javax.security.auth.login.LoginException: User not found.
at com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule.findUser(JettyCachingLdapLoginModule.java:799)
at com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule.bindingLogin(JettyCachingLdapLoginModule.java:750)
at com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule.authenticate(JettyCachingLdapLoginModule.java:667)
at com.dtolabs.rundeck.jetty.jaas.JettyCombinedLdapLoginModule.login(JettyCombinedLdapLoginModule.java:145)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at javax.security.auth.login.LoginContext.invoke(Unknown Source)
multiauth {
com.dtolabs.rundeck.jetty.jaas.JettyCombinedLdapLoginModule required
debug="true"
contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
providerUrl="..."
bindDn="..."
bindPassword="..."
authenticationMethod="simple"
forceBindingLogin="true"
userBaseDn="..."
userRdnAttribute="uid"
userIdAttribute="uid"
userPasswordAttribute="userPassword"
userObjectClass="inetOrgPerson"
roleBaseDn="..."
roleNameAttribute="cn"
roleMemberAttribute="objectClass"
roleUsernameMemberAttribute="cn"
roleObjectClass="groupOfNames"
roleSearchSubtree="true"
ignoreRoles="true"
storePass="true"
clearPass="true"
useFirstPass="false"
tryFirstPass="false"
supplementalRoles="user";
org.rundeck.jaas.jetty.JettyRolePropertyFileLoginModule required
debug="true"
useFirstPass="true"
file="/path/to/realm.properties";
};
admin:admin,user,admin
ldapuserid:-,user,admin
com.dtolabs.rundeck.jetty.jaas.JettyCombinedLdapLoginModule required
org.rundeck.jaas.jetty.JettyRolePropertyFileLoginModule required
You have both modules set as required. H
ave you tried setting the ldap module to "sufficient"? (i am basing this from
http://rundeck.org/docs/administration/authenticating-users.html#multiple-authentication-modules )
-Darren
--
You received this message because you are subscribed to the Google Groups "rundeck-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rundeck-discu...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rundeck-discuss/e75578fa-debc-4764-8b28-0da1918ed3cf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
javax.security.auth.login.LoginException: User not found.
at com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule.findUser(JettyCachingLdapLoginModule.java:799)
at com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule.bindingLogin(JettyCachingLdapLoginModule.java:750)
at com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule.authenticate(JettyCachingLdapLoginModule.java:667)
at com.dtolabs.rundeck.jetty.jaas.JettyCombinedLdapLoginModule.login(JettyCombinedLdapLoginModule.java:145)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
You have no authorized access to projects.
Contact your administrator. (User roles: user)
JettyRolePropertyFileLoginModule
:
This module does not authenticate, and requires thatuseFirstPass
ortryFirstPass
is set totrue
, and that a previous module hasstorePass
set totrue
.It then looks the username up in the Properties file, and applies any roles for the matching user, if found."
org.eclipse.jetty.plus.jaas.spi.PropertyFileLoginModule"
might be what you need.JettyCombinedLdapLoginModule
-> optionalPropertyFileLoginModule
-> sufficientJettyRolePropertyFileLoginModule
-> required
To view this discussion on the web visit https://groups.google.com/d/msgid/rundeck-discuss/cbb4ce79-637e-4c88-b149-4603bdff9e50%40googlegroups.com.
JettyCombinedLdapLoginModule
-> optionalPropertyFileLoginModule
-> sufficientstorePass true
JettyRolePropertyFileLoginModule
-> requiredmultiauth {
org.eclipse.jetty.plus.jaas.spi.PropertyFileLoginModule sufficient
debug="true"
file="/path/to/realm.properties";
com.dtolabs.rundeck.jetty.jaas.JettyCombinedLdapLoginModule required
debug="true"
contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
providerUrl="ldap://ldap.mysite.com:389/"
bindDn="cn=admin,ou=datacenter,o=auth"
bindPassword="*********"
authenticationMethod="simple"
forceBindingLogin="true"
userBaseDn="ou=users,ou=users,o=auth"
userRdnAttribute="uid"
userIdAttribute="uid"
userPasswordAttribute="userPassword"
userObjectClass="inetOrgPerson"
roleBaseDn="ou=UNIX,ou=DATACENTER,o=AUTH"
roleNameAttribute="cn"
roleMemberAttribute="objectClass"
roleUsernameMemberAttribute="cn"
roleObjectClass="groupOfNames"
roleSearchSubtree="true"
supplementalRoles="user"
reportStatistics="true"
timeoutRead="10000"
timeoutConnect="20000"
ignoreRoles="true"
storePass="true";
org.rundeck.jaas.jetty.JettyRolePropertyFileLoginModule required
debug="true"
useFirstPass="true"
file="/path/to/realm.properties";
};
-Dloginmodule.conf.name=jaas-loginmodule.conf -Dloginmodule.name=multiauth