1 Reply Latest reply on May 27, 2014 12:06 PM by daniel stephens

    LDAP Active Directory Server configuration - JBoss AS 7 - Migration issue.

    Sans Kum Newbie

      Hi,

       

      we are migrating from JBoss 3.x to 7.1.1.Final.

       

      For LDAP authentication, the logic is in Java code. I tried to use it with JBoss AS 7 Ldap Active Directory configuration. But, couldn't find much information about this?

       

      public boolean authenticate() {  
      
              try {  
                  LOGGER.info("authenticate - START");  
      
                  LOGGER.info("Attempting to validate user : ["+this.userName+"]");  
      
                  GenericLDAPLoginUtil genericLDAPLoginUtil = new GenericLDAPLoginUtil();  
      
                  Hashtable<String, String> envHTable = getEnvironmentTable();  
      
                  DirContext ctx = new InitialLdapContext(envHTable, null);  
                  SearchControls searchCtls = new SearchControls();  
                  String returnedAtts[] = { "cn", "givenName" };  
                  searchCtls.setReturningAttributes(returnedAtts);  
                  searchCtls.setSearchScope(SearchControls.SUBTREE_SCOPE);  
      
                  String searchFilter = "(&(sAMAccountName=" + this.userName + ")(objectCategory=user))";  
                  String searchBase = "DC=group,DC=net";  
      
                  int totalResults = 0;  
                  NamingEnumeration<SearchResult> answer = ctx.search(searchBase, searchFilter, searchCtls);  
                  String ouName = null;  
                  while (answer.hasMoreElements()) {  
                      SearchResult searchResult = answer.next();  
                      totalResults++;  
                      ouName = searchResult.getName();  
                      Attributes attrs = searchResult.getAttributes();  
                      if (attrs != null) {  
                          try {  
                              LOGGER.info(" surname: " + attrs.get("cn").get());  
                              LOGGER.info(" firstname: " + attrs.get("givenName").get());  
                          } catch (NullPointerException e) {  
                              LOGGER.info("Errors listing attributes: " + e);  
                          }  
                      }  
                  }  
                  LOGGER.info("Total results: " + totalResults);  
                  ctx.close();  
                  if (totalResults > 0) {  
                      String adminName = ouName + ",dc=group,dc=net";  
                      envHTable = getEnvironmentTable(adminName,this.password);  
      
                      DirContext ctx1 = new InitialLdapContext(envHTable, null);  
                      ctx1.close();  
                      return true;  
                  } else {  
                      return false;  
                  }  
              } catch (NamingException exception) {  
                  LOGGER.error("Problem searching directory: " + exception);  
                  return false;  
              } catch (Exception exception) {  
                  LOGGER.error("Unhandled Exception: " + exception);  
                  return false;  
              } finally {  
                  LOGGER.info("authenticate - END");  
              }  
          }  
      
      public Hashtable<String, String> getEnvironmentTable(String aName, String aPassword, String newUrl){  
              Hashtable<String, String> envHTable = new Hashtable<String, String>();  
              envHTable.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");  
              envHTable.put(Context.SECURITY_AUTHENTICATION, "simple");  
              envHTable.put(Context.SECURITY_PRINCIPAL, aName);  
              envHTable.put(Context.SECURITY_CREDENTIALS, aPassword);  
              envHTable.put(Context.PROVIDER_URL, newUrl);  
              LOGGER.info("envHashTable : " + envHTable);  
              return envHTable;  
          }  
      
          public Hashtable<String, String> getEnvironmentTable(){  
              return getEnvironmentTable("LDapAdminName", "password", "ldap://MyLDAPServerName:389");  
          }  
      
          public Hashtable<String, String> getEnvironmentTable(String aName, String aPassword){  
              return getEnvironmentTable(aName, aPassword, "ldap://MyLDAPServerName:389");  
          }
      

       

      I tried to configure this on JBoss AS 7 --> standalone.xml. But, no luck. Always failing with some issue.

       

       

       

      <security-domain name="ldap_web_client_security" cache-type="default">  
                          <authentication>  
                              <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">  
                                  <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>  
                                  <module-option name="java.naming.provider.url" value="ldap://MyLDAPServerName:389"/>  
                                  <module-option name="java.naming.security.authentication" value="simple"/>  
                                  <module-option name="java.naming.security.principal" value="LDapAdminName"/>  
                                  <module-option name="java.naming.security.credentials" value="password"/>  
                                  <module-option name="allowEmptyPasswords" value="false"/>  
                                  <module-option name="searchScope" value="SUBTREE_SCOPE"/>  
                                  <module-option name="throwValidateError" value="true"/>  
      
                                  <module-option name="baseCtxDN" value="DC=group,DC=net"/>  
                                  <module-option name="baseFilter" value="(sAMAccountName={0})"/>  
      
                              </login-module>  
                          </authentication>  
                      </security-domain>
      

       


      Could anyone help me please? I tried, all possibilities... everything fails. Please help me.