Authentication failure when accessing git repo over ssh with BPMS and LDAP

Solution Verified - Updated -

Issue

  • Users trying to set up BPMS 6 to use LDAP for authentication and authorization faces a strange issue during authentication inspite of following the below mentioned steps.
  1. $BPMS_HOME/standalone/configuration/standalone.xml:
    <security-domain name="LDAPAuth" cache-type="default">
        <authentication>
          <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
            <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
            <module-option name="java.naming.provider.url" value="ldap://localhost:1389"/>
            <module-option name="java.naming.security.authentication" value="simple"/>
            <module-option name="bindDN" value="cn=Directory Manager"/>
            <module-option name="bindCredential" value="password"/>
            <module-option name="baseCtxDN" value="ou=People,DC=example,DC=com"/>
            <module-option name="baseFilter" value="(CN={0})"/>
            <module-option name="rolesCtxDN" value="OU=Roles,DC=example,DC=com"/>
            <module-option name="roleFilter" value="(member={1})"/>
            <module-option name="roleAttributeID" value="CN"/>
            <module-option name="throwValidateError" value="true"/>
            <module-option name="searchScope" value="ONELEVEL_SCOPE"/>
            <module-option name="allowEmptyPasswords" value="true"/>
            <module-option name="defaultRole" value="user"/>
          </login-module>
        </authentication>
    </security-domain>
  1. Changed security-domain reference in $BPMS_HOME/standalone/deployments/business-central.war/WEB-INF/jboss-web.xml and $BPMS_HOME/standalone/deployments/dashbuilder.war/WEB-INF/jboss-web.xml files:
<security-domain flushOnSessionInvalidation="true">LDAPAuth</security-domain>

  • This configuration enables users to log in to the web applications with a user from LDAP . If they try to clone the git repo using ssh, BPMS is not able to authenticate with the users even with the correct credentials. How to fix this issue?

  • After switching user authentication of BPMS server's Business Central application toLDAP (Active Directory) the git ssh access from JBoss Developer Studio to the internal git repository in Business Central does not work anymore. The access to the Business Central via Web UI works without problems. Even user has configured to use LDAP for authentication and authorization using another LDAP-based security-realm in standalone.xml and switching to this realm in jboss-web.xml of business-central.war , but that too does not solve the problem. Is there something else to configure?

Environment

  • Red Hat JBoss BPM Suite (BPMS)
    • 6.0.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content