Is there a [b]working[/b] example of Windows Authentication with GlassFish 2.1?
I have a simple web application that shows a login form and when it submits the user (myuser) and password, I´m getting this error in the GlassFish console:
[i]SEC5046: Audit: Authentication refused for [myuser].
Web login failed: Login failed: javax.security.auth.login.LoginException: javax.security.auth.login.LoginException: User myuser not found.[/i]
[b]The LDAP Server:[/b]
I tested the web app with Firefox 3.5.5 in a Windows XP and I used an Active Directory in a Virtual Machine with Windows Server 2003 Standard Edition.
If I run "dsquery user" in the Win2003 server I can see my user like this:
"CN=myuser,CN=Users,DC=mydomain,DC=com"
And If I run "dsquery group" I can see the group my user belongs to like this:
"CN=mygroup,CN=Users,DC=mydomain,DC=com"
[b]The web server:[/b]
In my Windows XP, I ran GlassFish and I created a realm in its admin console with this parameters:
Name: MyRealm
Class Name: com.sun.enterprise.security.auth.realm.ldap.LDAPRealm
JAAS Context: ldapRealm
Directory: ldap://192.168.1.96:389
Base DN: CN=mygroup,CN=Users,DC=mydomain,DC=com
search-bind-dn: CN=administrator,CN=Users,DC=mydomain,DC=com
search-bind-password: ***
search-filter: (&(objectClass=user)(sAMAccountName=%s))
group-search-filter: (&(objectClass=group)(member=%d))
[b]The test web application:[/b]
I created the web app in NetBeans 6.7.1 with this parameters:
Server: GlassFish v2.1
Java EE Version: Java EE 5
Frameworks: None
The app has a index.jsp, login.jsp and loginError.jsp.
[b]The login page has this form:[/b]
[i] <form action="j_security_check" method="POST">
Username:<input type="text" name="j_username"><br>
Password:<input type="password" name="j_password">
<input type="submit" value="Login">
</form>[/i]
[b]The web.xml file is:[/b]
[i]<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.5" xmlns="
http://java.sun.com/xml/ns/javaee" xmlns:xsi="
http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="
http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<security-constraint>
<display-name>MyConstraint</display-name>
<web-resource-collection>
<web-resource-name>All</web-resource-name>
<description/>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>myRole</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>MyRealm</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginError.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<description/>
<role-name>myRole</role-name>
</security-role>
</web-app>[/i]
[b]The sun-web.xml file is:[/b]
[i]<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 Servlet 2.5//EN" "
http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd">
<sun-web-app error-url="">
<context-root>/WebApplicationForum</context-root>
<security-role-mapping>
<role-name>myRole</role-name>
<principal-name>myRole</principal-name>
</security-role-mapping>
<class-loader delegate="true"/>
<jsp-config>
<property name="keepgenerated" value="true">
<description>Keep a copy of the generated servlet class' java code.</description>
</property>
</jsp-config>
</sun-web-app>[/i]
[b]Any ideas about what is causing the error at the begining of this post and its solution?[/b]
[Message sent by forum member 'dllopredisoft' (dllopredisoft_at_gmail.com)]
http://forums.java.net/jive/thread.jspa?messageID=371304