0 Replies Latest reply on May 3, 2007 1:41 PM by Brian Bernstein

    Need help with DynamicLoginConfig

    Brian Bernstein Newbie

      Hi.

      I am trying to configure a very simple LDAP security domain for testing purposes.

      This is my login-conig.xml file:

      <?xml version='1.0'?>
      <!DOCTYPE policy PUBLIC
       "-//JBoss//DTD JBOSS Security Config 3.0//EN"
       "http://www.jboss.org/j2ee/dtd/security_config.dtd">
      
      <policy>
       <application-policy name="ldapTest">
       <authentication>
       <login-module code="org.jboss.security.auth.spi.LdapLoginModule"
       flag="required">
       <module-option name="java.naming.factory.initial">
       com.sun.jndi.ldap.LdapCtxFactory
       </module-option>
       <module-option name="java.naming.provider.url">
       ldap://ldapserver:389/
       </module-option>
       <module-option name="java.naming.security.authentication">
       simple
       </module-option>
       <module-option name="principalDNPrefix">uid=</module-option>
       <module-option name="principalDNSuffix">
       ,ou=People,dc=domain,dc=net
       </module-option>
      
       <module-option name="rolesCtxDN">
       ou=NetGroup,dc=domain,dc=net
       </module-option>
       <module-option name="uidAttributeID">uniqueMember</module-option>
       <module-option name="matchOnUserDN">true</module-option>
       <module-option name="roleAttributeID">cn</module-option>
       <module-option name="roleAttributeIsDN">false </module-option>
       </login-module>
       </authentication>
       </application-policy>
      </policy>
      


      I have tried placing this file in META-INF, but jboss only finds the security domain when it is defined in the global login-config.xml file.

      I know that the answer to the problem is to configure DynamicLoginConfig to look for my login-config.xml file. The problem is that I can not DynamicLoginConfig working properly.

      I created a jboss-service.xml file in META-INF with the following contents:
      <server>
      
       <mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
       name="jboss:service=DynamicLoginConfig">
       <attribute name="AuthConfig">META-INF/login-config.xml</attribute>
      
       <depends optional-attribute-name="LoginConfigService">
       jboss.security:service=XMLLoginConfig
       </depends>
      
       <depends optional-attribute-name="SecurityManagerService">
       jboss.security:service=JaasSecurityManager
       </depends>
       </mbean>
      
      </server>
      
      


      However, Jboss still will not load the login-config.xml file as expected.

      I then continued my search on this issue, and discovered that I needed a jboss-app.xml file to load the jboss-service.xml I created. I created one like so:
      <?xml version="1.0" encoding="UTF-8"?>
       <jboss-app>
       <module>
       <service>META-INF/jboss-service.xml</service>
       </module>
       </jboss-app>
      


      I have tried deploying this package with jboss-app.xml file in both META-INF and in the root of the package, and either way, I can not get Jboss to load the package specific login-config.xml file.

      Am I missing anything else?
      Any assistance will be greatly appreciated.
      Thank you in advance for any help you can offer.