0 Replies Latest reply on Jul 23, 2012 1:33 PM by chandrasachin16

    Problems with JBPM 5.3

    chandrasachin16 Newbie

      Hi All,      

            I have been working with JBPM 5.2 for quite sometime and currently started with 5.3. I had explored a link  ( http://mswiderski.blogspot.in/2012/05/jbpm-53-brings-ldap-into-picture.html )  which tells that JBPM 5.3 can be integerated with LDAP .I had gone through the link and also explored the JBOSS AS 7 document for configuring with LDAP.I am trying to integerate JBPM 5.3 with Microsoft Active Directory, however I am facing some problems. As mentioned in the document I had configured my standalone.xml with the following :

       

      <security-domain name="jbpm-console" cache-type="default">

                          <authentication>

                              <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">

                                  <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>

                                  <module-option name="java.naming.provider.url" value="ldap://IPAddress:389"/>

                                  <module-option name="java.naming.security.authentication" value="simple"/>

                                  <module-option name="bindDN" value="CN=Sachin Chandra,CN=Users,DC=performixpune,DC=com"/>

                                  <module-option name="bindCredential" value="myuser345"/>

                                  <module-option name="baseDN" value="CN=Users,DC=performixpune,DC=com"/>

                                  <module-option name="baseFilter" value="(sAMAccountName={0})"/>

                                  <module-option name="rolesCtxDN" value="CN=Users,DC=performixpune,DC=com"/>

                                  <module-option name="roleAttributeID" value="memberOf"/>

                                  <module-option name="roleAttributeIsDN" value="true"/>

                                  <module-option name="roleFilter" value="(member={1})"/>

                                  <module-option name="searchScope" value="SUBTREE_SCOPE"/>

                                  <module-option name="throwValidateError" value="true"/>

                                  <module-option name="allowEmptyPasswords" value="true"/>

                              </login-module>

                          </authentication>

      </security-domain>

       

      My Active directory ldif file is somewhat like given below  ----- :

       

      dn: CN=Sachin Chandra,CN=Users,DC=performixpune,DC=com

      changetype: add

      objectClass: top

      objectClass: person

      objectClass: organizationalPerson

      objectClass: user

      cn: Sachin Chandra

      sn: Chandra

      givenName: Sachin

      distinguishedName: CN=Sachin Chandra,CN=Users,DC=performixpune,DC=com

      instanceType: 4

      whenCreated: 20120711110150.0Z

      whenChanged: 20120711110209.0Z

      displayName: Sachin Chandra

      uSNCreated: 163824

      uSNChanged: 163830

      name: Sachin Chandra

      objectGUID:: BNoV31Y1eE6kBwd2Bks64w==

      userAccountControl: 66048

      badPwdCount: 0

      codePage: 0

      countryCode: 0

      badPasswordTime: 129870781036451250

      lastLogoff: 0

      lastLogon: 129870781158638750

      pwdLastSet: 129864781106588750

      primaryGroupID: 513

      objectSid:: AQUAAAAAAAUVAAAAVIqQajNW1nCni/tpyAQAAA==

      accountExpires: 9223372036854775807

      logonCount: 0

      sAMAccountName: sachinc

      sAMAccountType: 805306368

      objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=performixpune,DC=com

      dSCorePropagationData: 16010101000000.0Z

       

       

      I am able to  start my server without any problems.My ear files are getting deployed but I am not able to login into my JBPM console .My server log shows the following error -------

       

      13:01:18,842 INFO  [solder-servlet] (MSC service thread 1-1) Catch Integration for Servlets enabled

      13:01:18,877 INFO  [org.jboss.web] (MSC service thread 1-1) registering web context: /drools-guvnor

      13:01:19,052 INFO  [org.jboss.as.server.controller] (DeploymentScanner-threads - 2) Deployed "jbpm-human-task-war.war"

      13:01:19,052 INFO  [org.jboss.as.server.controller] (DeploymentScanner-threads - 2) Deployed "jbpm-gwt-console.war"

      13:01:19,053 INFO  [org.jboss.as.server.controller] (DeploymentScanner-threads - 2) Deployed "jbpm-gwt-console-server.war"

      13:01:19,053 INFO  [org.jboss.as.server.controller] (DeploymentScanner-threads - 2) Deployed "jbpm-form-builder.war"

      13:01:19,053 INFO  [org.jboss.as.server.controller] (DeploymentScanner-threads - 2) Deployed "drools-guvnor.war"

      13:01:19,053 INFO  [org.jboss.as.server.controller] (DeploymentScanner-threads - 2) Deployed "designer.war"

      13:02:53,430 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http-localhost-127.0.0.1-8080-2) Login failure: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required

          at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:252) [picketbox-4.0.1.jar:4.0.1]

          at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [:1.6.0_24]

          at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) [:1.6.0_24]

          at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) [:1.6.0_24]

          at java.lang.reflect.Method.invoke(Method.java:597) [:1.6.0_24]

          at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) [:1.6.0_24]

          at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) [:1.6.0_24]

          at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) [:1.6.0_24]

          at java.security.AccessController.doPrivileged(Native Method) [:1.6.0_24]

          at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) [:1.6.0_24]

          at javax.security.auth.login.LoginContext.login(LoginContext.java:579) [:1.6.0_24]

          at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:411) [picketbox-infinispan-4.0.1.jar:4.0.1]

          at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:345) [picketbox-infinispan-4.0.1.jar:4.0.1]

          at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:154) [picketbox-infinispan-4.0.1.jar:4.0.1]

          at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:127) [jboss-as-web-7.0.2.Final.jar:7.0.2.Final]

          at org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:280) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:372) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.jboss.as.web.NamingValve.invoke(NamingValve.java:57) [jboss-as-web-7.0.2.Final.jar:7.0.2.Final]

          at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:154) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:667) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:952) [jbossweb-7.0.1.Final.jar:7.0.2.Final]

          at java.lang.Thread.run(Thread.java:662) [:1.6.0_24]

      Caused by: java.lang.NullPointerException

          at javax.naming.NameImpl.<init>(NameImpl.java:264) [:1.6.0_24]

          at javax.naming.CompositeName.<init>(CompositeName.java:214) [:1.6.0_24]

          at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:358) [:1.6.0_24]

          at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:267) [:1.6.0_24]

          at org.jboss.security.auth.spi.LdapExtLoginModule.bindDNAuthentication(LdapExtLoginModule.java:471) [picketbox-4.0.1.jar:4.0.1]

          at org.jboss.security.auth.spi.LdapExtLoginModule.createLdapInitContext(LdapExtLoginModule.java:431) [picketbox-4.0.1.jar:4.0.1]

          at org.jboss.security.auth.spi.LdapExtLoginModule.validatePassword(LdapExtLoginModule.java:310) [picketbox-4.0.1.jar:4.0.1]

          at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:249) [picketbox-4.0.1.jar:4.0.1]

       

       

      I am able to access the Active directory using a client tool( Active Directory tool ) but with JBOSS it's not working . I have tried with different things but not able to trace what is the cause of this .Can anybody please guide me where  am I going wrong.

       

       

      Regards

      Sachin