-
1. Re: How to stop logging Login failure javax.security.auth.login.FailedLoginException
dnorris Mar 26, 2012 2:35 PM (in response to dnorris)SOLVED: Added <module-option name="unauthenticatedIdentity" value="guest"/>
-
2. Re: How to stop logging Login failure javax.security.auth.login.FailedLoginException
wilsonfu May 25, 2012 3:29 AM (in response to dnorris)Thanks for the solution. I have also tried this method but still failed to get rid of the ERROR message when the ID/password is not matched.
Beside update the standalone.xml, what else should we update? Would you show me the complete set of the configuration for LDAP?
Your help is very much appreciated!
----
Here is my configuration:
<security-domain name="LDAPRealm">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="java.naming.provider.url" value="ldaps://10.106.182.193:10636"/>
<module-option name="java.naming.security.authentication" value="simple"/>
<module-option name="bindDN" value="cn=Manager,dc=com,dc=hk"/>
<module-option name="bindCredential" value="secret"/>
<module-option name="baseCtxDN" value="ou=people,dc=com,dc=hk"/>
<module-option name="baseFilter" value="(uid={0})"/>
<module-option name="roleFilter" value="(uniqueMember={1})"/>
<module-option name="roleNameAttributeID" value="cn"/>
<module-option name="allowEmptyPasswords" value="false"/>
<module-option name="Context.REFERRAL" value="follow"/>
<module-option name="throwValidateError" value="true"/>
<module-option name="allowEmptyPasswords" value="true"/>
<module-option name="principalDNPrefix" value="uid="/>
<module-option name="principalDNSuffix" value="ou=people,dc=com,dc=hk"/>
<module-option name="rolesCtxDN" value="ou=roles,dc=com,dc=hk"/>
<module-option name="uidAttributeID" value="uniqueMember"/>
<module-option name="matchOnUserDN" value="true"/>
<module-option name="roleAttributeID" value="cn"/>
<module-option name="roleAttributeIsDN" value="false"/>
<module-option name="roleRecursion" value="0"/>
<module-option name="unauthenticatedIdentity" value="guest"/>
</login-module>
</authentication>
</security-domain>
</security-domains>
-
3. Re: How to stop logging Login failure javax.security.auth.login.FailedLoginException
dnorris May 29, 2012 8:16 AM (in response to wilsonfu)I don't use LDAP. I use waffle NTLM as all our PC's and Servers run Windows. However, I'm sure it's irrelevant because we just need a way to get the user name and (possibly) password.
I found I also have <module-option name="allowEmptyPasswords" value="false"/>
When I set it to true I got the errors again.
In my case a user will not have or need a password. So, I just give JBoss some string so it will stop complaining.
-
4. Re: How to stop logging Login failure javax.security.auth.login.FailedLoginException
ixi Jun 3, 2012 7:23 AM (in response to dnorris)Hello, I have exactly the same problem, unfortunately the solution posted here doesn't work for me. I don't really know what else to do.
-
5. Re: How to stop logging Login failure javax.security.auth.login.FailedLoginException
icemaker Nov 27, 2015 9:52 AM (in response to dnorris)Also tried the solution. It does not work.