Unable to authenticate the EJB client using Active Directory user
Issue
- We are unable to log on to an EJB application using an Active Directory account. The user specified in bindDN is a valid user and we can log on to the Active Directory using the password specified. The error seen in the logs is :
2015-10-27 15:04:40,133 TRACE [org.jboss.security.plugins.auth.JaasSecurityManagerBase.DatasweepAdvantage] (WorkerThread#0[10.153.173.62:58589]) End isValid, false^M
2015-10-27 15:04:40,136 TRACE [org.jboss.security.audit.providers.LogAuditProvider] (WorkerThread#0[10.153.173.62:58589]) [Error]Source=org.jboss.security.javaee.EJBAuthenticationHelper;principal=XYZ;method=create;^M
javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required^M
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:252)^M
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)^M
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)^M
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)^M
at java.lang.reflect.Method.invoke(Unknown Source)^M
at javax.security.auth.login.LoginContext.invoke(Unknown Source)^M
at javax.security.auth.login.LoginContext.access$000(Unknown Source)^M
at javax.security.auth.login.LoginContext$4.run(Unknown Source)^M
at java.security.AccessController.doPrivileged(Native Method)^M
at javax.security.auth.login.LoginContext.invokePriv(Unknown Source)^M
at javax.security.auth.login.LoginContext.login(Unknown Source)^M
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.defaultLogin(JaasSecurityManagerBase.java:553)^M
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.authenticate(JaasSecurityManagerBase.java:487)^M
at org.jboss.security.plugins.auth.JaasSecurityManagerBase.isValid(JaasSecurityManagerBase.java:365)^M
at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:160)^M
at org.jboss.security.javaee.EJBAuthenticationHelper.isValid(EJBAuthenticationHelper.java:87)^M
at org.jboss.ejb.plugins.SecurityActions$13.run(SecurityActions.java:543)^M
at org.jboss.ejb.plugins.SecurityActions$13.run(SecurityActions.java:540)^M
at java.security.AccessController.doPrivileged(Native Method)^M
at org.jboss.ejb.plugins.SecurityActions.isValid(SecurityActions.java:539)^M
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityContext(SecurityInterceptor.java:314)^M
at org.jboss.ejb.plugins.SecurityInterceptor.process(SecurityInterceptor.java:243)^M
at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:205)^M
.
.
.
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A8, comment: AcceptSecurityContext error, data 52e, v1db1^@]^M
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)^M
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)^M
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)^M
at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)^M
.
.
.
2015-10-27 15:04:40,142 ERROR [org.jboss.ejb.plugins.SecurityInterceptor] (WorkerThread#0[10.153.173.62:58589]) Error in Security Interceptor^M
java.lang.SecurityException: Authentication exception, principal=XYZ
at org.jboss.ejb.plugins.SecurityInterceptor.checkSecurityContext(SecurityInterceptor.java:321)^M
at org.jboss.ejb.plugins.SecurityInterceptor.process(SecurityInterceptor.java:243)^M
at org.jboss.ejb.plugins.SecurityInterceptor.invokeHome(SecurityInterceptor.java:205)^M
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.process(PreSecurityInterceptor.java:136)^M
at org.jboss.ejb.plugins.security.PreSecurityInterceptor.invokeHome(PreSecurityInterceptor.java:88)^M
at org.jboss.ejb.plugins.LogInterceptor.invokeHome(LogInterceptor.java:132)^M
at org.jboss.ejb.plugins.CleanShutdownInterceptor.invokeHome(CleanShutdownInterceptor.java:216)^M
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 5.0.0
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
