0 Replies Latest reply on Dec 6, 2010 3:29 PM by frontline2

    Using SPNEGO in jboss portal 2.7

    frontline2
    frontline2 Dec 6, 2010 3:29 PM

      I'm trying to figure out how to use windows authentication (spnego) in jboss portal.

      I get the spnego/kerberos stuff to work, ie. the portal logs the domain user in fine. But then I get errors related to the ldap user modules (they apparently can't get the user, or the password.)

       

      I checked eg. this old thread that discussed this:

      http://community.jboss.org/message/310947

       

      I don't know what the situation is currently for the negotiation module.

       

      I found a small tutorial for using spnego in Gatein portal, but unfortunately I can't move to it.

       

      It is apparently this part in login.config that doesn't work if not using form based authentication. How should these modules be configured to work with com.sun.security.auth.module.Krb5LoginModule (which now works for me).

      What is the module named "org.jboss.security.negotiation.spnego.SPNEGOLoginModule", I really didn't see how it fits in all this.

       

      <login-module code="org.jboss.portal.identity.auth.IdentityLoginModule" flag="optional">
                     <module-option name="unauthenticatedIdentity">guest</module-option>
                     <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
                     <module-option name="roleModuleJNDIName">java:/portal/RoleModule</module-option>
                     <module-option name="userProfileModuleJNDIName">java:/portal/UserProfileModule</module-option>
                     <module-option name="membershipModuleJNDIName">java:/portal/MembershipModule</module-option>
                     <module-option name="additionalRole">Authenticated</module-option>
                  <module-option name="password-stacking">useFirstPass</module-option>
                  </login-module>

      • 1995 Views
      • Tags: