0 Replies Latest reply on Apr 11, 2016 7:15 AM by djapal

    LDAP Wildfly 10 roles assignment problem

    djapal
    djapal Apr 11, 2016 7:15 AM

      Hello all.

      We have an issue and i wanted to ask if we can find a solution.

      WE are using wildfly 9.0.2 which is using picketbox-4.9.2

      This means that we can login to our web app using ldap and also using

      <module-option name="rolesCtxDN" value=""/>

       

      In wildfly 10.0.0, which is using picketbox-4.9.4 this is not feasible due to this snippet of class LdapExtLoginModule

       

         protected void rolesSearch(LdapContext ctx, SearchControls constraints, String user, String userDN,

               int recursionMax, int nesting) throws NamingException

         {

            if (rolesCtxDN == null || roleFilter == null || rolesCtxDN.isEmpty() || roleFilter.isEmpty()) {

                // no role search initial DN nor role filter specified, so assigning no roles

                return;

            }



      which prevents us from using empty DN for role search.

      WE are using JaaS but when i ported it to spring security, it worked fine.

      So the question is.. can we find a way of getting this work like picketbox 4.9.2 with empty rolesCtxDN?

      Or do we have to stay to version 9.0.2?


      Thank you