LPPE configuration is as below
<bean id="ldapAuthenticationHandler"
class="org.jasig.cas.authentication.LdapAuthenticationHandler"
p:principalIdAttribute="sAMAccountName"
c:authenticator-ref="authenticator"
p:passwordPolicyConfiguration-ref="passwordPolicy">
<property name="principalAttributeMap">
<map>
<!--
| This map provides a simple attribute resolution mechanism.
| Keys are LDAP attribute names, values are CAS attribute
names.
| Use this facility instead of a PrincipalResolver if LDAP is
| the only attribute source.
-->
<entry key="member" value="member" />
<entry key="mail" value="mail" />
<entry key="displayName" value="displayName" />
</map>
</property>
</bean>
***************lppe-configuration.xml***************
<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:p="http://www.springframework.org/schema/p";
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd";>
<!--
| Sample LDAP password policy configuration.
| There are notable configuration requirements for LDAP components
required for password policy
| depending on the directory (Active Directory, OpenLDAP, etc).
| See CAS documentation for more information.
-->
<bean id="passwordPolicy"
class="org.jasig.cas.authentication.support.LdapPasswordPolicyConfiguration"
p:alwaysDisplayPasswordExpirationWarning="${password.policy.warnAll}"
p:passwordWarningNumberOfDays="${password.policy.warningDays}"
p:passwordPolicyUrl="${password.policy.url}"
p:accountStateHandler-ref="accountStateHandler" />
<!-- This component is suitable for most cases but can be replaced with a
custom component for special cases. -->
<bean id="accountStateHandler"
class="org.jasig.cas.authentication.support.DefaultAccountStateHander" />
</beans>
I will check and confirm the Windows server version. Thanks.
On Saturday, July 5, 2014 9:43:22 AM UTC+5, Daniel Fisher wrote:
>
> On Thu, Jun 26, 2014 at 7:59 AM, wa <[email protected] <javascript:>>
> wrote:
> > 2014-06-26 16:42:50,134 DEBUG
> > [org.jasig.cas.authentication.LdapAuthenticationHandler] - LDAP
> response:
> >
> [org.ldaptive.auth.AuthenticationResponse@1850787950::authenticationResultCode=AUTHENTICATION_HANDLER_FAILURE,
>
>
> > ldapEntry=[dn=CN=test8\, Bpo,OU=agent ou,OU=BPO test
> > OU,OU=Campaigns,OU=xxxx,OU=Sites,DC=xxxx,DC=com[]], accountState=null,
> > result=false, resultCode=INVALID_CREDENTIALS,
> > message=javax.naming.AuthenticationException: [LDAP: error code 49 -
> > 80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error,
> data
> > 775, v1772\00], controls=null]
> >
>
> accountState is null, so either the authentication response handler
> failed to parse the response or it isn't configured correctly. What
> does your lppe configuration look like?
>
> --Daniel Fisher
>
> --
> You are currently subscribed to [email protected] <javascript:> as:
> [email protected] <javascript:>
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
