0 Replies Latest reply on Aug 1, 2016 5:02 PM by metchegaray

    i need to allow a role to access a webmethod of a Web Services, using ldap and JBOSS 7



      im using jboss as application server, the version 7.1.

      I using jdveloper and ejb 3.1


      I have create a Ws like this





      @WebService(name = "AutenticacionADImplBean", targetNamespace = "http://correoargentino.com.ad/" )

      @SOAPBinding(style = SOAPBinding.Style.RPC)

      public class AutenticacionADImplBean implements AutenticacionADBeanRemote,AutenticacionADBeanLocal {


          public String saludar(String hello) {

             return hello;




      Then i configured in my standalone.xml a security domain: ( i put xxxx hidden the true values for security)



                      <security-domain name="test_ldap_security_domain">


                              <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">

                                  <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>

                                  <module-option name="java.naming.provider.url" value="ldap://xxxx:389"/>

                                  <module-option name="java.naming.security.authentication" value="simple"/>

                                  <module-option name="bindDN" value="CN=xxxx,CN=Users,DC=electoral,DC=com,DC=ar"/>

                                  <module-option name="bindCredential" value="xxxx"/>

                                  <module-option name="baseCtxDN" value="CN=Users,DC=electoral,DC=com,DC=ar"/>

                                  <module-option name="baseFilter" value="(uniqueMember={0})"/>

                                  <module-option name="rolesCtxDN" value="CN=Users,DC=electoral,DC=com,DC=ar"/>

                                  <module-option name="roleFilter" value="(uniqueMember={0})"/>

                                  <module-option name="roleNameAttributeID" value="cn"/>

                                  <module-option name="searchScope" value="SUBTREE_SCOPE"/>

                                  <module-option name="roleRecursion" value="0"/>

                                  <module-option name="roleAttributeIsDN" value="true"/>

                                  <module-option name="allowEmptyPasswords" value="false"/>

                                  <module-option name="Context.REFERRAL" value="follow"/>

                                  <module-option name="throwValidateError" value="true"/>

                                  <module-option name="allowEmptyPasswords" value="true"/>





      Nota; in ldap i have a group called  TestRole with many users


      My questions:


      1) this configuration it is ok or any xmls is missing? because it is not working

      2)I need to remove the security domain OTHER from the XML?

      3) I need and example of a client to test my WS that used authentication using LDAP.....