The default behavior of BindLdapAuthenticationHandler is to search
sub-trees.
This means your config should look something like this:
<bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler">
<property name="filter" value="sAMAccountName=%u" />
<property name="searchBase" value="dc=city,dc=intra,dc=edu,dc=mx" />
<property name="contextSource" ref="contextSource" />
<property name="ignorePartialResultException" value="yes" /> <!-- fix
because of how AD returns results -->
</bean>
This will search the dc=city,dc=intra,dc=edu,dc=mx container and all
sub-trees for the supplied SAMAccountName.
CAS will use the result to perform a bind against AD.
e.g. cn=user,ou=Depto.2,dc=city,dc=intra,dc=edu,dc=mx
Also don't include brakets around any LDAP search or username parameters.
Those brakets are included in the documentation to highlight values that
need substituting for relevant LDAP parameters.
David
On Sat, Sep 4, 2010 at 5:00 AM, Victor Careaga <bichosoft4...@gmail.com>wrote:
> HI me again, this time i am running my server but i cannot connect with AD
>
> this is my problem:
>
> my type of user is
>
> CN=Name lastname,OU=Depto.1,OU=Depto2,OU=Detpo 3,OU=Depto
> 4,DC=city,DC=intra,DC=edu,DC=mx
>
> and this are my beans on deployerConfigContext
>
> <bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler">
> <property name="filter" value="sAMAccountName=%u" />
> <property name="searchBase"
> value="{cn=?,ou=?,ou=?,ou=?,ou=?,dc=city,dc=intra,dc=edu,dc=mx}" />
> <property name="contextSource" ref="contextSource" />
> <property name="ignorePartialResultException" value="yes" /> <!-- fix
> because of how AD returns results -->
> </bean>
>
> <bean id="contextSource"
> class="org.springframework.ldap.core.support.LdapContextSource">
> <property name="urls">
> <list>
> <value>ldap://XXXX/</value>
> </list>
> </property>
> <property name="userDn"
> value="{cn=my_name,ou=Depto1,ou=Depto2,ou=Depto3,ou=Depto4,dc=city,dc=intra,dc=edu,dc=mx}"/>
> <property name="password" value="{my password}"/>
> <property name="baseEnvironmentProperties">
> <map>
> <entry>
> <key>
> <value>java.naming.security.authentication</value>
> </key>
> <value>simple</value>
> </entry>
> </map>
> </property>
> </bean>
>
> But my users are from diferents departments and names on ou changes, and i
> dont know how specified this on deployconfigcontext file, i am use my own
> information log me in but the server dont star and this error happen:
>
> parsing XML document from ServletContext resource
> [/WEB-INF/deployerConfigContext.xml]; nested exception is
> com.sun.org.apache.xerces.internal.impl.io.MalformedByteSequenceException:
> Invalid byte 2 of 3-byte UTF-8 sequence.
>
> shure my deptos contain bad characters but i dont know how resolve this
> situation, well really thanks for the help
> Grettings
> bicho
>
> 2010/9/2 Victor Careaga <bichosoft4...@gmail.com>
>
> Hi david skip=true is work!! thx
>>
>> well look this i download the CAS-server:
>> http://www.ja-sig.org/downloads/cas/cas-server-3.4.2-release.tar.gz
>>
>> but later??? what project i need package to use ldap???
>> i need make changes on cas-server-webapp directory or
>> cas-server-support-ldap???
>>
>> well thx for the help
>>
>> grettings, bicho
>>
>>
>> 2010/9/1 David Harrison <david.harri...@stress-free.co.nz>
>>
>>> Run the command:
>>>
>>> mvn -Dmaven.test.skip=true package install
>>>
>>> This will skip the unit tests.
>>> As you haven't changed any source code not undertaking these tests won't
>>> be an issue.
>>>
>>>
>>>
>>> On Thu, Sep 2, 2010 at 11:38 AM, Victor Careaga <bichosoft4...@gmail.com
>>> > wrote:
>>>
>>>> Error : class not found,
>>>>
>>>> I change to ubuntu and mvn work but stay on
>>>>
>>>> ------------
>>>> TEST
>>>> -----------
>>>>
>>>> running org,jas,,....
>>>>
>>>> and never end,
>>>>
>>>>
>>>> 2010/9/1 David Harrison <david.harri...@stress-free.co.nz>
>>>>
>>>>> No, when you enter the CAS working directory and execute "mvn package
>>>>> install" what is the output?
>>>>>
>>>>> It should begin with:
>>>>>
>>>>> [INFO] Scanning for projects...
>>>>>
>>>>>
>>>>> David
>>>>>
>>>>>
>>>>> On Thu, Sep 2, 2010 at 10:21 AM, Victor Careaga <
>>>>> bichosoft4...@gmail.com> wrote:
>>>>>
>>>>>> JAVA_HOME = C:\Archivos de programa\Java\jdk1.6.0_20
>>>>>> M2_HOME=C:\apache-maven-2.2.1\
>>>>>> M2=C:\apache-maven-2.2.1\bin
>>>>>> path=C:\Archivos de
>>>>>> programa\ImageMagick-6.6.2-Q16;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Archivos
>>>>>> de programa\MySQL\MySQL Server 5.1\bin;C:\Archivos de
>>>>>> programa\Java\jdk1.6.0_20\bin;C:\Archivos de
>>>>>> programa\SWFTools;C:\apache-maven-2.2.1\bin
>>>>>>
>>>>>> and well mvn --version work!!
>>>>>>
>>>>>> i keep trying but in a linux-ubuntu server maybe something wrong with
>>>>>> XP
>>>>>>
>>>>>>
>>>>>>
>>>>>> 2010/9/1 David Harrison <david.harri...@stress-free.co.nz>
>>>>>>
>>>>>>> On Thu, Sep 2, 2010 at 9:33 AM, Victor Careaga <
>>>>>>> bichosoft4...@gmail.com> wrote:
>>>>>>>
>>>>>>>> Thx david my deployconfigcontext here http://pastebin.com/bTxZLyxfthe
>>>>>>>> error on line 85 is a --> string into a comment
>>>>>>>>
>>>>>>>>
>>>>>>> Yes, delete lines 84 through 88.
>>>>>>> e.g. You want this:
>>>>>>>
>>>>>>> <list>
>>>>>>> <!--
>>>>>>> | This is the authentication handler that authenticates services
>>>>>>> by means of callback via SSL, thereby validating
>>>>>>> | a server side SSL certificate.
>>>>>>> +-->
>>>>>>> <bean
>>>>>>> class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler">
>>>>>>>
>>>>>>>
>>>>>>> On the Maven front make sure you have setup your PATH correctly:
>>>>>>>
>>>>>>> http://www.sonatype.com/books/mvnref-book/reference/installation-sect-windows.html
>>>>>>>
>>>>>>> And if it isn't path related post your Maven output.
>>>>>>>
>>>>>>>
>>>>>>> David
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>> another issue, install maven2 and a error is throws when mvn package
>>>>>>>> execute
>>>>>>>>
>>>>>>>> MVN installation:
>>>>>>>> C:\Documents and Settings\v>mvn --version
>>>>>>>> Apache Maven 2.2.1 (r801777; 2009-08-06 14:16:01-0500)
>>>>>>>> Java version: 1.6.0_20
>>>>>>>> Java home: C:\Archivos de programa\Java\jdk1.6.0_20\jre
>>>>>>>> Default locale: es_ES, platform encoding: Cp1252
>>>>>>>> OS name: "windows xp" version: "5.1" arch: "x86" Family: "windows"
>>>>>>>>
>>>>>>>> Grettings, bicho
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>> You are currently subscribed to cas-dev@lists.jasig.org as:
>>>>>>> bichosoft4...@gmail.com
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> To unsubscribe, change settings or access archives, see
>>>>>>> http://www.ja-sig.org/wiki/display/JSG/cas-dev
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Z
>>>>>>
>>>>>> (LI)
>>>>>>
>>>>>> ¿Suspiras al recordar aquellos días del Minix-1.1, cuando los hombres
>>>>>> eran hombres y escribían sus propios drivers?
>>>>>>
>>>>>> Errare humanum est
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> blog personal
>>>>>>
>>>>>> http://bicho-soft.blogspot.com/
>>>>>>
>>>>>> --
>>>>>> You are currently subscribed to cas-dev@lists.jasig.org as:
>>>>>> david.harri...@stress-free.co.nz
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> To unsubscribe, change settings or access archives, see
>>>>>> http://www.ja-sig.org/wiki/display/JSG/cas-dev
>>>>>>
>>>>>>
>>>>> --
>>>>> You are currently subscribed to cas-dev@lists.jasig.org as:
>>>>> bichosoft4...@gmail.com
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> To unsubscribe, change settings or access archives, see
>>>>> http://www.ja-sig.org/wiki/display/JSG/cas-dev
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Z
>>>>
>>>> (LI)
>>>>
>>>> ¿Suspiras al recordar aquellos días del Minix-1.1, cuando los hombres
>>>> eran hombres y escribían sus propios drivers?
>>>>
>>>> Errare humanum est
>>>>
>>>>
>>>>
>>>>
>>>> blog personal
>>>>
>>>> http://bicho-soft.blogspot.com/
>>>>
>>>> --
>>>> You are currently subscribed to cas-dev@lists.jasig.org as:
>>>> david.harri...@stress-free.co.nz
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> To unsubscribe, change settings or access archives, see
>>>> http://www.ja-sig.org/wiki/display/JSG/cas-dev
>>>>
>>>>
>>> --
>>> You are currently subscribed to cas-dev@lists.jasig.org as:
>>> bichosoft4...@gmail.com
>>>
>>>
>>>
>>> To unsubscribe, change settings or access archives, see
>>> http://www.ja-sig.org/wiki/display/JSG/cas-dev
>>>
>>>
>>
>>
>> --
>> Z
>>
>> (LI)
>>
>> ¿Suspiras al recordar aquellos días del Minix-1.1, cuando los hombres eran
>> hombres y escribían sus propios drivers?
>>
>> Errare humanum est
>>
>>
>>
>>
>> blog personal
>>
>> http://bicho-soft.blogspot.com/
>>
>
>
>
> --
> Z
>
> (LI)
>
> ¿Suspiras al recordar aquellos días del Minix-1.1, cuando los hombres eran
> hombres y escribían sus propios drivers?
>
> Errare humanum est
>
>
>
>
> blog personal
>
> http://bicho-soft.blogspot.com/
>
> --
> You are currently subscribed to cas-dev@lists.jasig.org as:
> david.harri...@stress-free.co.nz
>
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-dev
>
>
--
You are currently subscribed to cas-dev@lists.jasig.org as:
arch...@mail-archive.com
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
