I'm not familiar with how Active Directory needs to be configured when accessed through the Java LDAP libraries nor do I run an Active Directory server to try it out. You will need to do a search for your exception and see what they recommend unless someone here has any experience with that exception (which I don't think anyone does).
That forum posting you looked at before looked like a good match. -Scott On 2/7/07, gmail <[EMAIL PROTECTED]> wrote:
hi scott: i can login "OPDEVNET" with windows ldp client.(ldp.exe) with username: administrator, password: mypassword. so it is not this problem. and the users in the domain. i only create one user ex: username: jahia password: jahia, i try to create a ou: onepoint and a group: testjahia, then i add the user(jahia) to the group(testjahia) which belongs to the organization unit(onepoint). then i try to connect LDAP with : 1、 <property name="searchBase" value="cn=users,dc=OPDEVNET" /> 2、 <property name="searchBase" value="ou=onepoint,dc=OPDEVNET" /> 3、 <property name="searchBase" value="cn=testjahia, ou=onepoint,dc=OPDEVNET" /> ..... all the cases do not work! help me ! thanks oldman 2/7/2007 Scott Battaglia wrote: Its most likely something with your directory server based on what that forum says. Have you tried other usernames? Checked into the username you are trying to authenticate, etc.? On 2/7/07, gmail <[EMAIL PROTECTED]> wrote: > > Old Man: > > hi: > > i config the deployerConfigContext.xml file according to guide. > http://www.ja-sig.org/products/cas/server/ldapauthhandler/index.html > but i get the screen below, when i login on server. > > ------------------------------------- > CAS is Unavailable > > A general exception occurred while trying to access CAS. Please notify > your system administrator. > ---------------------------------------- > > i use windows ldap client to connect AD, and it works. > i use cas-server 3.0.6 and tomcat 5.5.17 in jahia. and my jdk 1.5.0.6 > below is the configure of the deployerConfigContext.xml file > > -------------------------------- > <beans> > > <bean id="authenticationManager" > class="org.jasig.cas.authentication.AuthenticationManagerImpl"> > > > <property name="credentialsToPrincipalResolvers"> > <list> > > <bean > class=" > org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" > /> > > <bean > class=" > org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" > /> > </list> > </property> > > <property name="authenticationHandlers"> > <list> > > <bean > class=" > org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" > /> > > > <bean class=" > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" > > <property name="filter" value="uid=%u" /> > <property name="searchBase" > value="cn=users,dc=OPDEVNET" /> > <property name="contextSource" > ref="contextSource" /> > </bean> > > </list> > </property> > </bean> > > <bean id="contextSource" class=" > org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource"> > > <property name="userName" value="administrator" /> <!--this > is the user logining to the AD server --> > <property name="password" value="mypassword" /> > <!--password--> > <property name="urls"> > <list> > <value>ldap://onepoint-winser:389/</value> > <!-- AD server --> > </list> > </property> > <property name="baseEnvironmentProperties"> > <map> > <entry> > <key><value> > java.naming.security.authentication</value></key> > <value>simple</value> > </entry> > </map> > </property> > </bean> > </beans> > > ---------------------------- > > these are the errors : > > ####################################### > 2007-02-06 19:27:08,328 DEBUG [ > org.springframework.web.context.support.XmlWebApplicationContext] - > Publishing event in context [WebApplicationContext for namespace > 'cas-servlet']: ServletRequestHandledEvent: url=[/cas/login]; client=[ > 127.0.0.1]; method=[POST]; servlet=[cas]; > session=[D7EDB30B1CD13924918BA779F9B2EC94]; user=[null]; time=[203ms]; > status=[failed: > org.springframework.webflow.engine.ActionExecutionException: Exception > thrown executing [ [EMAIL PROTECTED] targetAction = > [EMAIL PROTECTED], attributes = > map['method' -> 'submit']] in state 'submit' of flow 'login-webflow' -- > action execution attributes were 'map['method' -> 'submit']'; nested > exception is org.springframework.ldap.UncategorizedLdapException: > Operation failed; nested exception is > javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: > LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece > ]] > 2007-02-06 19:27:08,328 DEBUG [ > org.springframework.web.context.support.XmlWebApplicationContext] - > Publishing event in context [Root WebApplicationContext]: > ServletRequestHandledEvent: url=[/cas/login]; client=[ 127.0.0.1]; > method=[POST]; servlet=[cas]; session=[D7EDB30B1CD13924918BA779F9B2EC94]; > user=[null]; time=[203ms]; status=[failed: > org.springframework.webflow.engine.ActionExecutionException: Exception > thrown executing [ [EMAIL PROTECTED] targetAction = > [EMAIL PROTECTED], attributes = > map['method' -> 'submit']] in state 'submit' of flow 'login-webflow' -- > action execution attributes were 'map['method' -> 'submit']'; nested > exception is org.springframework.ldap.UncategorizedLdapException: > Operation failed; nested exception is > javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: > LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece > ]] > 2007-02-06 19:27:08,328 ERROR [org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/cas].[cas]] > - Servlet.service() for servlet cas threw exception > javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: > LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece > ] > at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2985) > at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931) > at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2732) > at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2646) > at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283) > at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java > :175) > at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs ( > LdapCtxFactory.java:193) > at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance( > LdapCtxFactory.java:136) > at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext( > LdapCtxFactory.java:66) > at javax.naming.spi.NamingManager.getInitialContext ( > NamingManager.java:667) > at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java > :247) > at javax.naming.InitialContext.init(InitialContext.java:223) > at javax.naming.ldap.InitialLdapContext.<init>( > InitialLdapContext.java:134) > at > org.springframework.ldap.support.LdapContextSource.getDirContextInstance > (LdapContextSource.java:59) > at > org.springframework.ldap.support.AbstractContextSource.createContext( > AbstractContextSource.java :193) > at > org.springframework.ldap.support.AbstractContextSource.getReadOnlyContext > (AbstractContextSource.java:104) > at org.springframework.ldap.LdapTemplate.search(LdapTemplate.java > :263) > at org.springframework.ldap.LdapTemplate.search (LdapTemplate.java > :314) > at > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal > (BindLdapAuthenticationHandler.java:70) > at > org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.authenticate( > AbstractUsernamePasswordAuthenticationHandler.java:58) > at > org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate( > AuthenticationManagerImpl.java:79) > at > org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket( > CentralAuthenticationServiceImpl.java:282) > at org.jasig.cas.web.flow.AuthenticationViaFormAction.submit( > AuthenticationViaFormAction.java:116) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke( > NativeMethodAccessorImpl.java:39) > at sun.reflect.DelegatingMethodAccessorImpl.invoke( > DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke (Method.java:585) > at org.springframework.webflow.util.DispatchMethodInvoker.invoke( > DispatchMethodInvoker.java:105) > at org.springframework.webflow.action.MultiAction.doExecute( > MultiAction.java:136) > at org.springframework.webflow.action.AbstractAction.execute( > AbstractAction.java:203) > at org.springframework.webflow.engine.AnnotatedAction.execute( > AnnotatedAction.java:142) > at org.springframework.webflow.engine.ActionExecutor.execute ( > ActionExecutor.java:61) > at org.springframework.webflow.engine.ActionState.doEnter( > ActionState.java:180) > at org.springframework.webflow.engine.State.enter(State.java:200) > at org.springframework.webflow.engine.Transition.execute ( > Transition.java:218) > at org.springframework.webflow.engine.TransitionableState.onEvent( > TransitionableState.java:112) > at org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > at > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent( > RequestControlContextImpl.java:207) > at org.springframework.webflow.engine.ActionState.doEnter( > ActionState.java:185) > at org.springframework.webflow.engine.State.enter(State.java:200) > at org.springframework.webflow.engine.Transition.execute ( > Transition.java:218) > at org.springframework.webflow.engine.TransitionableState.onEvent( > TransitionableState.java:112) > at org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > at > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent( > RequestControlContextImpl.java:207) > at > org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent( > FlowExecutionImpl.java:211) > at org.springframework.webflow.executor.FlowExecutorImpl.resume( > FlowExecutorImpl.java :227) > at > org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest > (FlowRequestHandler.java:115) > at > org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal > (FlowController.java :170) > at > org.springframework.web.servlet.mvc.AbstractController.handleRequest( > AbstractController.java:153) > at > org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle > (SimpleControllerHandlerAdapter.java :45) > at org.springframework.web.servlet.DispatcherServlet.doDispatch( > DispatcherServlet.java:820) > at org.springframework.web.servlet.DispatcherServlet.doService( > DispatcherServlet.java:755) > at org.springframework.web.servlet.FrameworkServlet.processRequest ( > FrameworkServlet.java:396) > at org.springframework.web.servlet.FrameworkServlet.doPost( > FrameworkServlet.java:360) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:709) > at javax.servlet.http.HttpServlet.service (HttpServlet.java:802) > at org.jasig.cas.web.init.SafeDispatcherServlet.service( > SafeDispatcherServlet.java:115) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:252) > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:173) > at org.apache.catalina.core.StandardWrapperValve.invoke( > StandardWrapperValve.java:213) > at org.apache.catalina.core.StandardContextValve.invoke ( > StandardContextValve.java:178) > at org.apache.catalina.core.StandardHostValve.invoke( > StandardHostValve.java:126) > at org.apache.catalina.valves.ErrorReportValve.invoke( > ErrorReportValve.java:105) > at org.apache.catalina.core.StandardEngineValve.invoke ( > StandardEngineValve.java:107) > at org.apache.catalina.connector.CoyoteAdapter.service( > CoyoteAdapter.java:148) > at org.apache.coyote.http11.Http11Processor.process( > Http11Processor.java:869) > at > org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection( > Http11BaseProtocol.java:664) > at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket( > PoolTcpEndpoint.java:527) > at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt( > LeaderFollowerWorkerThread.java :80) > at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run( > ThreadPool.java:684) > at java.lang.Thread.run(Thread.java:595) > 2007-02-06 19:27:08,562 DEBUG [ > org.springframework.web.servlet.DispatcherServlet ] - Testing handler > map [ > [EMAIL PROTECTED] > in DispatcherServlet with name 'cas' > 2007-02-06 19:27:08,578 DEBUG [ > org.springframework.web.servlet.handler.SimpleUrlHandlerMapping ] - > Looking up handler for [/login] > 2007-02-06 19:27:08,578 DEBUG [ > org.springframework.web.servlet.DispatcherServlet] - Testing handler > adapter [ > [EMAIL PROTECTED] > 2007-02-06 19:27:08,578 DEBUG [ > org.springframework.web.servlet.DispatcherServlet] - Testing handler > adapter [ > [EMAIL PROTECTED] > ] > 2007-02-06 19:27:08,578 DEBUG [ > org.springframework.web.servlet.DispatcherServlet ] - Last-Modified > value for [/cas/login] is [-1] > 2007-02-06 19:27:08,578 DEBUG [ > org.springframework.web.servlet.DispatcherServlet] - DispatcherServlet > with name 'cas' received request for [/cas/login] > 2007-02-06 19:27:08,578 DEBUG [ > org.springframework.core.CollectionFactory] - Creating [ > java.util.LinkedHashMap] > 2007-02-06 19:27:08,578 DEBUG [ > org.springframework.web.servlet.DispatcherServlet] - Bound request > context to thread: [EMAIL PROTECTED] > 2007-02-06 19:27:08,578 DEBUG [ > org.springframework.web.servlet.DispatcherServlet] - Testing handler > adapter [ > [EMAIL PROTECTED] > 2007-02-06 19:27:08,578 DEBUG [ > org.springframework.web.servlet.DispatcherServlet ] - Testing handler > adapter [ > [EMAIL PROTECTED] > ] > ############################## > > i have searched former mail-list of cas, there are some same problems > with me. but a few user to paste the correct answer, and some situation is > not adapt to me. > > and this is my ldap client information. > > #################### > Expanding base 'CN=Users,DC=OPDEVNET'... > Result <0>: (null) > Matched DNs: > Getting 1 entries: > >> Dn: CN=Users,DC=OPDEVNET > 2> objectClass: top; container; > 1> cn: Users; > 1> description: Default container for upgraded user accounts; > 1> distinguishedName: CN=Users,DC=OPDEVNET; > 1> instanceType: 0x4 = ( IT_WRITE ); > 1> whenCreated: 11/7/2006 18:14:50 China Standard Time China > Standard Time; > 1> whenChanged: 11/7/2006 18:14:50 China Standard Time China > Standard Time; > 1> uSNCreated: 4304; > 1> uSNChanged: 4304; > 1> showInAdvancedViewOnly: FALSE; > 1> name: Users; > 1> objectGUID: 9105dc75-62e4-472e-a41f-acee515a0933; > 1> systemFlags: 0x8C000000 = ( FLAG_DISALLOW_DELETE | > FLAG_DOMAIN_DISALLOW_RENAME | FLAG_DOMAIN_DISALLOW_MOVE ); > 1> objectCategory: > CN=Container,CN=Schema,CN=Configuration,DC=OPDEVNET; > 1> isCriticalSystemObject: TRUE; > > ################### > > 1、do i need a LDAP server's certificate to the JVM? > 2、what's the problem with my configure file? > 3、i have viewed the thread: http://forum.java.sun.com/thread.jspa?messageID=4227692 > but i don't know what 's wrong with the configure in cas. > > > thank you in advance. > > oldman > 2/6/2007 > > hi : > can you help me to solve the problem? thank you very much. i am new > to cas. > > > oldman > > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > ------------------------------ _______________________________________________ Yale CAS mailing list [EMAIL PROTECTED]://tp.its.yale.edu/mailman/listinfo/cas _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
