hi,Thanks for your response. I switched from FastBind to BindLdapAuthenticationHandler. I am having trouble installing the ssl certificate from my ldap server. I get this exception when I do so -
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException is it possible to run CAS without SSL if I have to? is there a workaround for my current situation? thanks, ramya On Mon, Aug 10, 2009 at 6:00 PM, Marvin Addison <[email protected]>wrote: > > I have active directory running on Windows 2000 and I am trying to > connect to it using LDAP. I am using the FastBindLdapAuthenticationHandler. > It says a filter with uid=%u is required but there is no "uid" attribute in > my LDAP server. > > Having "uid" in the DN is not required, but there is a pretty strict > use case for the fast bind handler. If you can construct the DN of a > user from the credential used to authenticate, then you can use it; > otherwise you must use the BindLdapAuthenticationHandler which uses > the more common 2-step search and bind authentication process. > > > Its attempting to bind as uid=<logged in > user>,CN=Administrator,CN=Users,DC= > > I would expect it to be failing since you stated there is no "uid" > attribute in the directory. You probably can use fast bind with AD if > your environment is pretty standard. I believe the filter string > should look like the following: > > CN=%u,CN=Users,DC=example,DC=com > > M > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
