hi scott: i can login "OPDEVNET" with windows ldp client.(ldp.exe) with username: administrator, password: mypassword. so it is not this problem. and the users in the domain. i only create one user ex: username: jahia password: jahia, i try to create a ou: onepoint and a group: testjahia, then i add the user(jahia) to the group(testjahia) which belongs to the organization unit(onepoint).
then i try to connect LDAP with : 1、 <property name="searchBase" value="cn=users,dc=OPDEVNET" /> 2、 <property name="searchBase" value="ou=onepoint,dc=OPDEVNET" /> 3、 <property name="searchBase" value="cn=testjahia, ou=onepoint,dc=OPDEVNET" /> ..... all the cases do not work! help me ! thanks oldman 2/7/2007 Scott Battaglia wrote: > Its most likely something with your directory server based on what > that forum says. Have you tried other usernames? Checked into the > username you are trying to authenticate, etc.? > > On 2/7/07, *gmail* <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> > wrote: > > Old Man: >> hi: >> >> i config the deployerConfigContext.xml file according to guide. >> http://www.ja-sig.org/products/cas/server/ldapauthhandler/index.html >> <http://www.ja-sig.org/products/cas/server/ldapauthhandler/index.html> >> but i get the screen below, when i login on server. >> >> ------------------------------------- >> >> >> CAS is Unavailable >> >> A general exception occurred while trying to access CAS. Please >> notify your system administrator. >> >> ---------------------------------------- >> >> i use windows ldap client to connect AD, and it works. >> i use cas-server 3.0.6 and tomcat 5.5.17 in jahia. and my jdk >> 1.5.0.6 <http://1.5.0.6> >> below is the configure of the deployerConfigContext.xml file >> >> -------------------------------- >> <beans> >> >> <bean id="authenticationManager" >> class="org.jasig.cas.authentication.AuthenticationManagerImpl"> >> >> >> <property name="credentialsToPrincipalResolvers"> >> <list> >> >> <bean >> >> class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" >> /> >> >> <bean >> >> class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" >> /> >> </list> >> </property> >> >> <property name="authenticationHandlers"> >> <list> >> >> <bean >> >> class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" >> /> >> >> >> <bean >> class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" > >> <property name="filter" value="uid=%u" /> >> <property name="searchBase" value="cn=users,dc=OPDEVNET" /> >> <property name="contextSource" ref="contextSource" /> >> </bean> >> >> </list> >> </property> >> </bean> >> >> <bean id="contextSource" >> class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource"> >> >> <property name="userName" value="administrator" /> <!--this is >> the user logining to the AD server --> >> <property name="password" value="mypassword" /> <!--password--> >> <property name="urls"> >> <list> >> <value>ldap://onepoint-winser:389/</value> <!-- AD server --> >> </list> >> </property> >> <property name="baseEnvironmentProperties"> >> <map> >> <entry> >> <key><value>java.naming.security.authentication</value></key> >> <value>simple</value> >> </entry> >> </map> >> </property> >> </bean> >> </beans> >> >> ---------------------------- >> >> these are the errors : >> >> ####################################### >> 2007-02-06 19:27:08,328 DEBUG >> [org.springframework.web.context.support.XmlWebApplicationContext] >> - Publishing event in context [WebApplicationContext for >> namespace 'cas-servlet']: ServletRequestHandledEvent: >> url=[/cas/login]; client=[ 127.0.0.1 <http://127.0.0.1>]; >> method=[POST]; servlet=[cas]; >> session=[D7EDB30B1CD13924918BA779F9B2EC94]; user=[null]; >> time=[203ms]; status=[failed: >> org.springframework.webflow.engine.ActionExecutionException: >> Exception thrown executing [ [EMAIL PROTECTED] targetAction >> = [EMAIL PROTECTED], >> attributes = map['method' -> 'submit']] in state 'submit' of flow >> 'login-webflow' -- action execution attributes were 'map['method' >> -> 'submit']'; nested exception is >> org.springframework.ldap.UncategorizedLdapException: Operation >> failed; nested exception is javax.naming.AuthenticationException: >> [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: >> AcceptSecurityContext error, data 525, vece ]] >> 2007-02-06 19:27:08,328 DEBUG >> [org.springframework.web.context.support.XmlWebApplicationContext] >> - Publishing event in context [Root WebApplicationContext]: >> ServletRequestHandledEvent: url=[/cas/login]; client=[ 127.0.0.1 >> <http://127.0.0.1>]; method=[POST]; servlet=[cas]; >> session=[D7EDB30B1CD13924918BA779F9B2EC94]; user=[null]; >> time=[203ms]; status=[failed: >> org.springframework.webflow.engine.ActionExecutionException: >> Exception thrown executing [ [EMAIL PROTECTED] targetAction >> = [EMAIL PROTECTED], >> attributes = map['method' -> 'submit']] in state 'submit' of flow >> 'login-webflow' -- action execution attributes were 'map['method' >> -> 'submit']'; nested exception is >> org.springframework.ldap.UncategorizedLdapException: Operation >> failed; nested exception is javax.naming.AuthenticationException: >> [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: >> AcceptSecurityContext error, data 525, vece ]] >> 2007-02-06 19:27:08,328 ERROR >> >> [org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/cas].[cas]] >> - Servlet.service() for servlet cas threw exception >> javax.naming.AuthenticationException: [LDAP: error code 49 - >> 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext >> error, data 525, vece ] >> at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2985) >> at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931) >> at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2732) >> at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2646) >> at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283) >> at >> com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175) >> at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs >> (LdapCtxFactory.java:193) >> at >> >> com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136) >> at >> >> com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66) >> at javax.naming.spi.NamingManager.getInitialContext >> (NamingManager.java:667) >> at >> javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:247) >> at javax.naming.InitialContext.init(InitialContext.java:223) >> at javax.naming.ldap.InitialLdapContext.<init>( >> InitialLdapContext.java:134) >> at >> >> org.springframework.ldap.support.LdapContextSource.getDirContextInstance(LdapContextSource.java:59) >> at >> >> org.springframework.ldap.support.AbstractContextSource.createContext(AbstractContextSource.java >> :193) >> at >> >> org.springframework.ldap.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:104) >> at >> org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:263) >> at org.springframework.ldap.LdapTemplate.search >> (LdapTemplate.java:314) >> at >> >> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal(BindLdapAuthenticationHandler.java:70) >> at >> >> org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.authenticate >> (AbstractUsernamePasswordAuthenticationHandler.java:58) >> at >> >> org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(AuthenticationManagerImpl.java:79) >> at >> org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket >> (CentralAuthenticationServiceImpl.java:282) >> at >> >> org.jasig.cas.web.flow.AuthenticationViaFormAction.submit(AuthenticationViaFormAction.java:116) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> at >> >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> at java.lang.reflect.Method.invoke (Method.java:585) >> at >> >> org.springframework.webflow.util.DispatchMethodInvoker.invoke(DispatchMethodInvoker.java:105) >> at >> >> org.springframework.webflow.action.MultiAction.doExecute(MultiAction.java:136) >> at >> >> org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:203) >> at >> >> org.springframework.webflow.engine.AnnotatedAction.execute(AnnotatedAction.java:142) >> at org.springframework.webflow.engine.ActionExecutor.execute >> (ActionExecutor.java:61) >> at >> >> org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:180) >> at org.springframework.webflow.engine.State.enter(State.java:200) >> at org.springframework.webflow.engine.Transition.execute >> (Transition.java:218) >> at >> >> org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112) >> at org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) >> at >> >> org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent >> (RequestControlContextImpl.java:207) >> at >> >> org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:185) >> at org.springframework.webflow.engine.State.enter(State.java:200) >> at org.springframework.webflow.engine.Transition.execute >> (Transition.java:218) >> at >> >> org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112) >> at org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) >> at >> >> org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent >> (RequestControlContextImpl.java:207) >> at >> >> org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent(FlowExecutionImpl.java:211) >> at >> >> org.springframework.webflow.executor.FlowExecutorImpl.resume(FlowExecutorImpl.java >> :227) >> at >> >> org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:115) >> at >> >> org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java >> :170) >> at >> >> org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) >> at >> >> org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java >> :45) >> at >> >> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:820) >> at >> >> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:755) >> at >> org.springframework.web.servlet.FrameworkServlet.processRequest >> (FrameworkServlet.java:396) >> at >> >> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:360) >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:709) >> at javax.servlet.http.HttpServlet.service (HttpServlet.java:802) >> at >> >> org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115) >> at >> >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) >> >> at >> >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) >> at >> >> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) >> at org.apache.catalina.core.StandardContextValve.invoke >> (StandardContextValve.java:178) >> at >> >> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) >> at >> >> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) >> at org.apache.catalina.core.StandardEngineValve.invoke >> (StandardEngineValve.java:107) >> at >> >> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) >> at >> >> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) >> at >> >> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection >> (Http11BaseProtocol.java:664) >> at >> >> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) >> at >> >> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java >> :80) >> at >> >> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) >> at java.lang.Thread.run(Thread.java:595) >> 2007-02-06 19:27:08,562 DEBUG >> [org.springframework.web.servlet.DispatcherServlet ] - Testing >> handler map >> [EMAIL PROTECTED] >> in DispatcherServlet with name 'cas' >> 2007-02-06 19:27:08,578 DEBUG >> [org.springframework.web.servlet.handler.SimpleUrlHandlerMapping >> ] - Looking up handler for [/login] >> 2007-02-06 19:27:08,578 DEBUG >> [org.springframework.web.servlet.DispatcherServlet] - Testing >> handler adapter >> [EMAIL PROTECTED] >> 2007-02-06 19:27:08,578 DEBUG >> [org.springframework.web.servlet.DispatcherServlet] - Testing >> handler adapter >> [EMAIL PROTECTED] >> 2007-02-06 19:27:08,578 DEBUG >> [org.springframework.web.servlet.DispatcherServlet ] - >> Last-Modified value for [/cas/login] is [-1] >> 2007-02-06 19:27:08,578 DEBUG >> [org.springframework.web.servlet.DispatcherServlet] - >> DispatcherServlet with name 'cas' received request for [/cas/login] >> 2007-02-06 19:27:08,578 DEBUG [ >> org.springframework.core.CollectionFactory] - Creating >> [java.util.LinkedHashMap] >> 2007-02-06 19:27:08,578 DEBUG >> [org.springframework.web.servlet.DispatcherServlet] - Bound >> request context to thread: >> [EMAIL PROTECTED] >> 2007-02-06 19:27:08,578 DEBUG >> [org.springframework.web.servlet.DispatcherServlet] - Testing >> handler adapter >> [EMAIL PROTECTED] >> 2007-02-06 19:27:08,578 DEBUG >> [org.springframework.web.servlet.DispatcherServlet ] - Testing >> handler adapter >> [EMAIL PROTECTED] >> ############################## >> >> i have searched former mail-list of cas, there are some same >> problems with me. but a few user to paste the correct answer, and >> some situation is not adapt to me. >> >> and this is my ldap client information. >> >> #################### >> Expanding base 'CN=Users,DC=OPDEVNET'... >> Result <0>: (null) >> Matched DNs: >> Getting 1 entries: >> >> Dn: CN=Users,DC=OPDEVNET >> 2> objectClass: top; container; >> 1> cn: Users; >> 1> description: Default container for upgraded user accounts; >> 1> distinguishedName: CN=Users,DC=OPDEVNET; >> 1> instanceType: 0x4 = ( IT_WRITE ); >> 1> whenCreated: 11/7/2006 18:14:50 China Standard Time China >> Standard Time; >> 1> whenChanged: 11/7/2006 18:14:50 China Standard Time China >> Standard Time; >> 1> uSNCreated: 4304; >> 1> uSNChanged: 4304; >> 1> showInAdvancedViewOnly: FALSE; >> 1> name: Users; >> 1> objectGUID: 9105dc75-62e4-472e-a41f-acee515a0933; >> 1> systemFlags: 0x8C000000 = ( FLAG_DISALLOW_DELETE | >> FLAG_DOMAIN_DISALLOW_RENAME | FLAG_DOMAIN_DISALLOW_MOVE ); >> 1> objectCategory: >> CN=Container,CN=Schema,CN=Configuration,DC=OPDEVNET; >> 1> isCriticalSystemObject: TRUE; >> >> ################### >> >> 1、do i need a LDAP server's certificate to the JVM? >> 2、what's the problem with my configure file? >> 3、i have viewed the thread: >> http://forum.java.sun.com/thread.jspa?messageID=4227692 >> <http://forum.java.sun.com/thread.jspa?messageID=4227692> but i >> don't know what 's wrong with the configure in cas. >> >> >> thank you in advance. >> >> oldman >> 2/6/2007 >> > hi : > can you help me to solve the problem? thank you very much. i am > new to cas. > > > oldman > > > _______________________________________________ > Yale CAS mailing list > [email protected] <mailto:[email protected]> > http://tp.its.yale.edu/mailman/listinfo/cas > > > ------------------------------------------------------------------------ > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas >
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
