3 Replies Latest reply on Jul 18, 2006 8:28 AM by chris griffith

    A few questions regarding JBoss 4.0.4_GA and LDAP setup

    Eric Ray Novice

      The funny one first. I'm working from the LdapLoginModule in the JBoss Official Guide and I'm using com.sun.jndi.ldap.LdapCtxFactory for the InitialContextFactory. What's funny is that I cannot find the Sun ldap.jar file anywhere in the JBoss directory tree and I cannot find the LdapCtxFactory class in any of the jars. However, JBoss appears to be loading the class and calling methods (even though I'm getting errors...that part later). So, the question is, does JBoss have a version of the Sun ldap implentation allowing me to use com.sun.jndi.ldap.LdapCtxFactory or do I need to drop the jar files I downloaded from Sun into the server/all/lib directory? I guess I would have expected to find the .class file when I do a grep through all the jars.

      Next question: I get an error when trying to login to a web page that has been configured as such

      <web-app id="WebApp_ID" version="2.4"
      xmlns="http://java.sun.com/xml/ns/j2ee"
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
      http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
       <display-name>Calculator3Web</display-name>
      
       <security-constraint>
       <web-resource-collection>
       <web-resource-name>Calculator</web-resource-name>
       <url-pattern>/*</url-pattern>
       </web-resource-collection>
       <auth-constraint>
       <role-name>calc</role-name>
       </auth-constraint>
       <user-data-constraint>
       <transport-guarantee>NONE</transport-guarantee>
       </user-data-constraint>
       </security-constraint>
      
       <login-config>
       <auth-method>BASIC</auth-method>
       <realm-name>Restricted Calculator</realm-name>
       </login-config>
      
       <security-role>
       <description>Authorized User Role</description>
       <role-name>calc</role-name>
       </security-role>
      
       <welcome-file-list>
       <welcome-file>calculator.jsp</welcome-file>
       </welcome-file-list>
      </web-app>


      JBoss has been configured exactly like the example in the Security section under LdapLoginModule. The error from the log file is:
      2006-06-08 17:43:57,734 DEBUG [org.jboss.security.auth.spi.LdapLoginModule] Bad password for username=eray
      javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]
       at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2985)
       at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931)
       at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2732)
       at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2646)
       at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
       at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
       at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
       at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
       at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
       at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
      


      I believe I have everything configured properly yet the login keeps getting rejected. Any ideas on what I'm doing wrong. And yes, I've doubled checked my login credentials.

      Thanks for any. This forum rocks!