68453

Jetty LdapLoginModule: Login Failure: all modules ignored

Question:

I'm getting the below on trying to submit a login form. Does anyone know what causes this? Thanks.

2012-10-13 13:11:46.300:INFO:oejpjs.LdapLoginModule:Searching for users with filter: '(&(objectClass={0})({1}={2}))' from base dn: ou=people,dc=my-domain,dc=com 2012-10-13 13:11:46.307:INFO:oejpjs.LdapLoginModule:Found user?: true 2012-10-13 13:11:46.311:WARN:oejpj.JAASLoginService: javax.security.auth.login.LoginException: Login Failure: all modules ignored at javax.security.auth.login.LoginContext.invoke(LoginContext.java:921) at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186) at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) at javax.security.auth.login.LoginContext.login(LoginContext.java:579) at org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:238) at org.eclipse.jetty.security.authentication.FormAuthenticator.validateRequest(FormAuthenticator.java:209) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:491) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1072) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:382) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1006) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255) at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) at org.eclipse.jetty.server.Server.handle(Server.java:365) at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:485) at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:937) at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:998) at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:856) at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240) at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:627) at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:51) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608) at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543) at java.lang.Thread.run(Thread.java:680)

FWIW this is some of the peripheral configuration:

jetty.xml:

<?xml version="1.0"?> <Configure> <Call name="addBean"> <Arg> <New class="org.eclipse.jetty.plus.jaas.JAASLoginService"> <Set name="name">ldap</Set> <Set name="loginModuleName">ldaploginmodule</Set> </New> </Arg> </Call> </Configure>

ldap.conf:

ldaploginmodule { org.eclipse.jetty.plus.jaas.spi.LdapLoginModule required debug="true" contextFactory="com.sun.jndi.ldap.LdapCtxFactory" hostname="localhost" port="389" bindDn="cn=Manager,dc=my-domain,dc=com" bindPassword="secret" authenticationMethod="simple" forceBindingLogin="false" userBaseDn="ou=people,dc=my-domain,dc=com" userRdnAttribute="uid" userIdAttribute="uid" userPasswordAttribute="userPassword" userObjectClass="inetOrgPerson" roleBaseDn="ou=groups,dc=my-domain,dc=com" roleNameAttribute="cn" roleMemberAttribute="uniqueMember" roleObjectClass="groupOfUniqueNames"; };

Answer1:

I was having the exact same problem. The fix I found <a href="http://dev.eclipse.org/mhonarc/lists/jetty-users/msg00398.html" rel="nofollow">here</a>, is to change the forceBindingLogin to "true", in the ldap.conf.

I wish I had a clear explanation for this :-(

Answer2:

Did you follow the instructions here exactly?

<a href="http://wiki.eclipse.org/Jetty/Feature/JAAS" rel="nofollow">http://wiki.eclipse.org/Jetty/Feature/JAAS</a>

one quick difference is:

<Set name="[L]oginModuleName">ldaploginmodule</Set>

also, did you use the proper cli option pointing to the actual location of the file?

-Djava.security.auth.login.config=ldap.conf

Recommend

  • accessing /gcm-demo/sendAll. Reason: HTTP Status Code: 401
  • Dangerous Request.Cookies value was detected from the client
  • How to write the position (x,y) of the object being tracked into text file?
  • How Can I Run a Regex that Tests Text for Characters in a Particular Alphabet or Script?
  • comparing files and writing only matching patterns, perl or awk?
  • and not working
  • In Android, When I Play Audio and go to other activity, audio doesn't stop after coming back
  • How can I get the tinymce HTML content from within a C# ASP.Net application?
  • Linking error “undefined reference” about boost static library during compiling
  • creating variable names from an array list
  • security.AccessControlException Error
  • pass parameters from servlet to jsp page
  • EL in a JSP stopped evaluating
  • How to avoid downloading schema file from internet during spring initialization
  • resteasy-cdi - getting “Duplicate context initialization parameter resteasy.injector.factory” error
  • java.lang.NoClassDefFoundError for org/springframework/aop/framework/AbstractAdvisingBeanPostProcess
  • Jersey REST api multiple resources
  • How do I chomp a string if I have Perl 4?
  • How can I configure HTTP Response Headers in a Struts2 Interceptor?
  • Type mismatch: cannot convert from Connection to Connection
  • Extjs, handling success or failure when doing a standard submit in a form
  • jersey/tomcat Description The origin server did not find a current representation for the target res
  • HttpClient: disabling chunked encoding
  • Struts 2 TextField Tag with an attribute and no value
  • SQLite connection strategies
  • Assign variable to the value in HTML
  • How can I extract results of aggregate queries in slick?
  • x64 applications using gdi+: what are the consequences on performance?
  • Django rest serializer Breaks when data exists
  • How to rebase a series of branches?
  • Debugging ASP.NET on a built-in web server suddenly stops
  • Is there any way to access browser form field suggestions from JavaScript?
  • Azure Cloud Service Web Role web pages do not load
  • Resize panoramic image to fixed size
  • Volusion's generic SQL folder, functionality
  • what is the difference between the asp.net mvc application and asp.net web application
  • InvalidAuthenticityToken between subdomains when logging in with Rails app
  • How do you join a server to an Active Directory (domain)?
  • coudnt use logback because of log4j
  • How to get NHibernate ISession to cache entity not retrieved by primary key