1 Reply Latest reply on Jan 11, 2004 1:34 AM by elfuhrer

    LdapLoginModule

    Dmitry Mozheyko Novice

      I use jboss 3.2.2 and i configure application-policy with LdapLoginModule for my application.

       <application-policy name = "my_ldap">
       <authentication>
       <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag= "required">
       <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
       <module-option name="java.naming.provider.url">ldap://ldap-server:389/</module-option>
       <module-option name="java.naming.security.authentication">simple</module-option>
       <module-option name="principalDNPrefix">uid=</module-option>
       <module-option name="principalDNSuffix">,ou=People,dc=mycompany,dc=com</module-option>
       <module-option name="uidAttributeID">memberUid</module-option>
       <module-option name="roleAttributeID">cn</module-option>
       <module-option name="roleNameAttributeId">cn</module-option>
       <module-option name="roleAttributeIsDN">false</module-option>
       <module-option name="matchOnUserDN">false</module-option>
       <module-option name = "rolesCtxDN">ou=Group,dc=mycompany,dc=com</module-option>
       <module-option name = "unauthenticatedIdentity">nobody</module-option>
       </login-module>
       </authentication>
       </application-policy>
      


      I try to access my web-application in browser:

      1) if i use correct username and correct password ALL WORKS -OK
      2) if i use correct username and INcorrect(not blank) password AUTH DIALOG OPEN AGAIN - OK
      3) if i use INcorrect username and any(not blank) password AUTH DIALOG OPEN AGAIN -OK
      4) if i use INcorrect username and blank password TOMCAT PAGE ACCESS DENIED - i permit that OK
      5) if i use correct username and blank password ALL WORKS !!! :(

      It does not approach me.


      It is a normal work ?
      May be i forget some flag/attribute ?