my elytron config looks like
/subsystem=elytron/dir-context=ldap-connection:add(url="{{ security.security_domains.security_domain.SPNEGO.ExtendedLoginModule.java.naming.provider.url }}", principal="${VAULT::secDomain::EpsLdapUser::1}", credential-reference={clear-text=${VAULT::secDomain::EpsLdapPassword::1}}) /subsystem=elytron/ldap-realm=lr-eps:add(dir-context=ldap-connection, direct-verification=true, identity-mapping={search-base-dn="o=kl", rdn-identifier="cn", attribute-mapping=[{filter-base-dn="ou={{ country }},ou=eps,ou=roles,o=kl", extract-rdn="cn", filter="(member={1})", from="groupMembership", to="Roles"}]})
/subsystem=elytron/kerberos-security-factory=SPNEGO:add(path=${jboss.server.config.dir}/keytabs/{{ eapKeytab }}, principal=HTTP/{{ security.security_domains.security_domain.host.Krb5LoginModule.principal }}@{{ system_property.krb5.realm }}, debug={{ system_property.krb5.debug }}) /subsystem=elytron/security-domain=SPNEGO:add(default-realm=lr-eps, realms=[{realm=lr-eps, role-decoder=groups-to-roles}], permission-mapper=default-permission-mapper) /subsystem=elytron/http-authentication-factory=SPNEGO:add(security-domain=SPNEGO, http-server-mechanism-factory=global, mechanism-configurations=[{mechanism-name=SPNEGO, credential-security-factory=SPNEGO}]) /subsystem=undertow/application-security-domain=SPNEGO:add(http-authentication-factory=SPNEGO)
do you see some errors? I do have used official documentation but maybe I have some errors, I can't see?
hi all, maybe you can help me...
I got following error
2024-02-29 09:10:01,776+01:00 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("deploy") failed - address: ([("deployment" => "ear-24_02.0.0-20240222.010-SNAPSHOT.ear")]) - failure description: { "WFLYCTL0412: Required services that are not installed:" => ["jboss.security.security-domain.SPNEGO"], "WFLYCTL0180: Services with missing/unavailable dependencies" => [ "jboss.deployment.subunit.\"ear-24_02.0.0-20240222.010-SNAPSHOT.ear\".\"eai-web-spnego.war\".component.ObjectTypeService.CREATE is missing [jboss.security.security-domain.SPNEGO]", "jboss.deployment.subunit.\"ear-24_02.0.0-20240222.010-SNAPSHOT.ear\".\"eai-web-spnego.war\".component.InboundDocumentServiceImpl.CREATE is missing [jboss.security.security-domain.SPNEGO]", "jboss.deployment.subunit.\"ear-24_02.0.0-20240222.010-SNAPSHOT.ear\".\"eps-web.war\".component.ImportExportManagerImpl.CREATE is missing [jboss.security.security-domain.SPNEGO]", "jboss.deployment.subunit.\"ear-24_02.0.0-20240222.010-SNAPSHOT.ear\".\"eai-web-spnego.war\".component.OutboundDocumentServiceImpl.CREATE is missing [jboss.security.security-domain.SPNEGO]", "jboss.deployment.subunit.\"ear-24_02.0.0-20240222.010-SNAPSHOT.ear\".\"eps-web.war\".component.RequestObserver.CREATE is missing [jboss.security.security-domain.SPNEGO]" ] }in jboss-web.xml of both components is `
`
and in web.xml of both components is `
`
my elytron config looks like
/subsystem=elytron/dir-context=ldap-connection:add(url="{{ security.security_domains.security_domain.SPNEGO.ExtendedLoginModule.java.naming.provider.url }}", principal="${VAULT::secDomain::EpsLdapUser::1}", credential-reference={clear-text=${VAULT::secDomain::EpsLdapPassword::1}})/subsystem=elytron/ldap-realm=lr-eps:add(dir-context=ldap-connection, direct-verification=true, identity-mapping={search-base-dn="o=kl", rdn-identifier="cn", attribute-mapping=[{filter-base-dn="ou={{ country }},ou=eps,ou=roles,o=kl", extract-rdn="cn", filter="(member={1})", from="groupMembership", to="Roles"}]})/subsystem=elytron/kerberos-security-factory=SPNEGO:add(path=${jboss.server.config.dir}/keytabs/{{ eapKeytab }}, principal=HTTP/{{ security.security_domains.security_domain.host.Krb5LoginModule.principal }}@{{ system_property.krb5.realm }}, debug={{ system_property.krb5.debug }})/subsystem=elytron/security-domain=SPNEGO:add(default-realm=lr-eps, realms=[{realm=lr-eps, role-decoder=groups-to-roles}], permission-mapper=default-permission-mapper)/subsystem=elytron/http-authentication-factory=SPNEGO:add(security-domain=SPNEGO, http-server-mechanism-factory=global, mechanism-configurations=[{mechanism-name=SPNEGO, credential-security-factory=SPNEGO}])/subsystem=undertow/application-security-domain=SPNEGO:add(http-authentication-factory=SPNEGO)do you see some errors? I do have used official documentation but maybe I have some errors, I can't see?