mtod
2017-01-31 22:53:14 UTC
I have a ServiceMix 7.0 installed and authenticating using LDAP (Active
Directory) it seems to be working with JMS connections and the console but
when I try using the webconsole or Hawtio I get an error with the roles.
When I try to look at the groups it gives me an error (no backing engine
service registered)
See below - Thanks for the help Mike
*Ldap-module.xml*
<?xml version="1.0" encoding="UTF-8"?>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.0.0"
xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0">
<jaas:config name="karaf" rank="2">
<jaas:module
className="org.apache.karaf.jaas.modules.ldap.LDAPLoginModule"
flags="required">
initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
connection.username=CN=XXXXX Service Account,OU=Service
Accounts,DC=corp,DC=local
connection.password=ABCDEFG
connection.protocol=s
connection.url=ldap://corp.local
user.base.dn=OU=IT,OU=Domain Users,DC=corp,DC=local
user.filter=(sAMAccountName=%u)
user.search.subtree=true
role.base.dn=OU=IT,OU=Domain Users,DC=corp,DC=local
role.name.attribute=cn
role.filter=(sAMAccountName=%u)
role.search.subtree=true
authentication=simple
debug=true
</jaas:module>
</jaas:config>
</blueprint>
*Log:tail*
2017-01-31 17:40:00,983 | DEBUG | /system/console | LDAPLoginModule
| 116 - org.apache.karaf.jaas.modules - 4.0.8 | Get the user DN.
2017-01-31 17:40:00,983 | DEBUG | /system/console | LDAPLoginModule
| 116 - org.apache.karaf.jaas.modules - 4.0.8 | Bind user (authentication).
2017-01-31 17:40:00,983 | DEBUG | /system/console | LDAPLoginModule
| 116 - org.apache.karaf.jaas.modules - 4.0.8 | Set the security principal
for CN=inttest02,OU=Test Accounts,OU=IT,OU=Domain Users,DC=corp,DC=local
2017-01-31 17:40:00,983 | DEBUG | /system/console | LDAPLoginModule
| 116 - org.apache.karaf.jaas.modules - 4.0.8 | Binding the user.
2017-01-31 17:40:01,037 | DEBUG | /system/console | LDAPLoginModule
| 116 - org.apache.karaf.jaas.modules - 4.0.8 | User inttest02 successfully
bound.
2017-01-31 17:40:01,038 | DEBUG | /system/console | JaasSecurityProvider
| 252 - org.apache.karaf.webconsole.console - 4.0.8 | *Login failed
javax.security.auth.login.FailedLoginException: User does not have the
required role admin*
*Results from console*
***@root>jaas:realm-manage --index 1
***@root>jaas:group-list
*Can't get the list of users (no backing engine service registered)*
--
View this message in context: http://servicemix.396122.n5.nabble.com/ServiceMix-7-0-using-LDAP-and-Webconsole-tp5724228.html
Sent from the ServiceMix - User mailing list archive at Nabble.com.
Directory) it seems to be working with JMS connections and the console but
when I try using the webconsole or Hawtio I get an error with the roles.
When I try to look at the groups it gives me an error (no backing engine
service registered)
See below - Thanks for the help Mike
*Ldap-module.xml*
<?xml version="1.0" encoding="UTF-8"?>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.0.0"
xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0">
<jaas:config name="karaf" rank="2">
<jaas:module
className="org.apache.karaf.jaas.modules.ldap.LDAPLoginModule"
flags="required">
initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
connection.username=CN=XXXXX Service Account,OU=Service
Accounts,DC=corp,DC=local
connection.password=ABCDEFG
connection.protocol=s
connection.url=ldap://corp.local
user.base.dn=OU=IT,OU=Domain Users,DC=corp,DC=local
user.filter=(sAMAccountName=%u)
user.search.subtree=true
role.base.dn=OU=IT,OU=Domain Users,DC=corp,DC=local
role.name.attribute=cn
role.filter=(sAMAccountName=%u)
role.search.subtree=true
authentication=simple
debug=true
</jaas:module>
</jaas:config>
</blueprint>
*Log:tail*
2017-01-31 17:40:00,983 | DEBUG | /system/console | LDAPLoginModule
| 116 - org.apache.karaf.jaas.modules - 4.0.8 | Get the user DN.
2017-01-31 17:40:00,983 | DEBUG | /system/console | LDAPLoginModule
| 116 - org.apache.karaf.jaas.modules - 4.0.8 | Bind user (authentication).
2017-01-31 17:40:00,983 | DEBUG | /system/console | LDAPLoginModule
| 116 - org.apache.karaf.jaas.modules - 4.0.8 | Set the security principal
for CN=inttest02,OU=Test Accounts,OU=IT,OU=Domain Users,DC=corp,DC=local
2017-01-31 17:40:00,983 | DEBUG | /system/console | LDAPLoginModule
| 116 - org.apache.karaf.jaas.modules - 4.0.8 | Binding the user.
2017-01-31 17:40:01,037 | DEBUG | /system/console | LDAPLoginModule
| 116 - org.apache.karaf.jaas.modules - 4.0.8 | User inttest02 successfully
bound.
2017-01-31 17:40:01,038 | DEBUG | /system/console | JaasSecurityProvider
| 252 - org.apache.karaf.webconsole.console - 4.0.8 | *Login failed
javax.security.auth.login.FailedLoginException: User does not have the
required role admin*
*Results from console*
***@root>jaas:realm-manage --index 1
***@root>jaas:group-list
*Can't get the list of users (no backing engine service registered)*
--
View this message in context: http://servicemix.396122.n5.nabble.com/ServiceMix-7-0-using-LDAP-and-Webconsole-tp5724228.html
Sent from the ServiceMix - User mailing list archive at Nabble.com.