-
15. Re: Custom Login Module
julien1 Jun 2, 2006 2:57 AM (in response to indyjones)You don't have to implement all methods actually. Some are only used by UserPortlet and RolePortlet.
-
16. Re: Custom Login Module
kosmi Jun 2, 2006 3:20 AM (in response to indyjones)Which methods are needed by the portalserver? The UserModule Interface enforces me to implement all methods like createUser, removeUser or getUserCount. My identity provider doesn't support these features.
-
17. Re: Custom Login Module
julien1 Jun 2, 2006 3:54 AM (in response to indyjones)as far as I remember : findUserByName(String userName).
the rest can throw new UnsupportedOperationException() as it is only used by the user management portlet. -
18. Re: Custom Login Module
kosmi Jun 2, 2006 4:15 AM (in response to indyjones)Thanks, and greets to Mr.Effing :)
-
19. Re: Custom Login Module
dibell Jun 8, 2006 10:02 AM (in response to indyjones)How is the preferences stuff going to work if the users are not in the portal's own database?
I am trying to implement a UserModule but have found it requires the 'getPreferencesGroup' to be implemented too.
Any advice how I can work round this.
Many thanks. -
20. Re: Custom Login Module
julien1 Jun 8, 2006 10:17 AM (in response to indyjones)this is true in 2.2 but not in 2.4.
in 2.2, the user would not considered as having preferences per portlet.
in 2.4, normally only a non null user id is necessary. -
21. Re: Custom Login Module
raghuram11 Jun 15, 2006 5:08 PM (in response to indyjones)JBoss AS 4.0.3SP1
JBoss Portal 2.2
mySQL 4.1
OpenLDAP
Bascially, i am trying for authenication and authorization by using portal through LDAP.
I had gone through this the above appoach and made the following changes.
1) update the login-config.xml (given below)
<application-policy name="portal">
<login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="requisite">
<module-option name="password-stacking">useFirstPass</module-option>
<module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
<module-option name="java.naming.provider.url">ldap://testserver-09:389/</module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
<module-option name="java.naming.security.principal">cn=ldapadmin,ou=famie,dc=org,dc=com</module-option>
<module-option name="java.naming.security.credentials">ldap123</module-option>
<module-option name="principalDNPrefix">uid=</module-option>
<module-option name="principalDNSuffix">,ou=People,ou=famie,dc=org,dc=com</module-option>
<module-option name="rolesCtxDN">ou=Roles,dc=org,dc=com</module-option>
<module-option name="uidAttributeID">uniqueMember</module-option>
<module-option name="matchOnUserDN">true</module-option>
<module-option name="roleAttributeID">cn</module-option>
<module-option name="roleAttributeIsDN">false</module-option>
<module-option name="searchTimeLimit">5000</module-option>
<module-option name="searchScope">SUBTREE_SCOPE</module-option>
<module-option name="defaultRole">Authenticated</module-option>
</login-module>
<login-module code="org.jboss.portal.core.security.jaas.ExtModelLoginModule" flag="required">
<module-option name="unauthenticatedIdentity">guest</module-option>
<module-option name="hashAlgorithm">MD5</module-option>
<module-option name="hashEncoding">HEX</module-option>
<module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
<module-option name="additionalRole">Authenticated</module-option>
<module-option name="password-stacking">useFirstPass</module-option>
</login-module>
</application-policy>
so, basically first login-module is for aunthentication of the users at LDAP.
second login-module is for portal database.
2) I used the custom class ExtModelLoginModule and which was update in the login-config.xml
so, i compiled the portal source code and deployed in the JBoss AS 4.0.3SP1
Case 1:
---------
If I enter a userid and password which are existing in LDAP and also userid present in the portal database, I am getting the portal screens.
Case 2:
----------
now, if I enter a userid and password which are existing in LDAP and not in portal database, I am getting an error page saying that "Login Failed!
--Sorry, your username and/or password could not be verified."
so, basically, here also authentication from LDAP is success and now when processing the second login-module, i hope it is getting the problem.
And I checked in the log files, i couldnt see any errors even.
my Questions are:
1) Has I missed anywhere in the steps which I have to follow in the above procedure??
2) I gave some loggers with TRACE in the class ExtModelLoginModule extends org.jboss.portal.core.security.jaas.ModelLoginModule which was given given in this forum and also changed the log4j.xml file present in the JBOSS_HOME\server\default\conf folder with
<appender-ref ref="jBossLdapLog"/>
so, i could see a separate log file (jBossLdap.log) was created but i couldnt see the loggers
Can I know, where I made mistakes??
with regards,
Raghuram -
22. Re: Custom Login Module
raghuram11 Jun 15, 2006 5:46 PM (in response to indyjones)hi sorry, bad paste in the ealier question which I posted some how got missed.
This is with respective to the logger which I changed in the log4j.xml.
<appender-ref ref="jBossLdapLog"/>
with regards,
RaghuRam. -
23. Re: Custom Login Module
dhartford Jun 16, 2006 8:39 AM (in response to indyjones)Hi RaghuRam,
It's been a while and I no longer actively using the ExtModelLoginModule (it was for proof-of-concept for a project that didn't take off). However, case 1 and case 2 do sound familiar - it is working 'as expected', although not 'as intended'.
I don't recall if I managed to work around the problem with portal, but I know with some other projects I had to do an 'autocreate default user' approach in-the-application for when:
*authentication from the security system succeeds
*but the user does not have an appropriate role for authorization in the application system. In this scenario, jboss-portal is the application system excepting a role (which could simply be that the uid/username exists in its database).
Although I don't have a workaround at my fingertips, hopefully this information will be useful!
-D -
24. Re: Custom Login Module
sunnymoon Jul 6, 2006 1:41 PM (in response to indyjones)explicitly to KeV (ricewind23):
I've found a wiki page describing Ldap Auth by changing RoleModule and UserModule to an LDAP based ones... but I can't find the source code for these anywhere... Could you please indicate us the location of this code? And to what portal version will it apply?
Tks
JPereira -
25. Re: Custom Login Module
ghyoju Feb 23, 2007 4:29 PM (in response to indyjones)Hi,
I am using JBOSS 4.0.5 and Portal 2.4.1. Where will I find the jar with the class org.jboss.portal.core.security.jaas.ModelLoginModule.
Thank you very much.