3 Replies Latest reply on Apr 25, 2014 4:35 AM by Maciej Swiderski

    LDAP JBPM Integration in Version 6

    Venu Madhav Pattamatta Newbie

      Hi,

       

      Can anyone assist with LDAP integration of JBPM v6 and User Task Service.

       

      Thanks.

        • 1. Re: LDAP JBPM Integration in Version 6
          Maciej Swiderski Master

          are you running with jbpm console (aka kie-wb) or your custom application?

           

          In case you use jbpm console, it should be enough to configure JBoss login module to be bound to LDAP and all other components of jbpm should make use of that.

           

          HTH

          • 2. Re: LDAP JBPM Integration in Version 6
            Venu Madhav Pattamatta Newbie

            Hi,

             

            I did the LDAP and JBPM Standalone.xml configuration. I am able to connect and perform operations in LDAP from LDAP Browser but when I try to login from JBPM Console or user REST API, it throws the below exception: (I can login using LDAP Browser using the same combination of user name and password and security authentication as simple.

             

            08:02:13,173 INFO  [org.jboss.resteasy.cdi.CdiInjectorFactory] (http-localhost-127.0.0.1-8080-1) Found BeanManager at java:comp/BeanManager

            08:02:13,280 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] (http-localhost-127.0.0.1-8080-1) Login failure: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required

              at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:270) [picketbox-4.0.7.Final.jar:4.0.7.Final]

              at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_55]

              at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) [rt.jar:1.7.0_55]

              at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) [rt.jar:1.7.0_55]

              at java.lang.reflect.Method.invoke(Method.java:606) [rt.jar:1.7.0_55]

              at javax.security.auth.login.LoginContext.invoke(LoginContext.java:762) [rt.jar:1.7.0_55]

              at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203) [rt.jar:1.7.0_55]

              at javax.security.auth.login.LoginContext$4.run(LoginContext.java:690) [rt.jar:1.7.0_55]

              at javax.security.auth.login.LoginContext$4.run(LoginContext.java:688) [rt.jar:1.7.0_55]

              at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_55]

              at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:687) [rt.jar:1.7.0_55]

              at javax.security.auth.login.LoginContext.login(LoginContext.java:595) [rt.jar:1.7.0_55]

              at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]

              at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]

              at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]

              at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]

              at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:214) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]

              at org.apache.catalina.authenticator.AuthenticatorBase.login(AuthenticatorBase.java:324) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.connector.Request.login(Request.java:3252) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.connector.RequestFacade.login(RequestFacade.java:1082) [jbossweb-7.0.13.Final.jar:]

              at org.uberfire.security.server.auth.source.HttpServletRequestAuthenticationSource.authenticate(HttpServletRequestAuthenticationSource.java:38) [uberfire-security-server-0.3.1.Final.jar:0.3.1.Final]

              at org.uberfire.security.server.auth.DefaultAuthenticationProvider.authenticate(DefaultAuthenticationProvider.java:81) [uberfire-security-server-0.3.1.Final.jar:0.3.1.Final]

              at org.uberfire.security.server.auth.HttpAuthenticationManager.authenticate(HttpAuthenticationManager.java:129) [uberfire-security-server-0.3.1.Final.jar:0.3.1.Final]

              at org.uberfire.security.server.HttpSecurityManagerImpl.authenticate(HttpSecurityManagerImpl.java:215) [uberfire-security-server-0.3.1.Final.jar:0.3.1.Final]

              at org.uberfire.security.server.UberFireSecurityFilter.authenticate(UberFireSecurityFilter.java:316) [uberfire-security-server-0.3.1.Final.jar:0.3.1.Final]

              at org.uberfire.security.server.UberFireSecurityFilter.doFilter(UberFireSecurityFilter.java:261) [uberfire-security-server-0.3.1.Final.jar:0.3.1.Final]

              at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:280) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:248) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:397) [jbossweb-7.0.13.Final.jar:]

              at org.jboss.as.jpa.interceptor.WebNonTxEmCloserValve.invoke(WebNonTxEmCloserValve.java:50) [jboss-as-jpa-7.1.1.Final.jar:7.1.1.Final]

              at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]

              at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.authenticator.SingleSignOn.invoke(SingleSignOn.java:397) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]

              at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]

              at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]

              at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]

              at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]

              at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_55]

            • 3. Re: LDAP JBPM Integration in Version 6
              Maciej Swiderski Master

              it does not seem to be using LDAP configuration on JBoss - still refers to UsernamePasswordLoginModule while it should use one dedicated for LDAP. Make sure you have proper configuration of the login module and valid login module is used by security domain used by jbpm console.

               

              HTH