RE: [cas-dev] ldaptive integration

Fri, 28 Jun 2013 12:45:33 -0700 

Added these snippets and now I can see the bind to AD and the resolution of the 
userid.



    <bean id="bindConnectionInitializer" 
class="org.ldaptive.BindConnectionInitializer"
          p:bindDn="${ldap.bindDn}"
          p:bindCredential="${ldap.bindPassword}" />

                <bean id="ldapConnectionConfig" 
class="org.ldaptive.ConnectionConfig"
                                  
p:connectionInitializer-ref="bindConnectionInitializer"
                                  p:ldapUrl="${ldapPurl}"
                                  p:connectTimeout="${ldap.connectTimeout}"
                                  p:useStartTLS="${ldap.useStartTLS}" />

I can see that it finds the user and successfully binds as the user but I get 
"invalid credentials" on the login screen.

In the cas.log

2013-06-28 14:40:45,418 INFO 
[org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - 
LdapAuthenticationHandler failed authenticating jmdanner+password

I noted in the documentation that Marvin provided that there was a reference to 
an authControls bean. I can't find any documentation about how to configure 
that bean.

Mearl Danner
Systems Programmer
Samford University Technology Services
http://www.samford.edu

From: Daniel Fisher [mailto:[email protected]]
Sent: Friday, June 28, 2013 9:44 AM
To: [email protected]
Subject: Re: [cas-dev] ldaptive integration

On Fri, Jun 28, 2013 at 10:11 AM, Marvin S. Addison 
<[email protected]<mailto:[email protected]>> wrote:
I have CAS 4.0 from git and am attempting to use the ldap integration to
authenticate against Active Directory. We do not allow anonymous bind
and need to bind before resolving the user dn. I can't figure out how to
wire it together to get it to bind before doing the search.

Working on CAS 4.0 documentation now:

http://jasig.github.io/cas/installation/Configuring-Authentication-Components.html#ldap

In particular, you need to add a BindConnectionInitializer to the 
ConnectionConfig bean.
I made some suggestions to Marvin for improving the documentation, stay tuned 
for updates.

--Daniel Fisher


--
You are currently subscribed to 
[email protected]<mailto:[email protected]> as: 
[email protected]<mailto:[email protected]>
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-dev

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-dev

Reply via email to