Quantcast

ServiceMix 7.0 using LDAP and Webconsole

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

ServiceMix 7.0 using LDAP and Webconsole

mtod
I have a ServiceMix 7.0 installed and authenticating using LDAP (Active Directory) it seems to be working with JMS connections and the console but when I try using the webconsole or Hawtio I get an error with the roles. When I try to look at the groups it gives me an error (no backing engine service registered)

See below - Thanks for the help Mike

Ldap-module.xml

<?xml version="1.0" encoding="UTF-8"?>
<blueprint xmlns="http://www.osgi.org/xmlns/blueprint/v1.0.0"
           xmlns:jaas="http://karaf.apache.org/xmlns/jaas/v1.0.0"
           xmlns:ext="http://aries.apache.org/blueprint/xmlns/blueprint-ext/v1.0.0">
   <jaas:config name="karaf" rank="2">
      <jaas:module className="org.apache.karaf.jaas.modules.ldap.LDAPLoginModule" flags="required">
        initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
        connection.username=CN=XXXXX Service Account,OU=Service Accounts,DC=corp,DC=local
        connection.password=ABCDEFG
        connection.protocol=s
        connection.url=ldap://corp.local
        user.base.dn=OU=IT,OU=Domain Users,DC=corp,DC=local
        user.filter=(sAMAccountName=%u)
        user.search.subtree=true
        role.base.dn=OU=IT,OU=Domain Users,DC=corp,DC=local
        role.name.attribute=cn
        role.filter=(sAMAccountName=%u)
        role.search.subtree=true
        authentication=simple
                debug=true
      </jaas:module>
    </jaas:config>
</blueprint>       

Log:tail

2017-01-31 17:40:00,983 | DEBUG |  /system/console | LDAPLoginModule                  | 116 - org.apache.karaf.jaas.modules - 4.0.8 | Get the user DN.
2017-01-31 17:40:00,983 | DEBUG |  /system/console | LDAPLoginModule                  | 116 - org.apache.karaf.jaas.modules - 4.0.8 | Bind user (authentication).
2017-01-31 17:40:00,983 | DEBUG |  /system/console | LDAPLoginModule                  | 116 - org.apache.karaf.jaas.modules - 4.0.8 | Set the security principal for CN=inttest02,OU=Test Accounts,OU=IT,OU=Domain Users,DC=corp,DC=local
2017-01-31 17:40:00,983 | DEBUG |  /system/console | LDAPLoginModule                  | 116 - org.apache.karaf.jaas.modules - 4.0.8 | Binding the user.
2017-01-31 17:40:01,037 | DEBUG |  /system/console | LDAPLoginModule                  | 116 - org.apache.karaf.jaas.modules - 4.0.8 | User inttest02 successfully bound.
2017-01-31 17:40:01,038 | DEBUG |  /system/console | JaasSecurityProvider             | 252 - org.apache.karaf.webconsole.console - 4.0.8 | Login failed
javax.security.auth.login.FailedLoginException: User does not have the required role admin

   
Results from console 

karaf@root>jaas:realm-manage --index 1
karaf@root>jaas:group-list
Can't get the list of users (no backing engine service registered)
Loading...