Problems getting JMS to authenicate using the LDAPLoginModul
osganian Apr 27, 2005 2:36 PMWant to move from using the DatabaseServerLoginModule to query the JMS_USERS and JMS_ROLES tables to using the LDAPLoginModule with all the JMS users and roles defined in my LDAP server. Here is the error I get on startup:
2005-04-27 10:10:38,443 ERROR [org.jboss.ejb.plugins.jms.DLQHandler] Initialization failed DLQHandler javax.jms.JMSSecurityException: User: null is NOT authenticated at org.jboss.mq.security.SecurityManager.authenticate(SecurityManager.java:215) at org.jboss.mq.security.ServerSecurityInterceptor.authenticate(ServerSecurityInterceptor.java:51) at org.jboss.mq.server.TracingInterceptor.authenticate(TracingInterceptor.java:781) at org.jboss.mq.server.JMSServerInvoker.authenticate(JMSServerInvoker.java:287) at org.jboss.mq.il.jvm.JVMServerIL.authenticate(JVMServerIL.java:301) at org.jboss.mq.Connection.authenticate(Connection.java:1160) at org.jboss.mq.Connection.<init>(Connection.java:255) at org.jboss.mq.Connection.<init>(Connection.java:332) at org.jboss.mq.SpyConnection.<init>(SpyConnection.java:66) at org.jboss.mq.SpyConnectionFactory.createConnection(SpyConnectionFactory.java:87) at org.jboss.mq.SpyConnectionFactory.createQueueConnection(SpyConnectionFactory.java:124) at org.jboss.ejb.plugins.jms.DLQHandler.createService(DLQHandler.java:157) at org.jboss.system.ServiceMBeanSupport.jbossInternalCreate(ServiceMBeanSupport.java:237) at org.jboss.system.ServiceMBeanSupport.create(ServiceMBeanSupport.java:164) at org.jboss.ejb.plugins.jms.JMSContainerInvoker.innerCreate(JMSContainerInvoker.java:542) at org.jboss.ejb.plugins.jms.JMSContainerInvoker.startService(JMSContainerInvoker.java:764) at org.jboss.system.ServiceMBeanSupport.jbossInternalStart(ServiceMBeanSupport.java:271) at org.jboss.system.ServiceMBeanSupport.jbossInternalLifecycle(ServiceMBeanSupport.java:221)
I didn't touch my SecurityManager mbean definition:
<mbean code="org.jboss.mq.security.SecurityManager" name="jboss.mq:service=SecurityManager"> <attribute name="DefaultSecurityConfig"> <security> <role name="guest" read="true" write="true" create="true"/> </security> </attribute> <attribute name="SecurityDomain">java:/jaas/jbossmq</attribute> <depends optional-attribute-name="NextInterceptor">jboss.mq:service=DestinationManager</depends> </mbean>
And in my login-config.xml file looks like:
<application-policy name="other"> <authentication> <login-module flag="requisite" code="org.jboss.security.auth.spi.LdapLoginModule"> <!-- Standard LDAP Options --> <module-option name="java.naming.factory.initial"> com.sun.jndi.ldap.LdapCtxFactory </module-option> <module-option name="java.naming.provider.url"> ldap://${ldap.host}:${ldap.port}/ </module-option> <module-option name="java.naming.security.authentication"> simple </module-option> ... </login-module> </authentication> </application-policy>
In my LDAP server I have a guest user in the guest role defined (among other users and roles).
Does anybody have any clue what I am doing wrong? All over services are authenicating fine against the LDAP server (JMX Admin, different web site users, etc)
Thanks for any help.
Mike