Bug 1170767

Summary: [GSS] (6.1.1 - patch) AdvancedLdapLoginModule should be able to retrieve password from Vault
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Derek Horton <dehort>
Component: SecurityAssignee: Derek Horton <dehort>
Status: CLOSED DUPLICATE QA Contact: Josef Cacek <jcacek>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.1.1CC: anmiller, bdawidow, darran.lofthouse, jawilson, jcacek, pskopek
Target Milestone: ---   
Target Release: One-off release   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1170764 Environment:
Last Closed: 2014-12-16 21:42:31 UTC Type: Support Patch
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1170762, 1170764    
Bug Blocks:    

Description Derek Horton 2014-12-04 19:43:15 UTC 
+++ This bug was initially created as a clone of Bug #1170764 +++

+++ This bug was initially created as a clone of Bug #1170762 +++

Description of problem:

The AdvancedLdapLoginModule is currently unable to retrieve the bindCredential from Vault
Comment 1 Derek Horton 2014-12-11 19:20:57 UTC 
Reproducer instructions:

- configure Vault
- configure the AdvancedLdap login module to use a "vaultified" bindCredential


             <security-domain name="jmx-console" cache-type="default">
               <authentication>
                <login-module code="AdvancedLdap" module="org.jboss.security.negotiation" flag="required">
                   <module-option name="java.naming.factory.initial" value="com.sun.jndi.ldap.LdapCtxFactory"/>
                   <module-option name="java.naming.provider.url" value="ldap://192.168.1.8:389"/>
                   <module-option name="java.naming.security.authentication" value="simple"/>

                   <module-option name="bindDN" value="cn=Manager,dc=my-domain,dc=com"/>
                   <module-option name="bindCredential" value="VAULT::LDAP::bindCredential::1"/>
Comment 2 Jimmy Wilson 2014-12-16 21:42:31 UTC 

*** This bug has been marked as a duplicate of bug 1174871 ***
Comment 3 JBoss JIRA Server 2015-01-06 15:59:20 UTC 
Darran Lofthouse <darran.lofthouse> updated the status of jira SECURITY-871 to Resolved