1 2 Previous Next 25 Replies Latest reply on Feb 23, 2007 4:29 PM by ghyoju Go to original post
      • 15. Re: Custom Login Module

        You don't have to implement all methods actually. Some are only used by UserPortlet and RolePortlet.

        • 16. Re: Custom Login Module
          kosmi

          Which methods are needed by the portalserver? The UserModule Interface enforces me to implement all methods like createUser, removeUser or getUserCount. My identity provider doesn't support these features.

          • 17. Re: Custom Login Module

            as far as I remember : findUserByName(String userName).

            the rest can throw new UnsupportedOperationException() as it is only used by the user management portlet.

            • 18. Re: Custom Login Module
              kosmi

              Thanks, and greets to Mr.Effing :)

              • 19. Re: Custom Login Module
                dibell

                How is the preferences stuff going to work if the users are not in the portal's own database?

                I am trying to implement a UserModule but have found it requires the 'getPreferencesGroup' to be implemented too.

                Any advice how I can work round this.

                Many thanks.

                • 20. Re: Custom Login Module

                  this is true in 2.2 but not in 2.4.

                  in 2.2, the user would not considered as having preferences per portlet.

                  in 2.4, normally only a non null user id is necessary.

                  • 21. Re: Custom Login Module
                    raghuram11

                    JBoss AS 4.0.3SP1
                    JBoss Portal 2.2
                    mySQL 4.1
                    OpenLDAP

                    Bascially, i am trying for authenication and authorization by using portal through LDAP.

                    I had gone through this the above appoach and made the following changes.

                    1) update the login-config.xml (given below)

                    <application-policy name="portal">

                    <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="requisite">
                    <module-option name="password-stacking">useFirstPass</module-option>
                    <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
                    <module-option name="java.naming.provider.url">ldap://testserver-09:389/</module-option>

                    <module-option name="java.naming.security.authentication">simple</module-option>

                    <module-option name="java.naming.security.principal">cn=ldapadmin,ou=famie,dc=org,dc=com</module-option>
                    <module-option name="java.naming.security.credentials">ldap123</module-option>

                    <module-option name="principalDNPrefix">uid=</module-option>
                    <module-option name="principalDNSuffix">,ou=People,ou=famie,dc=org,dc=com</module-option>

                    <module-option name="rolesCtxDN">ou=Roles,dc=org,dc=com</module-option>
                    <module-option name="uidAttributeID">uniqueMember</module-option>
                    <module-option name="matchOnUserDN">true</module-option>
                    <module-option name="roleAttributeID">cn</module-option>
                    <module-option name="roleAttributeIsDN">false</module-option>
                    <module-option name="searchTimeLimit">5000</module-option>
                    <module-option name="searchScope">SUBTREE_SCOPE</module-option>
                    <module-option name="defaultRole">Authenticated</module-option>
                    </login-module>
                    <login-module code="org.jboss.portal.core.security.jaas.ExtModelLoginModule" flag="required">
                    <module-option name="unauthenticatedIdentity">guest</module-option>
                    <module-option name="hashAlgorithm">MD5</module-option>
                    <module-option name="hashEncoding">HEX</module-option>
                    <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
                    <module-option name="additionalRole">Authenticated</module-option>
                    <module-option name="password-stacking">useFirstPass</module-option>
                    </login-module>

                    </application-policy>


                    so, basically first login-module is for aunthentication of the users at LDAP.
                    second login-module is for portal database.


                    2) I used the custom class ExtModelLoginModule and which was update in the login-config.xml

                    so, i compiled the portal source code and deployed in the JBoss AS 4.0.3SP1

                    Case 1:
                    ---------
                    If I enter a userid and password which are existing in LDAP and also userid present in the portal database, I am getting the portal screens.

                    Case 2:
                    ----------

                    now, if I enter a userid and password which are existing in LDAP and not in portal database, I am getting an error page saying that "Login Failed!
                    --Sorry, your username and/or password could not be verified."

                    so, basically, here also authentication from LDAP is success and now when processing the second login-module, i hope it is getting the problem.

                    And I checked in the log files, i couldnt see any errors even.

                    my Questions are:

                    1) Has I missed anywhere in the steps which I have to follow in the above procedure??

                    2) I gave some loggers with TRACE in the class ExtModelLoginModule extends org.jboss.portal.core.security.jaas.ModelLoginModule which was given given in this forum and also changed the log4j.xml file present in the JBOSS_HOME\server\default\conf folder with



                    <appender-ref ref="jBossLdapLog"/>














                    so, i could see a separate log file (jBossLdap.log) was created but i couldnt see the loggers

                    Can I know, where I made mistakes??



                    with regards,
                    Raghuram




                    • 22. Re: Custom Login Module
                      raghuram11

                      hi sorry, bad paste in the ealier question which I posted some how got missed.

                      This is with respective to the logger which I changed in the log4j.xml.



                      <appender-ref ref="jBossLdapLog"/>













                      with regards,
                      RaghuRam.

                      • 23. Re: Custom Login Module
                        dhartford

                        Hi RaghuRam,
                        It's been a while and I no longer actively using the ExtModelLoginModule (it was for proof-of-concept for a project that didn't take off). However, case 1 and case 2 do sound familiar - it is working 'as expected', although not 'as intended'.

                        I don't recall if I managed to work around the problem with portal, but I know with some other projects I had to do an 'autocreate default user' approach in-the-application for when:

                        *authentication from the security system succeeds

                        *but the user does not have an appropriate role for authorization in the application system. In this scenario, jboss-portal is the application system excepting a role (which could simply be that the uid/username exists in its database).

                        Although I don't have a workaround at my fingertips, hopefully this information will be useful!

                        -D


                        • 24. Re: Custom Login Module
                          sunnymoon

                          explicitly to KeV (ricewind23):

                          I've found a wiki page describing Ldap Auth by changing RoleModule and UserModule to an LDAP based ones... but I can't find the source code for these anywhere... Could you please indicate us the location of this code? And to what portal version will it apply?

                          Tks
                          JPereira

                          • 25. Re: Custom Login Module
                            ghyoju

                            Hi,

                            I am using JBOSS 4.0.5 and Portal 2.4.1. Where will I find the jar with the class org.jboss.portal.core.security.jaas.ModelLoginModule.

                            Thank you very much.

                            1 2 Previous Next