Authenticate using JAAS and LDAP

Hi,

I am trying to authenticate a user using JAAS against LDAP. I am able to hit LDAP, but failing when it comes to authentication.

Yes, I have made sure the user and password are right.

Here is my code and error message. Would really appreciate if someone can tell me what am I doing wrong here.

***********************************

My 'jaas.config' file :

JNDILogin {

com.sun.security.auth.module.JndiLoginModule Required

debug=true

useFirstPass=false

strongDebug=true

tryFirstPass=true

storePass=true

user.provider.url="Ldap://xxx.xxx.xxx.xxx:389/CN=someSecurityService,OU=XX,OU=XXXXX,OU=XXXXXX,OU=XXXXX,OU=XXXXXX,DC=XXX,DC=XXXXX,DC=XXX"

group.provider.url="Ldap://xxx.xxx.xxx.xxx:389/CN=someSecurityService,OU=XX,OU=XXXXX,OU=XXXXXX,OU=XXXXX,OU=XXXXXX,DC=XXX,DC=XXXXX,DC=XXX";

};

*********************************************

My implementation class 'ClientSideSecurityImp,java' :

import javax.security.auth.Subject;

import javax.security.auth.callback.CallbackHandler;

import javax.security.auth.login.LoginContext;

import javax.security.auth.login.LoginException;

import org.apache.log4j.*;

import com.sun.security.auth.callback.TextCallbackHandler;

import com.sun.security.auth.module.JndiLoginModule;

/**

* Filename is ClientSideSecurity.java

public class ClientSideSecurityImp

{

private static final Logger log = Logger

.getLogger(ClientSideSecurityImp.class);

private Subject activeSubject = null;

private String userName = null;

private String appName = null;

private String viaMech = null;

private LoginContext lc = null;

public ClientSideSecurityImp(String appNameVal)

{

this.appName = appNameVal;

}

* (non-Javadoc)

public boolean userAuthenticate() throws SecurityException//,

// AuthenticationException

{

boolean authenticated = false;

String whereAmI = "ClientSideSecurityImp.UserAuthenticate()";

CallbackHandler handler = null;

JndiLoginModule jndi = new JndiLoginModule();

handler = new TextCallbackHandler();

if (lc == null)

try

{

lc = new LoginContext("JNDILogin", handler);

lc.login();

} catch (LoginException e)

{

// TODO Auto-generated catch block

e.printStackTrace();

}

activeSubject = lc.getSubject();

log.debug(activeSubject.toString());

// if we return with no exeption then authentication was sucessful.

authenticated = true;

return authenticated;

}

/**

* @return success at removing the certificates.

public boolean logout()

{

String whereAmI = "ClientSideSecurityImp.logout()";

boolean success = false;

this.userName = "";

this.activeSubject = null;

return true;

}

*********************************************

My test class with main 'ClientSideSecurityImpTest.java' :

import org.apache.log4j.Logger;

import org.apache.log4j.PropertyConfigurator;

import com.jaas.ClientSideSecurityImp;

import junit.framework.TestCase;

/**

* TODO To change the template for this generated type comment go to

* Window - Preferences - Java - Code Style - Code Templates

public class ClientSideSecurityImpTest extends TestCase

{

private static ClientSideSecurityImp cssi = new ClientSideSecurityImp("MyApp");

private static final Logger log = Logger.getLogger(ClientSideSecurityImp.class);

public static void main(String[] args)

{

PropertyConfigurator.configure("log4j.properties");

boolean test = cssi.userAuthenticate();

log.debug("**##$$##**Authenticated :" + test);

}

*********************************************

Error I get :

I get some error messages here that is expected as I have 'tryFirstPass=true' in my 'jaas.config' file. Then it asks for the user and password again. After that this is what I get:

Ldap username: user

Ldap password: password

[JndiLoginModule] user entered username: user

[JndiLoginModule] user entered password: password

[JndiLoginModule]: User not found

javax.naming.NoInitialContextException: Cannot instantiate class: =com.sun.jndi.ldap.LdapCtxFactory [Root exception is java.lang.ClassNotFoundException: =com/sun/jndi/ldap/LdapCtxFactory]

at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:652)

at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:243)

at javax.naming.InitialContext.init(InitialContext.java:219)

at javax.naming.InitialContext.<init>(InitialContext.java:175)

at com.sun.security.auth.module.JndiLoginModule.attemptAuthentication(JndiLoginModule.java:496)

at com.sun.security.auth.module.JndiLoginModule.login(JndiLoginModule.java:310)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

at java.lang.reflect.Method.invoke(Method.java:324)

at javax.security.auth.login.LoginContext.invoke(LoginContext.java:675)

at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)

at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)

at java.security.AccessController.doPrivileged(Native Method)

at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)

at javax.security.auth.login.LoginContext.login(LoginContext.java:534)

at com.jaas.ClientSideSecurityImp.userAuthenticate(ClientSideSecurityImp.java:58)

at com.test.ClientSideSecurityImpTest.main(ClientSideSecurityImpTest.java:29)

Caused by: java.lang.ClassNotFoundException: =com/sun/jndi/ldap/LdapCtxFactory

at java.lang.Class.forName0(Native Method)

at java.lang.Class.forName(Class.java:219)

at com.sun.naming.internal.VersionHelper12.loadClass(VersionHelper12.java:42)

at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:649)

... 17 more

[JndiLoginModule] regular authentication failed

[JndiLoginModule]: aborted authentication failed

javax.security.auth.login.FailedLoginException: User not found

at com.sun.security.auth.module.JndiLoginModule.attemptAuthentication(JndiLoginModule.java:624)