2 Replies Latest reply on Mar 8, 2009 11:47 PM by tnaran

    Configuring against a bass-ackward LDAP server

    tnaran

      The LDAP directory I'm trying to configure JBoss for seems to have a structure different than what the Ldap module expects.

      Using several LDAP explorer tools (LDAPExplorer 2, JXplorer), the group object's member attribute is empty, and group membership is stored on the user: each user has a groupMembership attribute which has multiple DN's pointing to the aforementioned groups.

      I'm not sure the normal Ldap Module for JBoss was designed to handle this case, and I'm not sure how I would configure LdapExtLoginModule to do it.

      Does anyone have any suggestions for me on how I can configure JBoss to authenticate against this kind of LDAP configuration? Or am I up the creek? :-(

        • 1. Re: Configuring against a bass-ackward LDAP server
          anil.saldhana

          The LDAP login modules that ship in JBoss have some specific DITs in LDAP. Anything different or custom needs, then you will need to write your own login module using basic JNDI code.

          • 2. Re: Configuring against a bass-ackward LDAP server
            tnaran

             

            "anil.saldhana@jboss.com" wrote:
            The LDAP login modules that ship in JBoss have some specific DITs in LDAP. Anything different or custom needs, then you will need to write your own login module using basic JNDI code.


            I can understand that. My question is: "Is this DIT I am describing supported by the JBoss LDAP module?" I tried reading the source for the module, and I thought I set up the parameters right for it, but I got a NullException error in the module (Even weirder, it was line 385, but the versions of the module I could find don't have that many lines).

            I'm thinking I have to write my own log-in module, which is a pain, but at least I have the blueprint of the original LDAP module to go by. :-)