LDAP settings configured using JBoss ON CLI cannot be activated

Solution Unverified - Updated

Environment

  • Red Hat JBoss Operations Network (ON) 3.3.4, 3.3.5
  • Red Hat JBoss ON Command Line Interface (CLI) 3.3.4, 3.3.5
  • Attempt to change LDAP configuration using CLI - for instance:
$ var mySystemSettings = SystemManager.getSystemSettings();
$ mySystemSettings.put(SystemSetting.LDAP_BASED_JAAS_PROVIDER, "true");
false
$ SystemManager.setSystemSettings(mySystemSettings);

Issue

  • LDAP settings configured using JBoss ON CLI cannot be activated;
  • Attempt to change LDAP settings in the JBoss ON System Settings page using JBoss ON CLI does not work properly.
  • When trying to set LDAP settings in the JBoss ON UI System Settings page using JBoss ON CLI and method setSystemSettings new values are shown in the JBoss ON UI but attempt to log in using LDAP user fails with the message:

The username or password provided does not match our records. Please, fill in the fields again.

  • Method SystemManager.setSystemSettings(settings) does not propagate LDAP changes into the RHQ Server's JAAS login modules

Resolution

This is a bug, reported in the This content is not included.Red Hat Bugzilla 1306231 and it will be resolved in a future releases of JBoss ON.

Currently, there is no available CLI workaround. Once LDAP settings are changed using JBoss ON CLI, the only way to propagate new settings to the RHQ Server's JAAS login module is to navigate to JBoss ON UI -> System Settings page and press Save button or to restart JBoss ON Server.

Root Cause

Once setSystemSettings method is invoked, it is necessary to activate new settings and this should be done using method reconfigureSystem. Unfortunately, this method is not exposed in the This content is not included.SystemManagerRemote class.

SBR
Product(s)
Category
Tags

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.