-
1. Re: Authenticating with WS-Security Username Token / Password Digest against Jboss Container
I was able to get Authentication done against an LDAP with Clear Text password. Is there any way I can authenticate the Username token and the Password Digest i receive against an LDAP server?
-
2. Re: Authenticating with WS-Security Username Token / Password Digest against Jboss Container
Hi Juny,
Novell has a library for LDAP connection that makes it easy to implement the autentication you are looking for: http://www.novell.com/documentation/developer/jldap/jldapenu/data/a9032ak.html After receiving your usernameToken all you have to do is try to bind this credentials to the LDAP server, if it succeds your user is auteticated.
-
3. Re: Authenticating with WS-Security Username Token / Password Digest against Jboss Container
You can set a security domain for your deployment and use the JAAS integration to authenticate against that. Have a look at the documentation / example at https://docs.jboss.org/author/display/JBWS/WS-Security#WS-Security-Authenticationandauthorization
-
4. Re: Authenticating with WS-Security Username Token / Password Digest against Jboss Container
Hi Alessio,
Thanks for the message. I had got it working as per your examples as I mentioned the above. The outstanding clarifications that we have is as below
1. Using Password Digest i am not able to have Jboss Authenticate against an LDAP using Integrated JAAS. LDAP seems to require a clear text password. Is there anyway we can use password digests and a Jboss Security domain configured against an LDAP?
2. If not using the message digest, Is there any way for enforcing that the passwords be encrypted? is there any other Interceptor which I can configure which will decrypt the password and then send it for authentication against configured JBOSS Security domain? Are there any examples or guidelines for doing so?
Thanking you in advance.
Regards
Juny