[cas-user] multiple AD authentication

Thu, 07 Nov 2013 04:25:47 -0800 

Hi again

I'm authentication my cas user against two different LDAP servers (two AD) with 
different login.

I think my situation is not very different from :
https://wiki.jasig.org/display/CASUM/Using+CAS+with+two+different+AD+forests

So my understanding is that setting two ldap authentication handler should be 
enough.


               <!-- authentify to the first AD -->
               <bean id="fastBindAuthHandlerAD1"
                     
class="org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler"
                     p:filter="%u@XXX"
                     p:contextSource-ref="contextSourceAD1"
                     p:ignorePartialResultException="true"
               />
               <!-- authentify to the second AD -->
               <bean id="fastBindAuthHandlerAD2"
                     
class="org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler"
                     p:filter="%u"
                     p:contextSource-ref="contextSourceAD2"
                     p:ignorePartialResultException="true"
                     />

(yes the filter is different, that's on purpose)

But it don't work for me.

In my log, I see :
2013-11-07 13:06:59,508 DEBUG 
[org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler] - Performing 
LDAP bind with credential: bacchell@XXXX
2013-11-07 13:06:59,808 INFO 
[org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler] - Failed to 
authenticate user bacchell with error [LDAP: error code 49 - 80090308: LdapErr: 
DSID-0C0903A9, comment: AcceptScurityContext error, data 52e, v1db1^@]; nested 
exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 
80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 
52e, v1db1^@]
2013-11-07 13:06:59,808 DEBUG 
[org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler] - No error 
definitions are defined. Throwing error [LDAP: error code 49 - 80090308: 
LdapErr: DSID-0C0903A9, comment: AccepSecurityContext error, data 52e, 
v1db1^@]; nested exception is javax.naming.AuthenticationException: [LDAP: 
error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: 
AcceptSecurityContext error, data 52e, v1db1^@]
2013-11-07 13:06:59,808 INFO 
[org.jasig.cas.authentication.AuthenticationManagerImpl] - 
org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler failed 
authenticating [username: bacchell]

And with tcpdump I see no activity towards my second LDAP server.

What did I do wrong ?

I'm using CAS 3.5.2.
-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to