Hi all, I'm attempting to use a LdapPersonAttributeDao to populate the principal attributes as documented here:
http://www.ja-sig.org/wiki/display/CASUM/Attributes using an AD server for the contextSource. This is the same contextSource wired into the BindLdapAuthenticationHandler. I'm able to bind successfully with the ignorePartialResultException="yes" property set, however, the LdapPersonAttributeDao lookup seems to blow up on the org.springframework.ldap.PartialResultException. I've seen posts in the archives with others having similar issues but not a resolution. Any suggestions? Here is the configuration I'm using. <property name="credentialsToPrincipalResolvers"> <list> <bean class="org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver"> <property name="credentialsToPrincipalResolver"> <bean class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" /> </property> <property name="filter" value="(sAMAccountName=%u)" /> <property name="principalAttributeName" value="sAMAccountName" /> <property name="searchBase" value="OU=Person,DC=xxxx,DC=xxx" /> <property name="contextSource" ref="contextSource" /> <property name="attributeRepository"> <ref bean="attributeRepository" /> </property> </bean> </list> </property> <bean id="attributeRepository" class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao"> <property name="contextSource" ref="contextSource" /> <property name="baseDN" value="OU=Person,DC=xxxx,DC=xxx" /> <property name="requireAllQueryAttributes" value="true" /> <property name="queryAttributeMapping"> <map> <entry key="username" value="sAMAccountName" /> </map> </property> <property name="resultAttributeMapping"> <map> <entry key="mail" value="EmailAddress" /> </map> </property> </bean> Thanks, Bill -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
