0 Replies Latest reply on Dec 3, 2004 6:42 PM by Vivek Pinto

    Using LDAP connection module to authenticate

    Vivek Pinto Newbie

      I have browsed through the forum, read the documentation but am still unable to authenticate. Maybe I am missing something or just need another pair of eyes to look at the problem.

      Here is what my jboss.xml file looks like

      <security-domain>java:/jaas/LdapToActiveRealm</security-domain>


      This is what my web.xml looks like

      <web-app >

      <security-constraint>
      </security-constraint>

      <login-config>
      <auth-method>FORM</auth-method>
      <realm-name>LdapToActiveRealm</realm-name>


      <form-login-config>
      <form-login-page>/index2.html</form-login-page>
      </form-login-config>
      </login-config>
      </web-app>


      My jboss-web.xml file looks like this
      <jboss-web>
      <security-domain>java:/jaas/LdapToActiveDirectory</security-domain>
      <unauthenticated-principal>Unknown</unauthenticated-principal>
      .....
      </jboss-web>

      Finally, here is what my login-config.xml looks like
      <application-policy name="LdapToActiveDirectory">

      <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required" >
      <module-option name="java.naming.provider.url">ldap://<ldap-server></module-option>
      <module-option name="roleAttributeName">uniqueMember=</module-option>
      <module-option name="principalDNPrefix">uid=</module-option>
      <module-option name="principalDNSuffix">ou=People,o=unitech.com</module-option>
      <module-option name="rolesCtxDN">ou=Groups,o=unitech.com</module-option>
      <module-option name="principalDNSuffix">ou=People,o=unitech.com</module-option>
      </login-module>

      </application-policy>

      I attempt to connect using

      LoginContext lc = new LoginContext("LdapToActiveRealm", handler);
      lc.login();

      The user/password I use exists in the LDAP server.