1 2 Previous Next 25 Replies Latest reply on Feb 23, 2007 4:29 PM by Gyanendra Hyoju Go to original post
      • 15. Re: Custom Login Module

        You don't have to implement all methods actually. Some are only used by UserPortlet and RolePortlet.

        • 16. Re: Custom Login Module
          Daniel Wasser Newbie

          Which methods are needed by the portalserver? The UserModule Interface enforces me to implement all methods like createUser, removeUser or getUserCount. My identity provider doesn't support these features.

          • 17. Re: Custom Login Module

            as far as I remember : findUserByName(String userName).

            the rest can throw new UnsupportedOperationException() as it is only used by the user management portlet.

            • 18. Re: Custom Login Module
              Daniel Wasser Newbie

              Thanks, and greets to Mr.Effing :)

              • 19. Re: Custom Login Module
                David Bell Newbie

                How is the preferences stuff going to work if the users are not in the portal's own database?

                I am trying to implement a UserModule but have found it requires the 'getPreferencesGroup' to be implemented too.

                Any advice how I can work round this.

                Many thanks.

                • 20. Re: Custom Login Module

                  this is true in 2.2 but not in 2.4.

                  in 2.2, the user would not considered as having preferences per portlet.

                  in 2.4, normally only a non null user id is necessary.

                  • 21. Re: Custom Login Module
                    raghu raghu Newbie

                    JBoss AS 4.0.3SP1
                    JBoss Portal 2.2
                    mySQL 4.1

                    Bascially, i am trying for authenication and authorization by using portal through LDAP.

                    I had gone through this the above appoach and made the following changes.

                    1) update the login-config.xml (given below)

                    <application-policy name="portal">

                    <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="requisite">
                    <module-option name="password-stacking">useFirstPass</module-option>
                    <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
                    <module-option name="java.naming.provider.url">ldap://testserver-09:389/</module-option>

                    <module-option name="java.naming.security.authentication">simple</module-option>

                    <module-option name="java.naming.security.principal">cn=ldapadmin,ou=famie,dc=org,dc=com</module-option>
                    <module-option name="java.naming.security.credentials">ldap123</module-option>

                    <module-option name="principalDNPrefix">uid=</module-option>
                    <module-option name="principalDNSuffix">,ou=People,ou=famie,dc=org,dc=com</module-option>

                    <module-option name="rolesCtxDN">ou=Roles,dc=org,dc=com</module-option>
                    <module-option name="uidAttributeID">uniqueMember</module-option>
                    <module-option name="matchOnUserDN">true</module-option>
                    <module-option name="roleAttributeID">cn</module-option>
                    <module-option name="roleAttributeIsDN">false</module-option>
                    <module-option name="searchTimeLimit">5000</module-option>
                    <module-option name="searchScope">SUBTREE_SCOPE</module-option>
                    <module-option name="defaultRole">Authenticated</module-option>
                    <login-module code="org.jboss.portal.core.security.jaas.ExtModelLoginModule" flag="required">
                    <module-option name="unauthenticatedIdentity">guest</module-option>
                    <module-option name="hashAlgorithm">MD5</module-option>
                    <module-option name="hashEncoding">HEX</module-option>
                    <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
                    <module-option name="additionalRole">Authenticated</module-option>
                    <module-option name="password-stacking">useFirstPass</module-option>


                    so, basically first login-module is for aunthentication of the users at LDAP.
                    second login-module is for portal database.

                    2) I used the custom class ExtModelLoginModule and which was update in the login-config.xml

                    so, i compiled the portal source code and deployed in the JBoss AS 4.0.3SP1

                    Case 1:
                    If I enter a userid and password which are existing in LDAP and also userid present in the portal database, I am getting the portal screens.

                    Case 2:

                    now, if I enter a userid and password which are existing in LDAP and not in portal database, I am getting an error page saying that "Login Failed!
                    --Sorry, your username and/or password could not be verified."

                    so, basically, here also authentication from LDAP is success and now when processing the second login-module, i hope it is getting the problem.

                    And I checked in the log files, i couldnt see any errors even.

                    my Questions are:

                    1) Has I missed anywhere in the steps which I have to follow in the above procedure??

                    2) I gave some loggers with TRACE in the class ExtModelLoginModule extends org.jboss.portal.core.security.jaas.ModelLoginModule which was given given in this forum and also changed the log4j.xml file present in the JBOSS_HOME\server\default\conf folder with

                    <appender-ref ref="jBossLdapLog"/>

                    so, i could see a separate log file (jBossLdap.log) was created but i couldnt see the loggers

                    Can I know, where I made mistakes??

                    with regards,

                    • 22. Re: Custom Login Module
                      raghu raghu Newbie

                      hi sorry, bad paste in the ealier question which I posted some how got missed.

                      This is with respective to the logger which I changed in the log4j.xml.

                      <appender-ref ref="jBossLdapLog"/>

                      with regards,

                      • 23. Re: Custom Login Module
                        darren hartford Expert

                        Hi RaghuRam,
                        It's been a while and I no longer actively using the ExtModelLoginModule (it was for proof-of-concept for a project that didn't take off). However, case 1 and case 2 do sound familiar - it is working 'as expected', although not 'as intended'.

                        I don't recall if I managed to work around the problem with portal, but I know with some other projects I had to do an 'autocreate default user' approach in-the-application for when:

                        *authentication from the security system succeeds

                        *but the user does not have an appropriate role for authorization in the application system. In this scenario, jboss-portal is the application system excepting a role (which could simply be that the uid/username exists in its database).

                        Although I don't have a workaround at my fingertips, hopefully this information will be useful!


                        • 24. Re: Custom Login Module
                          Jose Pedro Pereira Newbie

                          explicitly to KeV (ricewind23):

                          I've found a wiki page describing Ldap Auth by changing RoleModule and UserModule to an LDAP based ones... but I can't find the source code for these anywhere... Could you please indicate us the location of this code? And to what portal version will it apply?


                          • 25. Re: Custom Login Module
                            Gyanendra Hyoju Newbie


                            I am using JBOSS 4.0.5 and Portal 2.4.1. Where will I find the jar with the class org.jboss.portal.core.security.jaas.ModelLoginModule.

                            Thank you very much.

                            1 2 Previous Next