1 Reply Latest reply on Jun 11, 2003 10:23 PM by traverde

    LDAP authentication problems: both custom and with provided

    traverde Newbie

      I have writen two user managers for JBoss to connect to an LDAP server we use to authenticate passwords:

      The first is a custom one extending UsernamePasswordLoginModule which works fine on the Windows we use to develop on, but when it is deployed to our production server (a HP reunning Linux) it runs into problems. It is based around the LDAPConnection class. It makes the connections, but appears to drop them before any authentication can occur. I put in a loop before authentication that checks the connection and it randomly drops it. On the HP server we have used and are still using the same code to authenticate for Orion and it works without a problem. We did turn off the Orion server to try to see if it was interfearing, but the problem still persisted. A test class shows that using the jboss-j2ee.jar instead of the j2ee.jar that comes with orion makes all the difference on the HP (not for windows though).

      After this I tried to extend the LdapLoginModule that JBoss provides (only the passwords are on LDAP, not the user groups so I could not use the base class as is). That didn't work for the Windows machines where the other worked (I haven't tried it on the HP server since it didn't work localy), it just sat there trying indefinitely, so I downloaded the source to try to debug and see if it even authenticated, but then hung trying to load usergroups. It ends up that everything runs fine till the line:

      InitialLdapContext ctx = new InitialLdapContext(env, null);

      Here it never returns (this is where it authenticates, it never made it to the usegroups). The principle string it parses together in the logs is the exact same one that is used by other classes which work.

      Any help that could be offered would be greatly appreciated. I have been going through the usergroups and documentation for quite a while.