Error When Using EXT to Fetch a Password for an LDAP Bind Credential from an External File on Windows

Solution Verified - Updated -

Issue

  • Documentation for the Ldap and LdapExt login modules states that it is possible to obtain an LDAP bind credential by executing an OS-level command using {EXT}. For example, to retrieve a credential from an external file:
 <module-option name="bindCredential" value="{EXT}cat /file/with/password.txt"/>

But what is the Windows equivalent for this syntax?

  • Using the Windows command 'type' (equivalent to 'cat'), i.e.
 <module-option name="bindCredential" value="{EXT}type c:\\file\\with\\password.txt"/>

yields the following error:

10:44:57,445 DEBUG [org.jboss.security] (http-0.0.0.0:8080-1) PBOX000379: Password validation failed: java.io.IOException: Cannot run program "type": CreateProcess error=2, The system cannot find the file specified
    at java.lang.ProcessBuilder.start(ProcessBuilder.java:1048) [rt.jar:1.8.0_181]
    at java.lang.Runtime.exec(Runtime.java:620) [rt.jar:1.8.0_181]
    at java.lang.Runtime.exec(Runtime.java:450) [rt.jar:1.8.0_181]
    at java.lang.Runtime.exec(Runtime.java:347) [rt.jar:1.8.0_181]
    at org.jboss.security.Util$RuntimeActions$2.execCmd(Util.java:312) [picketbox-4.1.6.Final-redhat-1.jar:4.1.6.Final-redhat-1]
    at org.jboss.security.Util.execCmd(Util.java:251) [picketbox-4.1.6.Final-redhat-1.jar:4.1.6.Final-redhat-1]
    at org.jboss.security.Util.execPasswordCmd(Util.java:163) [picketbox-4.1.6.Final-redhat-1.jar:4.1.6.Final-redhat-1]
    at org.jboss.security.Util.switchCommandExecution(Util.java:146) [picketbox-4.1.6.Final-redhat-1.jar:4.1.6.Final-redhat-1]
    at org.jboss.security.Util.loadPassword(Util.java:128) [picketbox-4.1.6.Final-redhat-1.jar:4.1.6.Final-redhat-1]
    at org.jboss.security.auth.spi.LdapExtLoginModule.createLdapInitContext(LdapExtLoginModule.java:390) [picketbox-4.1.6.Final-redhat-1.jar:4.1.6.Final-redhat-1]
    at org.jboss.security.auth.spi.LdapExtLoginModule.validatePassword(LdapExtLoginModule.java:343) [picketbox-4.1.6.Final-redhat-1.jar:4.1.6.Final-redhat-1]
    at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:283) [picketbox-4.1.6.Final-redhat-1.jar:4.1.6.Final-redhat-1]
    ...

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 6.x
    • 7.x
  • Microsoft Windows

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In