Authentication failure when accessing git repo over ssh with BPMS and LDAP
Issue
- Users trying to set up
BPMS 6to useLDAPfor authentication and authorization faces a strange issue during authentication inspite of following the below mentioned steps.
$BPMS_HOME/standalone/configuration/standalone.xml:
<security-domain name="LDAPAuth" cache-type="default">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required">
<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
<module-option name="java.naming.provider.url" value="ldap://localhost:1389"/>
<module-option name="java.naming.security.authentication" value="simple"/>
<module-option name="bindDN" value="cn=Directory Manager"/>
<module-option name="bindCredential" value="password"/>
<module-option name="baseCtxDN" value="ou=People,DC=example,DC=com"/>
<module-option name="baseFilter" value="(CN={0})"/>
<module-option name="rolesCtxDN" value="OU=Roles,DC=example,DC=com"/>
<module-option name="roleFilter" value="(member={1})"/>
<module-option name="roleAttributeID" value="CN"/>
<module-option name="throwValidateError" value="true"/>
<module-option name="searchScope" value="ONELEVEL_SCOPE"/>
<module-option name="allowEmptyPasswords" value="true"/>
<module-option name="defaultRole" value="user"/>
</login-module>
</authentication>
</security-domain>
- Changed security-domain reference in
$BPMS_HOME/standalone/deployments/business-central.war/WEB-INF/jboss-web.xmland$BPMS_HOME/standalone/deployments/dashbuilder.war/WEB-INF/jboss-web.xmlfiles:
<security-domain flushOnSessionInvalidation="true">LDAPAuth</security-domain>
-
This configuration enables users to log in to the web applications with a user from
LDAP. If they try to clone the git repo usingssh,BPMSis not able to authenticate with the users even with the correct credentials. How to fix this issue? -
After switching user authentication of
BPMSserver'sBusiness Centralapplication toLDAP (Active Directory)thegit sshaccess fromJBoss Developer Studioto the internalgit repositoryinBusiness Centraldoes not work anymore. The access to theBusiness Centralvia Web UI works without problems. Even user has configured to useLDAPfor authentication and authorization using anotherLDAP-basedsecurity-realminstandalone.xmland switching to this realm injboss-web.xmlofbusiness-central.war, but that too does not solve the problem. Is there something else to configure?
Environment
- Red Hat JBoss BPM Suite (BPMS)
- 6.0.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
