap.java:56) [:6.0.0.Final]

          at org.jboss.bootstrap.impl.base.server.AbstractServer.startBootstraps(AbstractServer.java:827) [jboss-bootstrap-impl-base.jar:2.1.0-alpha-5]

          at org.jboss.bootstrap.impl.base.server.AbstractServer$StartServerTask.run(AbstractServer.java:417) [jboss-bootstrap-impl-base.jar:2.1.0-alpha-5]

          at java.lang.Thread.run(Thread.java:662) [:1.6.0_25]

       

      11:29:06,684 ERROR [ProfileServiceBootstrap] Failed to load profile:: org.jboss.deployers.client.spi.IncompleteDeploymentException: Summary of incomplete deployments (SEE PREVIOUS ERRORS FOR DETAILS):

       

      DEPLOYMENTS IN ERROR:

        Deployment "eDesk:service=Admin" is in error due to the following reason(s): javax.ejb.EJBAccessException: Invalid User

       

          at org.jboss.deployers.plugins.deployers.DeployersImpl.checkComplete(DeployersImpl.java:1228) [:2.2.0.GA]

          at org.jboss.deployers.plugins.main.MainDeployerImpl.checkComplete(MainDeployerImpl.java:905) [:2.2.0.GA]

          at org.jboss.system.server.profileservice.deployers.MainDeployerPlugin.checkComplete(MainDeployerPlugin.java:87) [:6.0.0.Final]

          at org.jboss.profileservice.deployment.ProfileDeployerPluginRegistry.checkAllComplete(ProfileDeployerPluginRegistry.java:107) [:0.2.2]

          at org.jboss.system.server.profileservice.bootstrap.BasicProfileServiceBootstrap.start(BasicProfileServiceBootstrap.java:135) [:6.0.0.Final]

          at org.jboss.system.server.profileservice.bootstrap.BasicProfileServiceBootstrap.start(BasicProfileServiceBootstrap.java:56) [:6.0.0.Final]

          at org.jboss.bootstrap.impl.base.server.AbstractServer.startBootstraps(AbstractServer.java:827) [jboss-bootstrap-impl-base.jar:2.1.0-alpha-5]

          at org.jboss.bootstrap.impl.base.server.AbstractServer$StartServerTask.run(AbstractServer.java:417) [jboss-bootstrap-impl-base.jar:2.1.0-alpha-5]

          at java.lang.Thread.run(Thread.java:662) [:1.6.0_25]

       

       

      eDesk:service:Admin is configure in a jboss-service.xml of my edask-admin.sar. This sar-File is in an ear-File

       

      jboss-service.xml:

       

      <?xml version="1.0" encoding="UTF-8"?>

      <!DOCTYPE server

          PUBLIC "-//JBoss//DTD MBean Service 5.0//EN"

          "http://www.jboss.org/j2ee/dtd/jboss-service_5_0.dtd">

       

      <server>

          <mbean code="de.xcom.edesk.jboss.AdminService" name="eDesk:service=Admin" xmbean-dd="">

              <xmbean>

                  <description>

                      This MBean lets a System Admin initialize the eDesk system.

                  </description>

                  <class>de.xcom.edesk.jboss.AdminService</class>

                  <constructor>

                      <description>The no-arg constructor</description>

                      <name>de.xcom.edesk.jboss.AdminService</name>

                  </constructor>

       

                  <attribute name="Version" access="read-only" getMethod="getVersion">

                      <description>Main-Version of XLINE-Server</description>

                      <name>Version</name>

                      <type>java.lang.String</type>

                  </attribute>

                  <attribute name="Build-Version" access="read-write" getMethod="getServerVersion" setMethod="setServerVersion">

                      <description>Build-Version of XLINE-Server. Don't change it in productive Environments!!</description>

                      <name>Build-Version</name>

                      <type>java.lang.String</type>

                  </attribute>

                  <attribute name="Encryption" access="read-only" getMethod="isEncryptionActivated">

                      <description>Encryption activated</description>

                      <name>Encryption activated</name>

                      <type>boolean</type>

                  </attribute>

                  <operation>

                      <description>Checks the connections to LDAP, DocArchiv and BankSystem.

                      </description>

                      <name>checkExternalConnections</name>

                      <return-type>java.lang.String</return-type>

                  </operation>

                  <operation>

                      <description>Tries to switch current LDAP server IP to the given value.

                      If the server is not reachable, normal fail over is started to determine a running LDAP server.

                      </description>

                      <name>setCurrentLdapServer</name>

                      <parameter>

                          <description>The IP to set</description>

                          <name>IP</name>

                          <type>java.lang.String</type>

                      </parameter>

                      <return-type>java.lang.String</return-type>

                  </operation>

                  <operation>

                      <description>Reads the configured workflow processes and redeploys them.

                      </description>

                      <name>redeployProcessDefinitions</name>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Initialize key store. Must be called on new systems to primary initialize the key store.

                      </description>

                      <name>initializeKeyStore</name>

                      <return-type>java.lang.String</return-type>

                  </operation>

                  <operation>

                      <description>Reloads security key.</description>

                      <name>loadSecurityKey</name>

                      <return-type>java.lang.String</return-type>

                  </operation>

                  <operation>

                      <description>Adds a new QueryFolder with a defined SQL Query

                      </description>

                      <name>addQueryFolder</name>

                      <parameter>

                          <description>The name of the folder(view)</description>

                          <name>folderName</name>

                          <type>java.lang.String</type>

                      </parameter>

                      <parameter>

                          <description>A defined SQL query</description>

                          <name>sqlQuery</name>

                          <type>java.lang.String</type>

                      </parameter>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Reads the LDAP DB and lists the users and groups.

                      This method can be used to debug problems on server installations.

                      </description>

                      <name>listLdapRecords</name>

                      <parameter>

                          <description>The IP address of the LDAP server</description>

                          <name>ldapIdAddress</name>

                          <type>java.lang.String</type>

                      </parameter>

                      <parameter>

                          <description>The name of the LDAP field to be used as the user's unique, unchanging id.</description>

                          <name>uidFieldName</name>

                          <type>java.lang.String</type>

                      </parameter>

                      <return-type>java.lang.String</return-type>

                  </operation>

                  <operation>

                      <description>Dumps the envelope as XML into a file on the server.

                      </description>

                      <name>dumpXML</name>

                      <parameter>

                          <description>The id of the Envelope</description>

                          <name>envelopeId</name>

                          <type>java.lang.Long</type>

                      </parameter>

                      <parameter>

                          <description>The path of the file to write to</description>

                          <name>filepath</name>

                          <type>java.lang.String</type>

                      </parameter>

                      <return-type>java.lang.String</return-type>

                  </operation>

                   <operation>

                      <description>Dumps the blob from a File Value into a file on the server.

                      </description>

                      <name>dumpBlob</name>

                      <parameter>

                          <description>The id of the Attr_Value record</description>

                          <name>attrValueId</name>

                          <type>java.lang.Long</type>

                      </parameter>

                      <parameter>

                          <description>The directory to write to including the /</description>

                          <name>path</name>

                          <type>java.lang.String</type>

                      </parameter>

                      <return-type>java.lang.String</return-type>

                  </operation>

                  <operation>

                      <description>Add a Role to a Group. The system will automatically create the Role or

                      the Group if they do not exist.

                      </description>

                      <name>addRoleGroup</name>

                      <parameter>

                          <description>The name of the Role</description>

                          <name>role</name>

                          <type>java.lang.String</type>

                      </parameter>

                      <parameter>

                          <description>The name of the Group</description>

                          <name>group</name>

                          <type>java.lang.String</type>

                      </parameter>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Initializes the DB, creating any needed Envelope Types and AttributeDefinitions.

                      </description>

                      <name>checkAndRepairDB</name>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Create an internal User.

                      </description>

                      <name>createInternalUser</name>

                      <parameter>

                          <description>The name of the User to register</description>

                          <name>username</name>

                          <type>java.lang.String</type>

                      </parameter>

                      <parameter>

                          <description>The clear text password to setup</description>

                          <name>password</name>

                          <type>java.lang.String</type>

                      </parameter>

                      <parameter>

                          <description>The name of the initial LdapGroup to set this user with</description>

                          <name>group</name>

                          <type>java.lang.String</type>

                      </parameter>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Clears the JAAS authentication cache.

                      </description>

                      <name>clearJAASAuthenticationCache</name>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Resets the hash value of all BinaryContent records.

                      </description>

                      <name>resetHashValues</name>

                      <return-type>int</return-type>

                  </operation>

                  <operation>

                      <description>Reads the LDAP DB and updates the users and groups.

                      </description>

                      <name>readLdap</name>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>loads default user configuration</description>

                      <name>loadUserConfigDefaults</name>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Refresh redundant data in PROCESS table.

                      </description>

                      <name>refreshAllProcesses</name>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Adds a named surveillance handler to a folder.</description>

                      <name>addFolderSurveillanceEventHandler</name>

                      <parameter>

                          <description>The id of the folder to be surveilled</description>

                          <name>folderId</name>

                          <type>java.lang.Long</type>

                      </parameter>

                      <parameter>

                          <description>The name of the implementing event handler class</description>

                          <name>className</name>

                          <type>java.lang.String</type>

                      </parameter>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Applies erms access rights to a specific folder.</description>

                      <name>setERMSFolderRights</name>

                      <parameter>

                          <description>The id of the folder to apply erms access rights</description>

                          <name>folderId</name>

                          <type>java.lang.Long</type>

                      </parameter>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Selects current version of all active documents and applies business rules</description>

                      <name>executeRulesForAllDocuments</name>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Selects current version of all active documents and applies a subset of business rools (test only)</description>

                      <name>executeRuletypesForAllDocuments</name>

                      <parameter>

                          <description>Regeltyp 1</description>

                          <name>ruletype1</name>

                          <type>java.lang.String</type>

                      </parameter>

                      <parameter>

                          <description>Regeltyp 2</description>

                          <name>ruletype2</name>

                          <type>java.lang.String</type>

                      </parameter>

                      <parameter>

                          <description>Regeltyp 3</description>

                          <name>ruletype3</name>

                          <type>java.lang.String</type>

                      </parameter>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Regenerates all rule definitions (only needed for bug fixing troubleshooting)</description>

                      <name>regenerateRuleDefinitions</name>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Triggers refresh of the rule simulation cache. If a refresh is currently in progress, an exception

                      will be thrown. In that case, call cancelRefreshOfSimulationCache first.</description>

                      <name>triggerRefreshOfSimulationCache</name>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Cancels a currently running refresh operation of the rule simulation cache.</description>

                      <name>cancelRefreshOfSimulationCache</name>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Starts the service.</description>

                      <name>start</name>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Stops the service.</description>

                      <name>stop</name>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Creates the service.</description>

                      <name>create</name>

                      <return-type>void</return-type>

                  </operation>

                  <operation>

                      <description>Destroys the service.</description>

                      <name>destroy</name>

                      <return-type>void</return-type>

                  </operation>

              </xmbean>

              <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=EncryptionProviderEJB,service=EJB3</depends>

              <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=ExternalUserManagerImpl,service=EJB3</depends>

              <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=UserConfigReaderImpl,service=EJB3</depends>

              <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=MessageManagerImpl,service=EJB3</depends>

              <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=ImportManagerEJB3Impl,service=EJB3</depends>

              <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=MandantManagerImpl,service=EJB3</depends>

              <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=EnvelopeManagerEJB,service=EJB3</depends>

              <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=ArchiveManagerImpl,service=EJB3</depends>

              <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=SecurityManagerImpl,service=EJB3</depends>

              <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=RulesManagerImpl,service=EJB3</depends>

              <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=PolicyManagerEJB,service=EJB3</depends>

              <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=PolicyManagerImpl,service=EJB3</depends>

              <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=InternalSecurityManagerImpl,service=EJB3</depends>

              <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=ProcessManagerImpl,service=EJB3</depends>

              <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=JobEngine,service=EJB3</depends>   

              <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=FolderManagerEJB,service=EJB3</depends>

          </mbean>

          <!-- 

          <mbean code="org.jboss.mq.server.jmx.Queue" name="jboss.mq.destination:service=Queue,name=edesk-pdf-converter">

              <attribute name="JNDIName">queue/edesk/pdf-converter</attribute>

              <depends optional-attribute-name="DestinationManager">jboss.mq:service=DestinationManager</depends>

          </mbean>

          -->

      </server>

       

       

      I hope anyone can help me soon!!!!  Please!!!!!!!

        • 1. Re: own LdapLoginModul in JBoss 6
          Wolfgang Knauf Master

          Hi Carmen,

           

          so, you have a service method "de.xcom.edesk.jboss.AdminService.checkAndRepairDB", which is called when the service is started? I assume that this method tries to call a secured EJB method, and this fails? Is this correct?

           

          If yes: does the service method log in to the server?

           

          Best regards

           

          Wolfgang

          • 2. Re: own LdapLoginModul in JBoss 6
            Carmen Teich Newbie

            The AdminService is not at the JMX Console because the deplyoing is failed. In Jboss 4.2 the depends in the jboss-serivce.xml looks like this:

             

            <depends>jboss.j2ee:module=beans.jar,service=EJB3</depends>

             

            but this is not ok in JBoss6 (Error depends missing) and I found in this forus that I have to depend at the specify beans and not the hole module.

            Maybe the depends are not completely?

             

            At first I try the Login using a xml-file edesk-login-config.xml and edesk-security-service.xml, but I have the same Error. The server dont use my EdeskLdapLoginModul, the server use the standard UserRoleModul. Can I anywhere say to the server, that he had to use my EdeskLdapLoginModul?

             

            edesk-login-config.xml:

             

            <?xml version='1.0'?>

            <!DOCTYPE policy PUBLIC

                  "-//JBoss//DTD JBOSS Security Config 3.0//EN"

                  "http://www.jboss.org/j2ee/dtd/security_config.dtd">

             

            <policy>

                <!-- Used by edesk server -->

                <application-policy name="edesk">

                    <authentication>

                        <login-module code="de.xcom.edesk.jboss.EdeskLdapLoginModule" flag="required">

                            <!-- Connect to XCOM Domino Server to use the Notes DB for authentication -->

                            <module-option name="ExternalUserManagerJNDI">ejb3/edesk/LocalExternalUserManagerImpl</module-option>

                            <!--

                                The URL for the LDAP connection. Do not specify a port. By default, port 389 is used.

                                To specify an ssl connection, use the java.naming.security.protocol option.

                                The default value is: ldap://localhost

                            -->

                            <module-option name="ldap.servers">10.40.21.32</module-option>

                            <!--

                                The security to use on the connection. The default is to use no security.

                                Set this option to ssl for an ssl connection on port 636.

                            -->

                            <module-option name="java.naming.security.protocol">none</module-option>

             

                            <module-option name="unauthenticatedIdentity">Nobody</module-option>

             

                            <module-option name="java.naming.security.authentication">simple</module-option>

                            <!--

                                The name of the attribute that identifies a User uniquely. This value can never change.

                                Some LDAP systems don't have an immutable User id. In these cases, the name of the User

                                can be used, but the User can never change their name.

                            -->

                            <module-option name="userUID">uid</module-option>

                            <!--

                                The name of the attribute in the person LDAP object containing extra information. Up

                                to 9 of these are supported, named "userAttr1", "userAttr2", ... "userAttr9".

                                The value is either the name of the ldap field, or the name and an optional description. The

                                name and description are separated by a comma.

                            -->

                            <module-option name="userAttr1">companyname, Firma</module-option>

                            <module-option name="userAttr2">mail, Email Adresse</module-option>

                            <module-option name="userAttr3"></module-option>

                            <module-option name="userAttr4"></module-option>

                            <module-option name="userAttr5"></module-option>

                            <module-option name="userAttr6"></module-option>

                            <module-option name="userAttr7"></module-option>

                            <module-option name="userAttr8"></module-option>

                            <module-option name="userAttr9"></module-option>

                        </login-module>

                       

                    </authentication>

                </application-policy>

            </policy>

             

            edesk-security-service.xml:

             

            <?xml version='1.0' encoding='UTF-8'?>

             

            <server>

                <!-- The custom JAAS login configuration that installs

                    a Configuration capable of dynamically updating the

                    config settings

                -->

                <mbean code="org.jboss.security.auth.login.DynamicLoginConfig" name="eDesk:service=LoginConfig-SRV">

                   

                    <attribute name="AuthConfig">META-INF/edesk-login-config.xml</attribute>

                    <!-- The service which supports dynamic processing of login-config.xml configurations.

                    -->

                    <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=ExternalUserManagerImpl,service=EJB3</depends>

                    <depends>jboss.j2ee:ear=edesk4postgres.ear,jar=beans.jar,name=InternalSecurityManagerImpl,service=EJB3</depends>

             

                    <depends optional-attribute-name="LoginConfigService">jboss.security:service=XMLLoginConfig</depends>

                    <!-- Optionally specify the security mgr service to use when

                    this service is stopped to flush the auth caches of the domains

                    registered by this service.

                    -->

                    <depends optional-attribute-name="SecurityManagerService">jboss.security:service=JaasSecurityManager</depends>  

                </mbean>

             

            </server>

             

            I dont know how I migrate the Login from Jboss4.2 to jboss6