geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lu Jiang (JIRA)" <j...@apache.org>
Subject [jira] Created: (GERONIMO-4997) Can not connect to a ldap server in an anonymous way
Date Wed, 23 Dec 2009 08:11:29 GMT
Can not connect to a ldap server in an anonymous way
----------------------------------------------------

                 Key: GERONIMO-4997
                 URL: https://issues.apache.org/jira/browse/GERONIMO-4997
             Project: Geronimo
          Issue Type: Bug
      Security Level: public (Regular issues)
          Components: security
    Affects Versions: 2.1.4, 2.2
         Environment: OS:Windows XP SP2
Server: Geronimo 2.2
JDK:1.6
            Reporter: Lu Jiang
            Priority: Minor


I tried to deploy an web application which uses Apache Directory Server for user authentication.
So I created a realm file as follows and add a reference to this realm file in deploy plan

<module xmlns="http://geronimo.apache.org/xml/ns/deployment-1.2">
    <environment>
        <moduleId>
            <groupId>console.realm</groupId>
            <artifactId>testLDAP</artifactId>
            <version>1.0</version>
            <type>car</type>
        </moduleId>
        <dependencies>
            <dependency>
                <groupId>org.apache.geronimo.framework</groupId>
                <artifactId>j2ee-security</artifactId>
                <type>car</type>
            </dependency>
        </dependencies>
    </environment>
    <gbean name="testLDAP" class="org.apache.geronimo.security.realm.GenericSecurityRealm"
xsi:type="dep:gbeanType" xmlns:dep="http://geronimo.apache.org/xml/ns/deployment-1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
        <attribute name="realmName">testLDAP</attribute>
        <reference name="ServerInfo">
            <name>ServerInfo</name>
        </reference>
        <xml-reference name="LoginModuleConfiguration">
            <log:login-config xmlns:log="http://geronimo.apache.org/xml/ns/loginconfig-2.0">
                <log:login-module control-flag="REQUIRED" wrap-principals="false">
                    <log:login-domain-name>testLDAP</log:login-domain-name>
                    <log:login-module-class>org.apache.geronimo.security.realm.providers.LDAPLoginModule</log:login-module-class>
                    <log:option name="connectionURL">ldap://pages.test.com:389</log:option>
                    <log:option name="roleBase">ou=members,ou=testgroups,o=test.com</log:option>
                    <log:option name="initialContextFactory">com.sun.jndi.ldap.LdapCtxFactory</log:option>
                    <log:option name="roleName">cn</log:option>
                    <log:option name="roleSearchMatching">uniquemember={0}</log:option>
                    <log:option name="roleSearchSubtree">false</log:option>
                    <log:option name="userRoleName">uniquemember={0}</log:option>
                    <log:option name="authentication">simple</log:option>
                    <log:option name="userSearchSubtree">true</log:option>
                    <log:option name="userBase">ou=users,o=test.com</log:option>
                    <log:option name="userSearchMatching">(mail={0})</log:option>
                </log:login-module>
            </log:login-config>
        </xml-reference>
    </gbean>
</module>

It provides no connectionUsername and password ,because I intend to connect the ldap server
anonymously.
Eache time,I login the web application ,it will try to connect the Apache directory server
to authenticate users.
But a NullPointerException will always occur.
Caused by: 
java.lang.NullPointerException
	at java.util.Hashtable.put(Hashtable.java:770)
	at org.apache.geronimo.security.realm.providers.LDAPLoginModule.open(LDAPLoginModule.java:455)
	at org.apache.geronimo.security.realm.providers.LDAPLoginModule.authenticate(LDAPLoginModule.java:267)
	at org.apache.geronimo.security.realm.providers.LDAPLoginModule.login(LDAPLoginModule.java:186)
	... 28 more

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message