You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@servicemix.apache.org by mtod <mt...@thetods.net> on 2017/01/31 22:53:14 UTC

ServiceMix 7.0 using LDAP and Webconsole

I have a ServiceMix 7.0 installed and authenticating using LDAP (Active
Directory) it seems to be working with JMS connections and the console but
when I try using the webconsole or Hawtio I get an error with the roles.
When I try to look at the groups it gives me an error (no backing engine
service registered)

See below - Thanks for the help Mike

*Ldap-module.xml*

<?xml version="1.0" encoding="UTF-8"?> 
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
           xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.0.0"
          
xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0">
   <jaas:config name="karaf" rank="2">
      <jaas:module
className="org.apache.karaf.jaas.modules.ldap.LDAPLoginModule"
flags="required">
        initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
        connection.username=CN=XXXXX Service Account,OU=Service
Accounts,DC=corp,DC=local
        connection.password=ABCDEFG
        connection.protocol=s
        connection.url=ldap://corp.local
        user.base.dn=OU=IT,OU=Domain Users,DC=corp,DC=local
        user.filter=(sAMAccountName=%u)
        user.search.subtree=true
        role.base.dn=OU=IT,OU=Domain Users,DC=corp,DC=local
        role.name.attribute=cn
        role.filter=(sAMAccountName=%u)
        role.search.subtree=true
        authentication=simple
		debug=true
      </jaas:module>
    </jaas:config>
</blueprint>	

*Log:tail*

2017-01-31 17:40:00,983 | DEBUG |  /system/console | LDAPLoginModule                 
| 116 - org.apache.karaf.jaas.modules - 4.0.8 | Get the user DN.
2017-01-31 17:40:00,983 | DEBUG |  /system/console | LDAPLoginModule                 
| 116 - org.apache.karaf.jaas.modules - 4.0.8 | Bind user (authentication).
2017-01-31 17:40:00,983 | DEBUG |  /system/console | LDAPLoginModule                 
| 116 - org.apache.karaf.jaas.modules - 4.0.8 | Set the security principal
for CN=inttest02,OU=Test Accounts,OU=IT,OU=Domain Users,DC=corp,DC=local
2017-01-31 17:40:00,983 | DEBUG |  /system/console | LDAPLoginModule                 
| 116 - org.apache.karaf.jaas.modules - 4.0.8 | Binding the user.
2017-01-31 17:40:01,037 | DEBUG |  /system/console | LDAPLoginModule                 
| 116 - org.apache.karaf.jaas.modules - 4.0.8 | User inttest02 successfully
bound.
2017-01-31 17:40:01,038 | DEBUG |  /system/console | JaasSecurityProvider            
| 252 - org.apache.karaf.webconsole.console - 4.0.8 | *Login failed
javax.security.auth.login.FailedLoginException: User does not have the
required role admin*
   
*Results from console* 

karaf@root>jaas:realm-manage --index 1
karaf@root>jaas:group-list
*Can't get the list of users (no backing engine service registered)*




--
View this message in context: http://servicemix.396122.n5.nabble.com/ServiceMix-7-0-using-LDAP-and-Webconsole-tp5724228.html
Sent from the ServiceMix - User mailing list archive at Nabble.com.