[cas-user] Configure CAS with Active Directory from the root DC

Wed, 23 Dec 2009 02:18:22 -0800 

Dear all,
I want to configure the CAS to authenticate by LDAP (Active Directory)
Below is the information of my LDAP

DC=mydomain,DC=mycompany,DC=com
  |__OU=Group1
           |__CN=Test1
  |__OU=Group2
           |__CN=Test2

I used "BindLdapAuthenticationHandler" in file
"...\webapps\cas\WEB-INF\deployerConfigContext.xml" as below:
*<bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler">
<property name="filter" value="cn=%u" />
<property name="searchBase" value="OU=Group1,DC=mydomain,DC=mycompany,DC=com"
/>
<property name="contextSource" ref="contextSource" />
</bean>*
It's work. (I test with account Test1).

I would like to lookup account from the root of LDAP such as
"DC=mydomain,DC=mycompany,DC=com".

Below configuration did not work:
*<bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler">
<property name="filter" value="cn=%u" />
<property name="searchBase" value="DC=mydomain,DC=mycompany,DC=com" />
<property name="contextSource" ref="contextSource" />
</bean>*

Error from the browser:
CAS is UnavailableThere was an error trying to complete your request. Please
notify your support desk or try again.

The exception is logged:
javax.naming.PartialResultException: Unprocessed Continuation Reference(s);
remaining name 'DC=mydomain,DC=mycompany,DC=com'
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2784)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2758)
    at
com.sun.jndi.ldap.LdapNamingEnumeration.getNextBatch(LdapNamingEnumeration.java:129)
    at
com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumeration.java:198)
    at
com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(LdapNamingEnumeration.java:171)
    at
org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:295)
    at
org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:361)
    at
org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal(BindLdapAuthenticationHandler.java:66)

Best Regards,
Thach Le

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to