问题
I want to develop a simple java web application with JBoss 7 server to enable login from username/password entered by the user and authenticate with ldap.
So this is what i wrote in web.xml placed in WEB-INF/
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Enter user name and password</realm-name>
</login-config>
then added jboss-web.xml in same folder
<?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<security-domain>java:/jaas/website-domain</security-domain>
</jboss-web>
Then I added the website-domain realm in standalone.xml
<security-domain name="website-domain" cache-type="default">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="java.naming.provider.url" value="ldap://localhost:10389"/>
<module-option name="bindDN" value="ou=people,dc=mycompany,dc=com" />
<module-option name="bindCredential" value="shad"/>
<module-option name="allowEmptyPasswords" value="false"/>
<module-option name="Context.REFERRAL" value="follow"/>
<module-option name="throwValidateError" value="true"/>
<module-option name="allowEmptyPasswords" value="true"/>
</login-module>
</authentication>
</security-domain>
So how the username and password entered will be sent to these modules ? Or do I have to write a custom JAAS realm ? Is their any working example you guys can share me??
回答1:
Your webapp needs to point to your security domain website-domain by adding a line in WEB-INF/jboss-web.xml
<security-domain flushOnSessionInvalidation="true">java:/jaas/website-domain</security-domain>
I believe in Jboss 7 you need to only specify website-domain (no java:/jaas/ prefix)
回答2:
I wrote a post in portuguese...
http://jbossdivers.wordpress.com/2012/02/12/utilizando-ldap-login-module-no-jboss-as-7-1/
来源:https://stackoverflow.com/questions/10015462/ldap-authentication-with-jboss-7