0 Replies Latest reply on Jul 9, 2016 7:00 AM by Nikhil Katiyar

    Unable to configure Jaassecuritycontext for Ldap configuration in security-conf.xml file and fails to authenticate.

    Nikhil Katiyar Newbie

      hello Experts,

      Our code for ldap authentication in modeshape is basically implementation of modeshape-examples/modeshape-custom-security-example at master · ModeShape/modeshape-examples · GitHub

       

      the security-conf.xml is as shown

       

      <?xml version='1.0'?>

      <policy xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

              xsi:schemaLocation="urn:jboss:security-config:5.0"

              xmlns="urn:jboss:security-config:5.0">

          <application-policy name="modeshape-jcr">

              <authentication>

               <login-module code="org.modeshape.example.security.LdapExtLoginModule" flag="required" >

                <module-option name="password-stacking" value="useFirstPass"/>

              <module-option name="java.naming.factory.initial" >com.sun.jndi.ldap.LdapCtxFactory</module-option>

                                     <module-option name="java.naming.provider.url" >url:389</module-option>

                                     <module-option name="java.naming.referral" >simple</module-option>

                                     <module-option name="bindDN" >cn=,dn= o=</module-option>

                                     <module-option name="bindCredential" >mypass(not encrypted)</module-option>

                                     <module-option name="baseCtxDN" >o=domains,dc=examole,dc=in</module-option>

                                     <module-option name="baseFilter" >(mail={0})</module-option>

                                     <module-option name="rolesCtxDN" >o=domains,dc=example,dc=in</module-option>

                                     <module-option name="roleFilter"  >(mail={0})</module-option>

                                     <module-option name="roleAttributeID" >member</module-option>

                                     <module-option name="roleAttributeIsDN" >true</module-option>

                                     <module-option name="roleNameAttributeID" >cn</module-option>

                                     <module-option name="searchScope"  >SUBTREE_SCOPE</module-option>

                                     <module-option name="allowEmptyPasswords" >false</module-option>

                                   

                              </login-module>

              </authentication>

              <authorization>

                  <policy-module

                          code="org.picketbox.plugins.authorization.PicketBoxAuthorizationModule"

                          flag="required">

                      <module-option name="roles">user,administator</module-option>

                  </policy-module>

              </authorization>

          </application-policy>

      </policy>

       

       

      We are using password in non-encrypted form and picketboxsecurityprovider as the above link of code shows..

       

      Now the main problem in debugging the application we found out is that on this part of code in LdapExtLoginModule

       

      Properties env = new Properties();

             Iterator iter = options.entrySet().iterator();

             while (iter.hasNext())

             {

                Entry entry = (Entry) iter.next();

                env.put(entry.getKey(), entry.getValue());

             }

       

      all value in "entry" are retrieved from security-conf.xml like binddn,credentials etc but when it come to retrieve JaasSecurityContext which is null and thus throws an exception and authentication

      fails.

       

      what should be done to authenticate?

       

      Please Help!!!