Error When Using EXT to Fetch a Password for an LDAP Bind Credential from an External File on Windows
Issue
- Documentation for the Ldap and LdapExt login modules states that it is possible to obtain an LDAP bind credential by executing an OS-level command using {EXT}. For example, to retrieve a credential from an external file:
<module-option name="bindCredential" value="{EXT}cat /file/with/password.txt"/>
But what is the Windows equivalent for this syntax?
- Using the Windows command 'type' (equivalent to 'cat'), i.e.
<module-option name="bindCredential" value="{EXT}type c:\\file\\with\\password.txt"/>
yields the following error:
10:44:57,445 DEBUG [org.jboss.security] (http-0.0.0.0:8080-1) PBOX000379: Password validation failed: java.io.IOException: Cannot run program "type": CreateProcess error=2, The system cannot find the file specified
at java.lang.ProcessBuilder.start(ProcessBuilder.java:1048) [rt.jar:1.8.0_181]
at java.lang.Runtime.exec(Runtime.java:620) [rt.jar:1.8.0_181]
at java.lang.Runtime.exec(Runtime.java:450) [rt.jar:1.8.0_181]
at java.lang.Runtime.exec(Runtime.java:347) [rt.jar:1.8.0_181]
at org.jboss.security.Util$RuntimeActions$2.execCmd(Util.java:312) [picketbox-4.1.6.Final-redhat-1.jar:4.1.6.Final-redhat-1]
at org.jboss.security.Util.execCmd(Util.java:251) [picketbox-4.1.6.Final-redhat-1.jar:4.1.6.Final-redhat-1]
at org.jboss.security.Util.execPasswordCmd(Util.java:163) [picketbox-4.1.6.Final-redhat-1.jar:4.1.6.Final-redhat-1]
at org.jboss.security.Util.switchCommandExecution(Util.java:146) [picketbox-4.1.6.Final-redhat-1.jar:4.1.6.Final-redhat-1]
at org.jboss.security.Util.loadPassword(Util.java:128) [picketbox-4.1.6.Final-redhat-1.jar:4.1.6.Final-redhat-1]
at org.jboss.security.auth.spi.LdapExtLoginModule.createLdapInitContext(LdapExtLoginModule.java:390) [picketbox-4.1.6.Final-redhat-1.jar:4.1.6.Final-redhat-1]
at org.jboss.security.auth.spi.LdapExtLoginModule.validatePassword(LdapExtLoginModule.java:343) [picketbox-4.1.6.Final-redhat-1.jar:4.1.6.Final-redhat-1]
at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:283) [picketbox-4.1.6.Final-redhat-1.jar:4.1.6.Final-redhat-1]
...
Environment
- Red Hat JBoss Enterprise Application Platform (EAP)
- 6.x
- 7.x
- Microsoft Windows
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.