Hello Everyone,
I've been reading the Core JavaServer Faces 2nd Edition book, and I've been trying to get a JSF Webapp to verify login via openldap. The source is straight from the book and Iam using the openldap and application server that the book is using but for some reason whenever I try to login via the JSF Webapp, Authentication fails and I get this error in my glassfish logs:
[b]Apr 4, 2008 1:16:06 AM com.sun.enterprise.security.auth.LoginContextDriver doPasswordLogin
INFO: SEC5046: Audit: Authentication refused for [nmatrix9].
Apr 4, 2008 1:16:06 AM com.sun.web.security.RealmAdapter authenticate
WARNING: Web login failed: Login failed: javax.security.auth.login.LoginException: javax.security.auth.login.LoginException: LDAP bind failed for uid=nmatrix9,ou=people,dc=corejsf,dc=com.
[/b]
I've verfied that the ldap server is running via a ldap browser GQ, I've also set up the Realms openldap with these settings And that the the nodes uid=nmatrix9,ou=people,dc=corejsf,dc=com
actually exist via the ldap browser.
Name: Open Ldap
Class Name: com.sun.enterprise.security.auth.realm.ldap.LDAPRealm
I've also used
com.sun.enterprise.security.auth.realm.file.FileRealm
(but I for key file: I just made up a name)
JAAS context: ldapRealm
directory: ldap://localhost:389
base-dn: ou=people,dc=corejsf,dc=com
jaas-context: ldapRealm
search-bind-dn: cn=Manager,dc=corejsf,dc=com
search-bind-password: password
search-filter: uid=%s
group-base-dn: ou=groups,dc=corejsf,dc=com
group-target: cn
group-search-filter: uniqueMember=%d
My Web.xml
<?xml version="1.0"?>
<web-app xmlns="
http://java.sun.com/xml/ns/javaee"
xmlns:xsi="
http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
version="2.5">
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.faces</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Pages</web-resource-name>
<url-pattern>/protected/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>registereduser</role-name>
<role-name>invitedguest</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>LDAPREALM</realm-name>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/noauth.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>registereduser</role-name>
</security-role>
<security-role>
<role-name>invitedguest</role-name>
</security-role>
</web-app>
[Message sent by forum member 'xyonanexus' (xyonanexus)]
http://forums.java.net/jive/thread.jspa?messageID=267689