StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

PO
primarykey
Id
14296707
data
AcceptedAnswerId
0
AnswerCount
0
ClosedDate
CommentCount
4
CommunityOwnedDate
CreationDate
2013-01-12T18:42:18.573
FavoriteCount
0
LastActivityDate
2013-01-12T18:42:18.573
LastEditDate
LastEditorUserId
0
OwnerUserId
0
ParentId
14275879
PostTypeId
2
Score
0
ViewCount
0
LastEditorDisplayName
text
Body
<p>In your LDAP server create next hierarchy:</p> <pre><code>+ o=your-organization-name (partition) + ou=users (organizationalUnit) - uid=your-id-user (inetOrgPerson), add userPassword attribute + ou=groups (organizationalUnit) - cn=your-user-role (groupOfNames), add the uid before created </code></pre> <p>security-domain on JBoss 7.1 (standalone.xml):</p> <pre><code> <subsystem xmlns="urn:jboss:domain:security:1.1"> <security-domains> ... <security-domain name="SecurityRealm" cache-type="default"> <authentication> <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required"> <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/> <module-option name="java.naming.provider.url" value="ldap://host-ldap-server:port-ldap-server/"/> <module-option name="java.naming.security.authentication" value="simple"/> <module-option name="principalDNPrefix" value="uid="/> <module-option name="principalDNSuffix" value=",ou=users,o=your-organization-name"/> <module-option name="rolesCtxDN" value="ou=groups,o=your-organization-name"/> <module-option name="uidAttributeID" value="member"/> <module-option name="matchOnUserDN" value="true"/> <module-option name="roleAttributeID" value="cn"/> <module-option name="roleAttributeIsDN" value="false"/> </login-module> </authentication> </security-domain> </security-domains> </code></pre> <p>in your jboss-web.xml </p> <pre><code><security-domain>SecurityRealm</security-domain> </code></pre> <p>and the most important: is the user allowed to access to this page? (web.xml):</p> <pre><code><?xml version="1.0" encoding="UTF-8"?> <web-app version="3.0" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">  <security-constraint> <display-name>Protected</display-name> <web-resource-collection> <url-pattern>url-pages-you-want-protect</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>your-user-role</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint>  <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>your-login-page</form-login-page> <form-error-page>your-error-page</form-error-page> </form-login-config> </login-config>  <security-role> <role-name>your-user-role</role-name> </security-role> </web-app> </code></pre> <p>to test the connection use this:</p> <pre><code>public class LoginModulesTestCase extends TestCase { static { try { Configuration.setConfiguration(new TestConfig()); System.out.println("Installed TestConfig as JAAS Configuration"); } catch(Exception e) { e.printStackTrace(); } } /** Hard coded login configurations for the test cases. The configuration name corresponds to the unit test function that uses the configuration. */ static class TestConfig extends Configuration { public void refresh() { } public AppConfigurationEntry[] getAppConfigurationEntry(String name) { AppConfigurationEntry[] entry = null; try { Class[] parameterTypes = {}; Method m = getClass().getDeclaredMethod(name, parameterTypes); Object[] args = {}; entry = (AppConfigurationEntry[]) m.invoke(this, args); } catch(Exception e) { } return entry; } AppConfigurationEntry[] testLdapExample1() { String name = "org.jboss.security.auth.spi.LdapLoginModule"; HashMap options = new HashMap(); options.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory"); options.put("java.naming.provider.url", "ldap://host-ldap-server:port-ldap-server/"); options.put("java.naming.security.authentication", "simple"); options.put("principalDNPrefix", "uid="); options.put("principalDNSuffix", ",ou=users,o=your-organization-name"); options.put("rolesCtxDN", "ou=groups,o=your-organization-name"); options.put("uidAttributeID", "member"); options.put("matchOnUserDN", "true"); options.put("roleAttributeID", "cn"); options.put("roleAttributeIsDN", "false"); AppConfigurationEntry ace = new AppConfigurationEntry(name, AppConfigurationEntry.LoginModuleControlFlag.REQUIRED, options); AppConfigurationEntry[] entry = {ace}; return entry; } } public LoginModulesTestCase(String testName) { super(testName); } @Test public void testLdapExample1() throws Exception { System.out.println("testLdapExample1"); UsernamePasswordHandler handler = new UsernamePasswordHandler("your-uid", "your-uid-password".toCharArray()); LoginContext lc = new LoginContext("testLdapExample1", handler); lc.login(); Subject subject = lc.getSubject(); System.out.println("Subject: "+subject); Set groups = subject.getPrincipals(Group.class); assertTrue("Principals contains your-uid", subject.getPrincipals().contains(new SimplePrincipal("your-uid"))); Group roles = (Group) groups.iterator().next(); assertTrue("your-uid-role is a role", roles.isMember(new SimplePrincipal("your-uid-role"))); lc.logout(); } } </code></pre> <p>hey I have to ask you something:</p> <ul> <li>is your ldap host = domain.com?</li> <li>and your ldap port = 389?</li> <li>where is your ldap server installed?</li> <li>is your organization's ldap partition ou=people,dc=domain,dc=com?</li> <li>don't use suid, use uid like the example I had shown you, the uid is unique</li> <li>is your uid located on ou=people,dc=domain,dc=com?</li> <li>is this code an example copy?</li> <li>I'm using Apache Directory server as lpad server on my own machine, who is your server?</li> <li>where your server located?</li> </ul> <p>if you want I can help you to configure Apache Directory Server, you only have to ask a stackoverflow question and add the jboss 7.x and ldap stackoverflow tags</p>
Tags
Title
singulars
PostAcceptedAnswerId
1. This table or related slice is empty.
PostParentId
1. POImpossible to configure LDAP correctly in JBoss 7.1
  singulars
  PostTypePostTypeId
  PTQuestion
PostTypePostTypeId
1. PTAnswer
UserLastEditorUserId
1. This table or related slice is empty.
UserOwnerUserId
1. This table or related slice is empty.
plurals
PostLinksPostIdRelatedPostId
1. This table or related slice is empty.
PostLinksRelatedPostIdPostId
1. This table or related slice is empty.
PostsAcceptedAnswerId
1. This table or related slice is empty.
PostsParentIdCreationDate
1. This table or related slice is empty.
VotesPostIdCreationDate
1. This table or related slice is empty.
CommentsPostId

Querying!

Guidance

A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.