Active Directory is running on Windows 2008 Server
On Monday, July 7, 2014 11:46:53 AM UTC+5, wa wrote: > > LPPE configuration is as below > > <bean id="ldapAuthenticationHandler" > class="org.jasig.cas.authentication.LdapAuthenticationHandler" > p:principalIdAttribute="sAMAccountName" > c:authenticator-ref="authenticator" > p:passwordPolicyConfiguration-ref="passwordPolicy"> > <property name="principalAttributeMap"> > <map> > <!-- > | This map provides a simple attribute resolution mechanism. > | Keys are LDAP attribute names, values are CAS attribute > names. > | Use this facility instead of a PrincipalResolver if LDAP > is > | the only attribute source. > --> > <entry key="member" value="member" /> > <entry key="mail" value="mail" /> > <entry key="displayName" value="displayName" /> > </map> > </property> > </bean> > > ***************lppe-configuration.xml*************** > > <beans xmlns="http://www.springframework.org/schema/beans"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xmlns:p="http://www.springframework.org/schema/p"; > xsi:schemaLocation="http://www.springframework.org/schema/beans > http://www.springframework.org/schema/beans/spring-beans.xsd";> > > <!-- > | Sample LDAP password policy configuration. > | There are notable configuration requirements for LDAP components > required for password policy > | depending on the directory (Active Directory, OpenLDAP, etc). > | See CAS documentation for more information. > --> > <bean id="passwordPolicy" > class="org.jasig.cas.authentication.support.LdapPasswordPolicyConfiguration" > > p:alwaysDisplayPasswordExpirationWarning="${password.policy.warnAll}" > p:passwordWarningNumberOfDays="${password.policy.warningDays}" > p:passwordPolicyUrl="${password.policy.url}" > p:accountStateHandler-ref="accountStateHandler" /> > > <!-- This component is suitable for most cases but can be replaced with > a custom component for special cases. --> > <bean id="accountStateHandler" > class="org.jasig.cas.authentication.support.DefaultAccountStateHander" /> > > </beans> > > > I will check and confirm the Windows server version. Thanks. > > > On Saturday, July 5, 2014 9:43:22 AM UTC+5, Daniel Fisher wrote: >> >> On Thu, Jun 26, 2014 at 7:59 AM, wa <[email protected]> wrote: >> > 2014-06-26 16:42:50,134 DEBUG >> > [org.jasig.cas.authentication.LdapAuthenticationHandler] - LDAP >> response: >> > >> [org.ldaptive.auth.AuthenticationResponse@1850787950::authenticationResultCode=AUTHENTICATION_HANDLER_FAILURE, >> >> >> > ldapEntry=[dn=CN=test8\, Bpo,OU=agent ou,OU=BPO test >> > OU,OU=Campaigns,OU=xxxx,OU=Sites,DC=xxxx,DC=com[]], accountState=null, >> > result=false, resultCode=INVALID_CREDENTIALS, >> > message=javax.naming.AuthenticationException: [LDAP: error code 49 - >> > 80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, >> data >> > 775, v1772\00], controls=null] >> > >> >> accountState is null, so either the authentication response handler >> failed to parse the response or it isn't configured correctly. What >> does your lppe configuration look like? >> >> --Daniel Fisher >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-user >> > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
