Just did that, and get this Caused by: org.springframework.beans.NotWritablePropertyException: Invalid property 'ignorePartialResultException' of bean class [org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource]: Bean property 'ignorePartialResultException' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter?
Ideas ? Johan ----- Original Message ----- From: Scott Battaglia To: [email protected] Sent: Tuesday, March 10, 2009 11:56 AM Subject: Re: [cas-user] Credentials from LDAP To Principal & It should go on this bean: AuthenticatedLdapContextSource -Scott On Tue, Mar 10, 2009 at 2:54 PM, Johan Reinalda <[email protected]> wrote: Just to add to Scott's comment, you need to set ignorePartialResults=true on the LdapContextSource that is being used by LdapPersonAttributeDao. Again a dumb question, where exactly does this go? I've tried at the 3 different possible locations that I can think off and added the following: <property name="ignorePartialResultException" value="yes" /> I also tried the form "ignorePartialResult" ... (6 variations all together) They all throw similar errors like such: Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver#fadb88' defined in ServletContext resource [/WEB-INF/deployerConfigContext.xml]: Error setting property values; nested exception is org.springframework.beans.NotWritablePropertyException: Invalid property 'ignorePartialResultException' of bean class [org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver]: Bean property 'ignorePartialResultException' is not writable or has an invalid setter method. Does the parameter type of the setter match the return type of the getter? Below are the relevant piece of my deploy file, with the ignore added to where I think it should be ??? Johan <property name="credentialsToPrincipalResolvers"> <list> <!-- add LDAP attributes, used for SAML to Google Apps to pass the 'mail' attribute instead of uid See more at http://www.ja-sig.org/wiki/display/CASUM/Attributes --> <bean class="org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver"> <!-- The Principal resolver form the credentials, ie get the username --> <property name="credentialsToPrincipalResolver"> <bean class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" /> </property> <!-- The query made to find the Principal ID. "%u" will be replaced by the resolved Principal --> <property name="filter" value="(sAMAccountName=%u)" /> <!-- The attribute used to define the new Principal ID --> <property name="principalAttributeName" value="sAMAccountName" /> <property name="searchBase" value="dc=ad,dc=t-bird,dc=edu" /> <property name="contextSource" ref="contextSourceLdapAttributes" /> <!-- fix because of how AD returns results --> <property name="ignorePartialResultException" value="yes" /> <!-- use the attrib repository defined below --> <property name="attributeRepository"> <ref bean="attribRepository" /> </property> </bean> <!-- the original cred to principal resolvers --> <bean class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" /> <bean class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" /> </list> </property> <!-- context source for LDAP attribute resolution, used by CredentialsToPrincicalResolver --> <bean id="contextSourceLdapAttributes" class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource"> <property name="urls"> <list> <value>ldap://dc1.ad.t-bird.edu/</value> <value>ldap://dc3.ad.t-bird.edu/</value> <value>ldap://dc4.ad.t-bird.edu/</value> </list> </property> <property name="userName" value="cn=xxxx,ou=xxxx,dc=ad,dc=t-bird,dc=edu" /> <property name="password" value="xxx" /> <property name="baseEnvironmentProperties"> <map> <entry> <key> <value>java.naming.security.authentication</value> </key> <value>simple</value> </entry> <!-- Set the LDAP connect and read timeout(in ms) for the java ldap class See http://java.sun.com/products/jndi/tutorial/ldap/connect/create.html --> <entry> <key> <value>com.sun.jndi.ldap.connect.timeout</value> </key> <value>2000</value> </entry> <entry> <key> <value>com.sun.jndi.ldap.read.timeout</value> </key> <value>2000</value> </entry> <!-- <entry> <key> <value>java.naming.ldap.derefAliases</value> </key> <value>never</value> </entry> --> </map> </property> </bean> <!-- the attribute repository bean for mapping LDAP attributes to Principal attributes --> <bean id="attribRepository" class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao"> <property name="baseDN" value="dc=ad,dc=t-bird,dc=edu" /> <!-- This query is used to find the entry for populating attributes. {0} will be replaced by the new Principal ID extracted from the ldap --> <property name="query" value="(sAMAccountName={0})" /> <property name="contextSource" ref="contextSourceLdapAttributes" /> <property name="ldapAttributesToPortalAttributes"> <map> <!-- Mapping beetween LDAP entry's attributes (key) and Principal"s (value) --> <entry key="cn" value="Name"/> <entry key="givenName" value="FirstName" /> <entry key="sn" value="LastName" /> <entry key="mail" value="EmailAddress" /> </map> </property> </bean> ----- Original Message ----- From: "Marvin Addison" <[email protected]> To: <[email protected]> Sent: Tuesday, March 10, 2009 9:36 AM Subject: Re: [cas-user] Credentials from LDAP To Principal & Just to add to Scott's comment, you need to set ignorePartialResults=true on the LdapContextSource that is being used by LdapPersonAttributeDao. Additionally, you are correct that CredentialsToLDAPAttributePrincipalResolver has completed successfully. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
