Configurar conexão com Active Direct(AD) LDAP no Jboss 7 [RESOLVIDO]

Front-end
#1

Feras,

estou configurando o Jboss para que quando eu iniciar minha aplicação possa se conectar no AD através de LDAP,

mas esta dando o erro conforme abaixo, segue tb minha configuração no Jboss 7

12:39:54,063 ERROR [org.jboss.security.authentication.JBossCachedAuthenticationManager] Login failure: javax.security.auth.login.FailedLoginException: Password Incorrect/Password Required
	at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:270) [picketbox-4.0.7.Final.jar:4.0.7.Final]
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.7.0_25]
	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.7.0_25]
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) [rt.jar:1.7.0_25]
	at java.lang.reflect.Method.invoke(Unknown Source) [rt.jar:1.7.0_25]
	at javax.security.auth.login.LoginContext.invoke(Unknown Source) [rt.jar:1.7.0_25]
	at javax.security.auth.login.LoginContext.access$000(Unknown Source) [rt.jar:1.7.0_25]
	at javax.security.auth.login.LoginContext$4.run(Unknown Source) [rt.jar:1.7.0_25]
	at javax.security.auth.login.LoginContext$4.run(Unknown Source) [rt.jar:1.7.0_25]
	at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.7.0_25]
	at javax.security.auth.login.LoginContext.invokePriv(Unknown Source) [rt.jar:1.7.0_25]
	at javax.security.auth.login.LoginContext.login(Unknown Source) [rt.jar:1.7.0_25]
	at org.jboss.security.authentication.JBossCachedAuthenticationManager.defaultLogin(JBossCachedAuthenticationManager.java:449) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
	at org.jboss.security.authentication.JBossCachedAuthenticationManager.proceedWithJaasLogin(JBossCachedAuthenticationManager.java:383) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
	at org.jboss.security.authentication.JBossCachedAuthenticationManager.authenticate(JBossCachedAuthenticationManager.java:371) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
	at org.jboss.security.authentication.JBossCachedAuthenticationManager.isValid(JBossCachedAuthenticationManager.java:160) [picketbox-infinispan-4.0.7.Final.jar:4.0.7.Final]
	at org.jboss.as.web.security.JBossWebRealm.authenticate(JBossWebRealm.java:214) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
	at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:180) [jbossweb-7.0.13.Final.jar:]
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:455) [jbossweb-7.0.13.Final.jar:]
	at org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityContextAssociationValve.java:153) [jboss-as-web-7.1.1.Final.jar:7.1.1.Final]
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:155) [jbossweb-7.0.13.Final.jar:]
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [jbossweb-7.0.13.Final.jar:]
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [jbossweb-7.0.13.Final.jar:]
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) [jbossweb-7.0.13.Final.jar:]
	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [jbossweb-7.0.13.Final.jar:]
	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:671) [jbossweb-7.0.13.Final.jar:]
	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) [jbossweb-7.0.13.Final.jar:]
	at java.lang.Thread.run(Unknown Source) [rt.jar:1.7.0_25]
Caused by: java.lang.NullPointerException
	at javax.naming.NameImpl.<init>(Unknown Source) [rt.jar:1.7.0_25]
	at javax.naming.CompositeName.<init>(Unknown Source) [rt.jar:1.7.0_25]
	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source) [rt.jar:1.7.0_25]
	at javax.naming.directory.InitialDirContext.search(Unknown Source) [rt.jar:1.7.0_25]
	at org.jboss.security.auth.spi.LdapExtLoginModule.bindDNAuthentication(LdapExtLoginModule.java:478) [picketbox-4.0.7.Final.jar:4.0.7.Final]
	at org.jboss.security.auth.spi.LdapExtLoginModule.createLdapInitContext(LdapExtLoginModule.java:438) [picketbox-4.0.7.Final.jar:4.0.7.Final]
	at org.jboss.security.auth.spi.LdapExtLoginModule.validatePassword(LdapExtLoginModule.java:312) [picketbox-4.0.7.Final.jar:4.0.7.Final]
	at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:267) [picketbox-4.0.7.Final.jar:4.0.7.Final]
	... 27 more

<security-domain name="my_ldap_security_domain">
	<authentication>
		<login-module code="LdapExtended" flag="required">
			<module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
			<module-option name="java.naming.security.authentication" value="Simple"/>
			<module-option name="bindDN" value="USUARIO_AD"/>
			<module-option name="bindCredential" value="SENHA_AD"/>
			<module-option name="java.naming.provider.url" value="LDAP://IP_AD:389"/>
			<module-option name="throwValidateError" value="true"/>
		</login-module>
	</authentication>
</security-domain>
#2

A própria exception esta dizendo o erro, senha errada.

#3

pbnf, a mensagem esta clara porém a senha não esta errada pois utilizo a mesma para fazer outras coisa no AD, (Que e o mesmo que estou configurando na aplicação)

mas nessa configuração que estou fazendo no Jboss estou com esse erro, não sei se tem algo na configuração de errado para eu receber esta mensagem

#4

Feras,

descobri o erro segue a solução para futuras duvidas,

além da configuração do Jboss 7 e preciso fazer as configurações na aplicação e inclusive no WEB.xml como está abaixo

o erro era porque eu tinha colocado o trecho abaixo

		<auth-constraint>
			<role-name>Manager</role-name>
		</auth-constraint>

Sem essa configuração funcionou perfeitamente, segue abaixo o antes e o depois

Antes

	<security-constraint>
		<web-resource-collection>
			<web-resource-name>HtmlAuth</web-resource-name>
			<description>application security constraints
	    </description>
			<url-pattern>/*</url-pattern>
			<http-method>GET</http-method>
			<http-method>POST</http-method>
		</web-resource-collection>

		<auth-constraint>
			<role-name>Manager</role-name>
		</auth-constraint>

	</security-constraint>
		<login-config>
			<auth-method>BASIC</auth-method>
			<realm-name>Test LDAP</realm-name>
		</login-config>
		<security-role>
			<role-name>Manager</role-name>
		</security-role>

Depois

	<security-constraint>
		<web-resource-collection>
			<web-resource-name>HtmlAuth</web-resource-name>
			<description>application security constraints
	    </description>
			<url-pattern>/*</url-pattern>
			<http-method>GET</http-method>
			<http-method>POST</http-method>
		</web-resource-collection>
	</security-constraint>
		<login-config>
			<auth-method>BASIC</auth-method>
			<realm-name>Test LDAP</realm-name>
		</login-config>
		<security-role>
			<role-name>Manager</role-name>
		</security-role>
#5