0 Replies Latest reply on Jul 11, 2013 4:49 AM by Stanislav Ivanov

    Problem using LdapExtLoginModule - javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required

    Stanislav Ivanov Newbie

      Hi!

       

      We are exposing a web service via ESB service using JBoss SOA Platform Version 5.3.0.GA.

      In the jboss-esb.xml for that service we define the following:

       

      <service

      category="SampleServiceCategory"

      name="SampleServiceName"

      description="SampleService description">

      <security moduleName="testLDAP"

              >

      <property name="org.jboss.soa.esb.services.security.contextTimeout" value="100000"/>

      </security>

      <listeners>

       

      In the login-config.xml on the server, we define the following:

       

      <application-policy name="testLDAP">

      <authentication>

      <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">

      <module-option name="java.naming.provider.url" value="ldap\://192.168.**.**\:389"/>

      <module-option name="java.naming.referral" value="follow"/>

      <module-option name="bindDN" value="cn\=admin,cn\=Users,dc\=admin,dc\=org"/> <!-- admin@admin.org-->

      <module-option name="bindCredential">******</module-option>

      <module-option name="baseCtxDN" value="ou\=alabala,dc\=admin,dc\=org"/>

      <module-option name="baseFilter" value="(sAMAccountName={0})"/>

      <module-option name="rolesCtxDN" value="ou\=alabala,dc\=admin,dc\=org"/>

      <module-option name="roleFilter" value="(sAMAccountName={0})"/>

      <module-option name="roleAttributeID" value="memberOf"/>

      <module-option name="roleAttributeIsDN" value="true"/>

      <module-option name="roleNameAttributeID" value="CN"/>

      <module-option name="roleRecursion" value="2"/>

      <module-option name="searchScope" value="SUBTREE_SCOPE"/>

      <module-option name="java.naming.security.authentication" value="simple"/>

      <module-option name="allowEmptyPasswords" value="false"/>

      <module-option name="throwValidateError" value="true"/>

      </login-module>

      </authentication>

      </application-policy>


      However, we keep getting the same error:

       

      17:06:13,437 ERROR [ActionProcessingPipeline] SecurityService exception :

      org.jboss.soa.esb.services.security.SecurityServiceException: Exception while trying to login:

                at org.jboss.internal.soa.esb.services.security.JaasSecurityService.authenticate(JaasSecurityService.java:102)

                at org.jboss.soa.esb.listeners.message.ActionProcessingPipeline.processPipeline(ActionProcessingPipeline.java:558)

                at org.jboss.soa.esb.listeners.message.ActionProcessingPipeline.process(ActionProcessingPipeline.java:442)

                at org.jboss.soa.esb.listeners.message.MessageAwareListener$TransactionalRunner.run(MessageAwareListener.java:587)

                at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)

                at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)

                at java.lang.Thread.run(Thread.java:662)

      Caused by: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required

                at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:252)

                at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

       

      We know for sure that this LDAP server is up and running and our login credentials are correct.

      I tried to check a bit that problem and tried to raise the debug level as suggested by here:https://community.jboss.org/thread/221368

      with little success.

       

      Maybe we should change the debug level somewhere else? Or if someone have more ideas what can be reason for that exception

      would be of a great value to us