> <bean id="LDAPcontextSource" > class="org.springframework.ldap.core.support.LdapContextSource"> > <property name="pooled" value="false"/> > <property name="urls"> > <list> > <value>ldap://ldap.morgan.edu:389</value> > </list> > </property> > <property name="userDn" > value="cn=joecas,OU=ServiceAccounts,DC=morgan,DC=edu"/> > <property name="password" value="Bind)(*&"/>
That looks like a real password. I would strongly recommend redacting your configuration before you post to the list and changing that password immediately. Also no sane directory allows bind attempts over an unencrypted channel, so you must specify an LDAP URI that indicates SSL like the following: ldaps://ldap.morgan.edu:636 > <!-- LDAP bind Authentication Handler --> > <bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"> > <property name="filter" value="uid=%u"/> > <property name="searchBase" > value="CN=joemsucas,OU=ServiceAccounts,DC=morgan,DC=edu"/> > <property name="contextSource" ref="LDAPcontextSource"/> > <property name="ignorePartialResultException" value="yes"/> > <!-- fix because of how AD returns results --> > </bean> Couple things are wrong here: 1. searchBase is almost certainly wrong as Eric pointed out 2. There is no uid attribute in Active Directory. You likely want sAMAccountName=%u. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
