2 Replies Latest reply on Aug 2, 2005 2:39 PM by schachi

LDAP: client-side authentication

schachi Jul 27, 2005 11:15 AM

i have to authenticate users on the client-side (Java-Swing, auth.: ldap)
i tried it with the ClientLoginModule, but i NEVER received a exception (i expected to get an exception when i enter a wrong username/password).

[...]

jboss-documentation:
note that this login module does not perform any authentication [...] if you need to perform client-side authentication of users, you would need to configure login modules in addition to clientloginmodule.

shy question: is there a LDAPLogin-Module for client-side authentication? if yes, can anybody please! post a config example?

thanks in advance
marc

1. Re: LDAP: client-side authentication

starksm64 Jul 30, 2005 12:07 PM (in response to schachi)

The same ldap login module that works on the server side.
Actions

2. Re: LDAP: client-side authentication

schachi Aug 2, 2005 2:39 PM (in response to schachi)

thank you for reply.

here is an example (if someone else has the same problem... )

client:

 try {

 System.setProperty("java.security.auth.login.config", "...pathtoauthconf\\auth.conf");
 org.jboss.security.auth.callback.UsernamePasswordHandler handler = new org.jboss.security.auth.callback.UsernamePasswordHandler(userid, password.toCharArray());
 final javax.security.auth.login.LoginContext lc = new javax.security.auth.login.LoginContext("testPolicy", handler);
 lc.login();
 }
 catch (Exception ex) {
 // login failed
 }

auth.conf:

testPolicy {
 org.jboss.security.ClientLoginModule required;
 org.jboss.security.auth.spi.LdapLoginModule required
 java.naming.factory.initial="com.sun.jndi.ldap.LdapCtxFactory"
 java.naming.provider.url="ldap://localhost:389/"
 java.naming.security.authentication="simple";
 rolesCtxDN="ou=Roles,dc=eactAG,dc=ch"
 matchOnUserDN="true"
 principalDNSuffix=",ou=People,dc=eactAG,dc=ch"
 principalDNPrefix="uid="
 uidAttributeID="userid"
 roleAttributeID="roleName"
 roleAttributeIsDN="false"
};

Go to original post