Thank you for your fast answer. I upgraded to jboss 7.1 but I still have problems. When I enterd the filter (&(racfuserid={0})(racfgroupid=XXXX)) in advanced-filter field, jboss didn't start correctly.
Here is the error report:
09:14:49,623 ERROR [org.jboss.as.controller] JBAS014601: Error booting the container: java.lang.RuntimeException: org.jboss.as.controller.persistence.ConfigurationPersistenceException: JBAS014676: Failed to parse configuration
at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:161) [jboss-as-controller-7.1.0.Final.jar:7.1.0.Final]
at java.lang.Thread.run(Thread.java:722) [rt.jar:1.7.0_02]
Caused by: org.jboss.as.controller.persistence.ConfigurationPersistenceException: JBAS014676: Failed to parse configuration
at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:125) [jboss-as-controller-7.1.0.Final.jar:7.1.0.Final]
at org.jboss.as.controller.AbstractControllerService.boot(AbstractControllerService.java:187) [jboss-as-controller-7.1.0.Final.jar:7.1.0.Final]
at org.jboss.as.server.ServerService.boot(ServerService.java:261) [jboss-as-server-7.1.0.Final.jar:7.1.0.Final]
at org.jboss.as.controller.AbstractControllerService$1.run(AbstractControllerService.java:155) [jboss-as-controller-7.1.0.Final.jar:7.1.0.Final]
... 1 more
Caused by: com.ctc.wstx.exc.WstxUnexpectedCharException: Unexpected character '(' (code 40) (expected a name start character)
at [row,col {unknown-source}]: [49,52]
at com.ctc.wstx.sr.StreamScanner.throwUnexpectedChar(StreamScanner.java:639)
at com.ctc.wstx.sr.StreamScanner.parseFullName(StreamScanner.java:1920)
at com.ctc.wstx.sr.StreamScanner.parseEntityName(StreamScanner.java:2044)
at com.ctc.wstx.sr.StreamScanner.fullyResolveEntity(StreamScanner.java:1511)
at com.ctc.wstx.sr.BasicStreamReader.parseAttrValue(BasicStreamReader.java:1902)
at com.ctc.wstx.sr.BasicStreamReader.handleNsAttrs(BasicStreamReader.java:3028)
at com.ctc.wstx.sr.BasicStreamReader.handleStartElem(BasicStreamReader.java:2926)
at com.ctc.wstx.sr.BasicStreamReader.nextFromTree(BasicStreamReader.java:2802)
at com.ctc.wstx.sr.BasicStreamReader.next(BasicStreamReader.java:1050)
at com.ctc.wstx.sr.BasicStreamReader.nextTag(BasicStreamReader.java:1125)
at org.jboss.staxmapper.XMLExtendedStreamReaderImpl.nextTag(XMLExtendedStreamReaderImpl.java:152) [staxmapper-1.1.0.Final.jar:1.1.0.Final]
at org.jboss.as.domain.management.parsing.ManagementXml.parseLdapAuthentication_1_1(ManagementXml.java:665) [jboss-as-domain-management-7.1.0.Final.jar:7.1.0.Final]
at org.jboss.as.domain.management.parsing.ManagementXml.parseAuthentication_1_1(ManagementXml.java:497) [jboss-as-domain-management-7.1.0.Final.jar:7.1.0.Final]
at org.jboss.as.domain.management.parsing.ManagementXml.parseSecurityRealm_1_1(ManagementXml.java:312) [jboss-as-domain-management-7.1.0.Final.jar:7.1.0.Final]
at org.jboss.as.domain.management.parsing.ManagementXml.parseSecurityRealms(ManagementXml.java:247) [jboss-as-domain-management-7.1.0.Final.jar:7.1.0.Final]
at org.jboss.as.domain.management.parsing.ManagementXml.parseManagement(ManagementXml.java:130) [jboss-as-domain-management-7.1.0.Final.jar:7.1.0.Final]
at org.jboss.as.server.parsing.StandaloneXml.readServerElement_1_1(StandaloneXml.java:324) [jboss-as-server-7.1.0.Final.jar:7.1.0.Final]
at org.jboss.as.server.parsing.StandaloneXml.readElement(StandaloneXml.java:126) [jboss-as-server-7.1.0.Final.jar:7.1.0.Final]
at org.jboss.as.server.parsing.StandaloneXml.readElement(StandaloneXml.java:100) [jboss-as-server-7.1.0.Final.jar:7.1.0.Final]
at org.jboss.staxmapper.XMLMapperImpl.processNested(XMLMapperImpl.java:110) [staxmapper-1.1.0.Final.jar:1.1.0.Final]
at org.jboss.staxmapper.XMLMapperImpl.parseDocument(XMLMapperImpl.java:69) [staxmapper-1.1.0.Final.jar:1.1.0.Final]
at org.jboss.as.controller.persistence.XmlConfigurationPersister.load(XmlConfigurationPersister.java:117) [jboss-as-controller-7.1.0.Final.jar:7.1.0.Final]
... 4 more
and here is my standaone.xml:
<security-realm name="LDAPMgmtSecurityRealm">
<authentication>
<ldap connection="ldap_connection" base-dn="profiletype=********,secAuthority=*******" recursive="true">
<advanced-filter filter="(&(racfuserid={0})(racfgroupid=XXXX))"/>
</ldap>
</authentication>
</security-realm>
</security-realms>
<outbound-connections>
<ldap name="ldap_connection" url="ldaps://******:636" search-dn="racfid=******,profiletype=******,secAuthority=******" search-credential="*********"/>
</outbound-connections>
<management-interfaces>
<native-interface security-realm="LDAPMgmtSecurityRealm">
<socket-binding native="management-native"/>
</native-interface>
<http-interface security-realm="LDAPMgmtSecurityRealm">
<socket-binding http="management-http"/>
</http-interface>
Everything else seems to be correct, because it works with diferent filters. I need this because I want only the users of 'admin' group to be able to connect to admin console.
Thank you very much.
PS: the Unexpected character '(' at raw,col [49,52] is the second '(' in the advanced-filter. (&(
racfuserid={0})(racfgroupid=XXXX))