1 Reply Latest reply on Oct 26, 2010 3:53 AM by Florian Quadt

    Seam with LDAP

    Bruno Krebs Newbie

      Hello there,

      I'm having trouble to configure an LDAP Identity Manager within seam (2.2.0.GA). I have read a lot of posts, blogs and references but I can´t figure it out how to fix it. So I hope someone here can help me.

      What I want to do is to make people login to my application using their user and password from the LDAP. So I configured the components.xml like this:

                      enabled-attribute="enabled" />
              <security:identity-manager name="identityManager" identity-store="#{ldapIdentityStore}"/>

      This is probably the source of the problem, since I'm not an expert in LDAP (actually this is the first time that I'm using it). The main doubts that I have about this configuration are:

      the real meaning of bind-DN: do I have to put a valid user here to connect to ldap so seam can query it to see if the users passed to it are valid?

      Are the role parameters (role-name-attribute, role-context-DN important to just authenticate the user?

      After that I have my LoginAction class that looks like this:

      package br.com.dbccompany.fiergs.controle;
      // imports
      public class LoginAction {
              private EntityManager entityManager;
              @Out(required=false, scope = ScopeType.SESSION)
              private Usuario usuario;
              private FacesMessages facesMessages;
              private IdentityManager identityManager;
              private String user;
              private String senha;
              //getters and setters
              public String loga() {
                      if (identityManager.authenticate(user, senha)) {
                              return "true";
                      } else {
                              facesMessages.add("Usuário inválido");
                              return "false";

      So as you can see I use the identityManager object, instantiated by seam, to authenticate the user using the parameters passed to it. By the way senha means password.

      Well, my application is running, but when I pass my credentials (user and password that I use in this LDAP domain) to LoginAction.loga it returns false. And when I try another combination, like something that I make up, wrong users and passwords, an Exception is thrown. This is the exception:

      SEVERE: org.jboss.seam.security.management.IdentityManagementException: Authentication error
      javax.faces.el.EvaluationException: org.jboss.seam.security.management.IdentityManagementException: Authentication error
      Caused by: org.jboss.seam.security.management.IdentityManagementException: Authentication error
      Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334

      Can someone help me configuring this?

      Thanks in advance!
      Bruno Krebs