2 Replies Latest reply on Feb 19, 2006 12:51 PM by starksm64

    how can i use JNDIRealm with JBoss?

    finska

      Any help much appreciated!!

      I am trying to use JNDIRealm so that I can authenticate (user) logins against user data stored in an LDAP server (Sun One v5.2) - but am not making much progress. I am also using a security-filter and the web-app operates over HTTPS

      I think I have must have misconfigured but don't know where/what- if anyone can spot anything, that would be great!

      My configuration files appear as follows:
      [from securityfilter-config.xml in my WAR's WEB-INF]
      <login-config>
      <auth-method>FORM</auth-method>
      <realm-name>x</realm-name>
      <form-login-config>
      <form-login-page>/DefaultLogin.jsp</form-login-page>
      <form-error-page>/jsp/tiles/DefaultMessages.jsp</form-error-page>
      <form-default-page>/initialiseData.do</form-default-page>
      </form-login-config>
      </login-config>

      <security-role>
      Standard User
      <role-name>myuser</role-name>
      </security-role>


      <realm-param name="connectionURL" value="ldap://mymachine.mycompany.com:389"/>
      <realm-param name="userPattern" value="uid={0},ou=people,dc=dataduct,dc=com"/>
      <realm-param name="roleBase" value="ou=groups,dc=dataduct,dc=com"/>
      <realm-param name="roleName" value="cn"/>
      <realm-param name="roleSearch" value="(uniqueMember={0})"/>
      <realm-param name="contextFactory" value="com.sun.jndi.ldap.LdapCtxFactory"/>


      [my ref to the securityfilter-config in web.xml - again in WAR's WEB-INF]

      <filter-name>Security Filter</filter-name>
      <filter-class>org.securityfilter.filter.SecurityFilter</filter-class>
      <init-param>
      <param-name>config</param-name>
      <param-value>/WEB-INF/securityfilter-config.xml</param-value>
      Configuration file location
      </init-param>
      <init-param>
      <param-name>validate</param-name>
      <param-value>true</param-value>
      Validate config file if set to true
      </init-param>


      <!-- map all requests to the SecurityFilter, control what it does with configuration settings -->
      <filter-mapping>
      <filter-name>Security Filter</filter-name>
      <url-pattern>/*</url-pattern>
      </filter-mapping>


      [and the part of server.xml on that refs to HTTPS]
      <!-- SSL/TLS Connector configuration using the admin devl guide keystore -->






      The problem is manifesting itself when I deploy the my WAR file (I am using Struts 1.2.7 & Tomcat 5.5 bundled in JBoss 4.0.2) - JBoss reports an InvocationTargetException

      2006-02-15 12:39:25,562 DEBUG [org.jboss.web.tomcat.filters.ReplyHeaderFilter] Adding header name: X-Powered-By='Servlet 2.4; JBoss-4.0.2 (build: CVSTag=JBoss_4_0_2 date=200505022023)/Tomcat-5.5'
      2006-02-15 12:39:26,078 ERROR [org.apache.commons.digester.Digester] End event threw exception
      java.lang.reflect.InvocationTargetException
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      .....
      .....
      Caused by: java.lang.ClassCastException: org.apache.catalina.realm.JNDIRealm
      at org.securityfilter.config.SecurityConfig.addRealm(SecurityConfig.java:227)
      ... 141 more
      2006-02-15 12:39:26,140 INFO [STDOUT] unable to parse input: java.lang.ClassCastException: org.apache.catalina.realm.JNDIRealm


      Many Thanks!
      Finska

        • 1. Re: how can i use JNDIRealm with JBoss?
          finska

          apologies - the realm section of securityfilter-config.xml in the prev mail was botched and should read (please excuse leading whitespace in realm tag):

          < realm className="org.apache.catalina.realm.JNDIRealm">
          <realm-param name="connectionURL" value="ldap://oscar.dataduct.com:389"/>
          <realm-param name="userPattern" value="uid={0},ou=people,dc=dataduct,dc=com"/>
          <realm-param name="roleBase" value="ou=groups,dc=dataduct,dc=com"/>
          <realm-param name="roleName" value="cn"/>
          <realm-param name="roleSearch" value="(uniqueMember={0})"/>
          <realm-param name="contextFactory" value="com.sun.jndi.ldap.LdapCtxFactory"/>
          </ realm>

          • 2. Re: how can i use JNDIRealm with JBoss?
            starksm64