glassfish
  1. glassfish
  2. GLASSFISH-20125

configure-ldap-for-admin command does not work

    Details

    • Type: Bug Bug
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 4.0
    • Fix Version/s: 4.0_b83
    • Component/s: admin
    • Labels:
      None

      Description

      The configure-ldap-for-admin command reports success but further attempts to log-in as an administrator do not work.

        Activity

        Tim Quinn created issue -
        Hide
        Tim Quinn added a comment -

        The new security configuration (the security-services section in domain.xml) is involved in authentication and authorization decisions, as well as the older config for the admin file realm.

        The configure-ldap-for-admin command alters the older configuration according to the user's command-line arguments but was never changed to update the newer configuration.

        Show
        Tim Quinn added a comment - The new security configuration (the security-services section in domain.xml) is involved in authentication and authorization decisions, as well as the older config for the admin file realm. The configure-ldap-for-admin command alters the older configuration according to the user's command-line arguments but was never changed to update the newer configuration.
        Hide
        Tim Quinn added a comment -

        Fix checked in:

        Project: glassfish
        Repository: svn
        Revision: 61080
        Author: tjquinn
        Date: 2013-04-02 00:06:17 UTC
        Link:

        Log Message:
        ------------
        Fix for GLASSFISH-20125 - configure-ldap-for-admin command does not work

        The configure-ldap-for-admin command was never updated to reflect the new security configuration added to domain.xml. As a result the LDAP login module was never used during authentication, even after the command was run.

        These changes to the command make the additional alterations in the new security configuration so that the LDAP login module is used correctly.

        Note that some classes were moved from the security/core module to security/services so that the command logic (formerly in security/core) could work with the newer config classes (in security/services).

        Tests: QL, manual tests with Ramesh's LDAP server (thanks, Ramesh)

        Revisions:
        ----------
        61080

        Modified Paths:
        ---------------
        trunk/main/nucleus/security/core/src/main/java/com/sun/enterprise/security/cli/LocalStrings.properties
        trunk/main/nucleus/security/services/src/main/java/org/glassfish/security/services/provider/authorization/SimpleAuthorizationProviderImpl.java

        Added Paths:
        ------------
        trunk/main/nucleus/security/services/src/main/resources
        trunk/main/nucleus/security/services/src/main/resources/org/glassfish/security
        trunk/main/nucleus/security/services/src/main/java/org/glassfish/security/services/commands/LDAPAdminAccessConfigurator.java
        trunk/main/nucleus/security/services/src/main/java/org/glassfish/security/services/impl/LDAPLoginModule.java
        trunk/main/nucleus/security/services/src/main/resources/org
        trunk/main/nucleus/security/services/src/main/resources/org/glassfish
        trunk/main/nucleus/security/services/src/main/resources/org/glassfish/security/services/commands/LocalStrings.properties
        trunk/main/nucleus/security/services/src/main/resources/org/glassfish/security/services/commands
        trunk/main/nucleus/security/services/src/main/resources/org/glassfish/security/services

        Show
        Tim Quinn added a comment - Fix checked in: Project: glassfish Repository: svn Revision: 61080 Author: tjquinn Date: 2013-04-02 00:06:17 UTC Link: Log Message: ------------ Fix for GLASSFISH-20125 - configure-ldap-for-admin command does not work The configure-ldap-for-admin command was never updated to reflect the new security configuration added to domain.xml. As a result the LDAP login module was never used during authentication, even after the command was run. These changes to the command make the additional alterations in the new security configuration so that the LDAP login module is used correctly. Note that some classes were moved from the security/core module to security/services so that the command logic (formerly in security/core) could work with the newer config classes (in security/services). Tests: QL, manual tests with Ramesh's LDAP server (thanks, Ramesh) Revisions: ---------- 61080 Modified Paths: --------------- trunk/main/nucleus/security/core/src/main/java/com/sun/enterprise/security/cli/LocalStrings.properties trunk/main/nucleus/security/services/src/main/java/org/glassfish/security/services/provider/authorization/SimpleAuthorizationProviderImpl.java Added Paths: ------------ trunk/main/nucleus/security/services/src/main/resources trunk/main/nucleus/security/services/src/main/resources/org/glassfish/security trunk/main/nucleus/security/services/src/main/java/org/glassfish/security/services/commands/LDAPAdminAccessConfigurator.java trunk/main/nucleus/security/services/src/main/java/org/glassfish/security/services/impl/LDAPLoginModule.java trunk/main/nucleus/security/services/src/main/resources/org trunk/main/nucleus/security/services/src/main/resources/org/glassfish trunk/main/nucleus/security/services/src/main/resources/org/glassfish/security/services/commands/LocalStrings.properties trunk/main/nucleus/security/services/src/main/resources/org/glassfish/security/services/commands trunk/main/nucleus/security/services/src/main/resources/org/glassfish/security/services
        Tim Quinn made changes -
        Field Original Value New Value
        Status Open [ 1 ] Resolved [ 5 ]
        Fix Version/s 4.0_b83 [ 16112 ]
        Resolution Fixed [ 1 ]

          People

          • Assignee:
            Tim Quinn
            Reporter:
            Tim Quinn
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: