1 2 Previous Next 25 Replies Latest reply: Feb 23, 2007 4:29 PM by Gyanendra Hyoju Go to original post RSS
  • 15. Re: Custom Login Module
    Viet Master

    You don't have to implement all methods actually. Some are only used by UserPortlet and RolePortlet.

  • 16. Re: Custom Login Module
    Daniel Wasser Newbie

    Which methods are needed by the portalserver? The UserModule Interface enforces me to implement all methods like createUser, removeUser or getUserCount. My identity provider doesn't support these features.

  • 17. Re: Custom Login Module
    Viet Master

    as far as I remember : findUserByName(String userName).

    the rest can throw new UnsupportedOperationException() as it is only used by the user management portlet.

  • 18. Re: Custom Login Module
    Daniel Wasser Newbie

    Thanks, and greets to Mr.Effing :)

  • 19. Re: Custom Login Module
    David Bell Newbie

    How is the preferences stuff going to work if the users are not in the portal's own database?

    I am trying to implement a UserModule but have found it requires the 'getPreferencesGroup' to be implemented too.

    Any advice how I can work round this.

    Many thanks.

  • 20. Re: Custom Login Module
    Viet Master

    this is true in 2.2 but not in 2.4.

    in 2.2, the user would not considered as having preferences per portlet.

    in 2.4, normally only a non null user id is necessary.

  • 21. Re: Custom Login Module
    raghu raghu Newbie

    JBoss AS 4.0.3SP1
    JBoss Portal 2.2
    mySQL 4.1
    OpenLDAP

    Bascially, i am trying for authenication and authorization by using portal through LDAP.

    I had gone through this the above appoach and made the following changes.

    1) update the login-config.xml (given below)

    <application-policy name="portal">

    <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="requisite">
    <module-option name="password-stacking">useFirstPass</module-option>
    <module-option name="java.naming.factory.initial">com.sun.jndi.ldap.LdapCtxFactory</module-option>
    <module-option name="java.naming.provider.url">ldap://testserver-09:389/</module-option>

    <module-option name="java.naming.security.authentication">simple</module-option>

    <module-option name="java.naming.security.principal">cn=ldapadmin,ou=famie,dc=org,dc=com</module-option>
    <module-option name="java.naming.security.credentials">ldap123</module-option>

    <module-option name="principalDNPrefix">uid=</module-option>
    <module-option name="principalDNSuffix">,ou=People,ou=famie,dc=org,dc=com</module-option>

    <module-option name="rolesCtxDN">ou=Roles,dc=org,dc=com</module-option>
    <module-option name="uidAttributeID">uniqueMember</module-option>
    <module-option name="matchOnUserDN">true</module-option>
    <module-option name="roleAttributeID">cn</module-option>
    <module-option name="roleAttributeIsDN">false</module-option>
    <module-option name="searchTimeLimit">5000</module-option>
    <module-option name="searchScope">SUBTREE_SCOPE</module-option>
    <module-option name="defaultRole">Authenticated</module-option>
    </login-module>
    <login-module code="org.jboss.portal.core.security.jaas.ExtModelLoginModule" flag="required">
    <module-option name="unauthenticatedIdentity">guest</module-option>
    <module-option name="hashAlgorithm">MD5</module-option>
    <module-option name="hashEncoding">HEX</module-option>
    <module-option name="userModuleJNDIName">java:/portal/UserModule</module-option>
    <module-option name="additionalRole">Authenticated</module-option>
    <module-option name="password-stacking">useFirstPass</module-option>
    </login-module>

    </application-policy>


    so, basically first login-module is for aunthentication of the users at LDAP.
    second login-module is for portal database.


    2) I used the custom class ExtModelLoginModule and which was update in the login-config.xml

    so, i compiled the portal source code and deployed in the JBoss AS 4.0.3SP1

    Case 1:
    ---------
    If I enter a userid and password which are existing in LDAP and also userid present in the portal database, I am getting the portal screens.

    Case 2:
    ----------

    now, if I enter a userid and password which are existing in LDAP and not in portal database, I am getting an error page saying that "Login Failed!
    --Sorry, your username and/or password could not be verified."

    so, basically, here also authentication from LDAP is success and now when processing the second login-module, i hope it is getting the problem.

    And I checked in the log files, i couldnt see any errors even.

    my Questions are:

    1) Has I missed anywhere in the steps which I have to follow in the above procedure??

    2) I gave some loggers with TRACE in the class ExtModelLoginModule extends org.jboss.portal.core.security.jaas.ModelLoginModule which was given given in this forum and also changed the log4j.xml file present in the JBOSS_HOME\server\default\conf folder with



    <appender-ref ref="jBossLdapLog"/>














    so, i could see a separate log file (jBossLdap.log) was created but i couldnt see the loggers

    Can I know, where I made mistakes??



    with regards,
    Raghuram




  • 22. Re: Custom Login Module
    raghu raghu Newbie

    hi sorry, bad paste in the ealier question which I posted some how got missed.

    This is with respective to the logger which I changed in the log4j.xml.



    <appender-ref ref="jBossLdapLog"/>













    with regards,
    RaghuRam.

  • 23. Re: Custom Login Module
    darren hartford Expert

    Hi RaghuRam,
    It's been a while and I no longer actively using the ExtModelLoginModule (it was for proof-of-concept for a project that didn't take off). However, case 1 and case 2 do sound familiar - it is working 'as expected', although not 'as intended'.

    I don't recall if I managed to work around the problem with portal, but I know with some other projects I had to do an 'autocreate default user' approach in-the-application for when:

    *authentication from the security system succeeds

    *but the user does not have an appropriate role for authorization in the application system. In this scenario, jboss-portal is the application system excepting a role (which could simply be that the uid/username exists in its database).

    Although I don't have a workaround at my fingertips, hopefully this information will be useful!

    -D


  • 24. Re: Custom Login Module
    Jose Pedro Pereira Newbie

    explicitly to KeV (ricewind23):

    I've found a wiki page describing Ldap Auth by changing RoleModule and UserModule to an LDAP based ones... but I can't find the source code for these anywhere... Could you please indicate us the location of this code? And to what portal version will it apply?

    Tks
    JPereira

  • 25. Re: Custom Login Module
    Gyanendra Hyoju Newbie

    Hi,

    I am using JBOSS 4.0.5 and Portal 2.4.1. Where will I find the jar with the class org.jboss.portal.core.security.jaas.ModelLoginModule.

    Thank you very much.

1 2 Previous Next