thanks , i will try to find a solution. thank you very much
old man Scott Battaglia wrote: > I'm not familiar with how Active Directory needs to be configured when > accessed through the Java LDAP libraries nor do I run an Active > Directory server to try it out. You will need to do a search for your > exception and see what they recommend unless someone here has any > experience with that exception (which I don't think anyone does). > > That forum posting you looked at before looked like a good match. > > -Scott > > On 2/7/07, *gmail* <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> > wrote: > > hi scott: > i can login "OPDEVNET" with windows ldp client.(ldp.exe) with > username: administrator, password: mypassword. so it is not this > problem. and the users in the domain. i only create one user ex: > username: jahia password: jahia, i try to create a ou: onepoint > and a group: testjahia, then i add the user(jahia) to the > group(testjahia) which belongs to the organization unit(onepoint). > > then i try to connect LDAP with : > 1、 <property name="searchBase" value="cn=users,dc=OPDEVNET" /> > 2、 <property name="searchBase" value="ou=onepoint,dc=OPDEVNET" /> > 3、 <property name="searchBase" value="cn=testjahia, > ou=onepoint,dc=OPDEVNET" /> > ..... > all the cases do not work! > > help me ! thanks > oldman > 2/7/2007 > > > > Scott Battaglia wrote: >> Its most likely something with your directory server based on >> what that forum says. Have you tried other usernames? Checked >> into the username you are trying to authenticate, etc.? >> >> On 2/7/07, *gmail* <[EMAIL PROTECTED] >> <mailto:[EMAIL PROTECTED]>> wrote: >> >> Old Man: >>> hi: >>> >>> i config the deployerConfigContext.xml file according to guide. >>> http://www.ja-sig.org/products/cas/server/ldapauthhandler/index.html >>> >>> <http://www.ja-sig.org/products/cas/server/ldapauthhandler/index.html> >>> but i get the screen below, when i login on server. >>> >>> ------------------------------------- >>> >>> >>> CAS is Unavailable >>> >>> A general exception occurred while trying to access CAS. >>> Please notify your system administrator. >>> >>> ---------------------------------------- >>> >>> i use windows ldap client to connect AD, and it works. >>> i use cas-server 3.0.6 and tomcat 5.5.17 in jahia. and my >>> jdk 1.5.0.6 <http://1.5.0.6> >>> below is the configure of the deployerConfigContext.xml file >>> >>> -------------------------------- >>> <beans> >>> >>> <bean id="authenticationManager" >>> class="org.jasig.cas.authentication.AuthenticationManagerImpl"> >>> >>> >>> <property name="credentialsToPrincipalResolvers"> >>> <list> >>> >>> <bean >>> >>> class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" >>> /> >>> >>> <bean >>> >>> class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" >>> /> >>> </list> >>> </property> >>> >>> <property name="authenticationHandlers"> >>> <list> >>> >>> <bean >>> >>> class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" >>> /> >>> >>> >>> <bean >>> class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" >>> > >>> <property name="filter" value="uid=%u" /> >>> <property name="searchBase" value="cn=users,dc=OPDEVNET" /> >>> <property name="contextSource" ref="contextSource" /> >>> </bean> >>> >>> </list> >>> </property> >>> </bean> >>> >>> <bean id="contextSource" >>> >>> class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource"> >>> >>> <property name="userName" value="administrator" /> <!--this >>> is the user logining to the AD server --> >>> <property name="password" value="mypassword" /> <!--password--> >>> <property name="urls"> >>> <list> >>> <value>ldap://onepoint-winser:389/</value> <!-- AD server --> >>> </list> >>> </property> >>> <property name="baseEnvironmentProperties"> >>> <map> >>> <entry> >>> <key><value>java.naming.security.authentication</value></key> >>> <value>simple</value> >>> </entry> >>> </map> >>> </property> >>> </bean> >>> </beans> >>> >>> ---------------------------- >>> >>> these are the errors : >>> >>> ####################################### >>> 2007-02-06 19:27:08,328 DEBUG >>> [org.springframework.web.context.support.XmlWebApplicationContext] >>> - Publishing event in context [WebApplicationContext for >>> namespace 'cas-servlet']: ServletRequestHandledEvent: >>> url=[/cas/login]; client=[ 127.0.0.1 <http://127.0.0.1>]; >>> method=[POST]; servlet=[cas]; >>> session=[D7EDB30B1CD13924918BA779F9B2EC94]; user=[null]; >>> time=[203ms]; status=[failed: >>> org.springframework.webflow.engine.ActionExecutionException: >>> Exception thrown executing [ [EMAIL PROTECTED] >>> targetAction = >>> [EMAIL PROTECTED], >>> attributes = map['method' -> 'submit']] in state 'submit' of >>> flow 'login-webflow' -- action execution attributes were >>> 'map['method' -> 'submit']'; nested exception is >>> org.springframework.ldap.UncategorizedLdapException: >>> Operation failed; nested exception is >>> javax.naming.AuthenticationException: [LDAP: error code 49 - >>> 80090308: LdapErr: DSID-0C090334, comment: >>> AcceptSecurityContext error, data 525, vece ]] >>> 2007-02-06 19:27:08,328 DEBUG >>> [org.springframework.web.context.support.XmlWebApplicationContext] >>> - Publishing event in context [Root WebApplicationContext]: >>> ServletRequestHandledEvent: url=[/cas/login]; client=[ >>> 127.0.0.1 <http://127.0.0.1>]; method=[POST]; servlet=[cas]; >>> session=[D7EDB30B1CD13924918BA779F9B2EC94]; user=[null]; >>> time=[203ms]; status=[failed: >>> org.springframework.webflow.engine.ActionExecutionException: >>> Exception thrown executing [ [EMAIL PROTECTED] >>> targetAction = >>> [EMAIL PROTECTED], >>> attributes = map['method' -> 'submit']] in state 'submit' of >>> flow 'login-webflow' -- action execution attributes were >>> 'map['method' -> 'submit']'; nested exception is >>> org.springframework.ldap.UncategorizedLdapException: >>> Operation failed; nested exception is >>> javax.naming.AuthenticationException: [LDAP: error code 49 - >>> 80090308: LdapErr: DSID-0C090334, comment: >>> AcceptSecurityContext error, data 525, vece ]] >>> 2007-02-06 19:27:08,328 ERROR >>> >>> [org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/cas].[cas]] >>> - Servlet.service() for servlet cas threw exception >>> javax.naming.AuthenticationException: [LDAP: error code 49 - >>> 80090308: LdapErr: DSID-0C090334, comment: >>> AcceptSecurityContext error, data 525, vece ] >>> at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2985) >>> at >>> com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931) >>> at >>> com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2732) >>> at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2646) >>> at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283) >>> at >>> >>> com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175) >>> at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs >>> (LdapCtxFactory.java:193) >>> at >>> >>> com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136) >>> at >>> >>> com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66) >>> at javax.naming.spi.NamingManager.getInitialContext >>> (NamingManager.java:667) >>> at >>> >>> javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:247) >>> at javax.naming.InitialContext.init(InitialContext.java:223) >>> at javax.naming.ldap.InitialLdapContext.<init>( >>> InitialLdapContext.java:134) >>> at >>> >>> org.springframework.ldap.support.LdapContextSource.getDirContextInstance(LdapContextSource.java:59) >>> at >>> >>> org.springframework.ldap.support.AbstractContextSource.createContext(AbstractContextSource.java >>> :193) >>> at >>> >>> org.springframework.ldap.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:104) >>> at >>> org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:263) >>> at org.springframework.ldap.LdapTemplate.search >>> (LdapTemplate.java:314) >>> at >>> >>> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal(BindLdapAuthenticationHandler.java:70) >>> at >>> >>> org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.authenticate >>> (AbstractUsernamePasswordAuthenticationHandler.java:58) >>> at >>> >>> org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(AuthenticationManagerImpl.java:79) >>> at >>> >>> org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket >>> (CentralAuthenticationServiceImpl.java:282) >>> at >>> >>> org.jasig.cas.web.flow.AuthenticationViaFormAction.submit(AuthenticationViaFormAction.java:116) >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>> at >>> >>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >>> at >>> >>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >>> at java.lang.reflect.Method.invoke (Method.java:585) >>> at >>> >>> org.springframework.webflow.util.DispatchMethodInvoker.invoke(DispatchMethodInvoker.java:105) >>> at >>> >>> org.springframework.webflow.action.MultiAction.doExecute(MultiAction.java:136) >>> at >>> >>> org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:203) >>> at >>> >>> org.springframework.webflow.engine.AnnotatedAction.execute(AnnotatedAction.java:142) >>> at org.springframework.webflow.engine.ActionExecutor.execute >>> (ActionExecutor.java:61) >>> at >>> >>> org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:180) >>> at >>> org.springframework.webflow.engine.State.enter(State.java:200) >>> at org.springframework.webflow.engine.Transition.execute >>> (Transition.java:218) >>> at >>> >>> org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112) >>> at >>> org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) >>> at >>> >>> org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent >>> (RequestControlContextImpl.java:207) >>> at >>> >>> org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:185) >>> at >>> org.springframework.webflow.engine.State.enter(State.java:200) >>> at org.springframework.webflow.engine.Transition.execute >>> (Transition.java:218) >>> at >>> >>> org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112) >>> at >>> org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) >>> at >>> >>> org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent >>> (RequestControlContextImpl.java:207) >>> at >>> >>> org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent(FlowExecutionImpl.java:211) >>> at >>> >>> org.springframework.webflow.executor.FlowExecutorImpl.resume(FlowExecutorImpl.java >>> :227) >>> at >>> >>> org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:115) >>> at >>> >>> org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java >>> :170) >>> at >>> >>> org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) >>> at >>> >>> org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java >>> :45) >>> at >>> >>> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:820) >>> at >>> >>> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:755) >>> at >>> org.springframework.web.servlet.FrameworkServlet.processRequest >>> (FrameworkServlet.java:396) >>> at >>> >>> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:360) >>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:709) >>> at javax.servlet.http.HttpServlet.service (HttpServlet.java:802) >>> at >>> >>> org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115) >>> at >>> >>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) >>> >>> at >>> >>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) >>> at >>> >>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) >>> at org.apache.catalina.core.StandardContextValve.invoke >>> (StandardContextValve.java:178) >>> at >>> >>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) >>> at >>> >>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) >>> at org.apache.catalina.core.StandardEngineValve.invoke >>> (StandardEngineValve.java:107) >>> at >>> >>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) >>> at >>> >>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) >>> at >>> >>> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection >>> (Http11BaseProtocol.java:664) >>> at >>> >>> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) >>> at >>> >>> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java >>> :80) >>> at >>> >>> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) >>> at java.lang.Thread.run(Thread.java:595) >>> 2007-02-06 19:27:08,562 DEBUG >>> [org.springframework.web.servlet.DispatcherServlet ] - >>> Testing handler map >>> [EMAIL PROTECTED] >>> in DispatcherServlet with name 'cas' >>> 2007-02-06 19:27:08,578 DEBUG >>> [org.springframework.web.servlet.handler.SimpleUrlHandlerMapping >>> ] - Looking up handler for [/login] >>> 2007-02-06 19:27:08,578 DEBUG >>> [org.springframework.web.servlet.DispatcherServlet] - >>> Testing handler adapter >>> [EMAIL PROTECTED] >>> 2007-02-06 19:27:08,578 DEBUG >>> [org.springframework.web.servlet.DispatcherServlet] - >>> Testing handler adapter >>> [EMAIL PROTECTED] >>> 2007-02-06 19:27:08,578 DEBUG >>> [org.springframework.web.servlet.DispatcherServlet ] - >>> Last-Modified value for [/cas/login] is [-1] >>> 2007-02-06 19:27:08,578 DEBUG >>> [org.springframework.web.servlet.DispatcherServlet] - >>> DispatcherServlet with name 'cas' received request for >>> [/cas/login] >>> 2007-02-06 19:27:08,578 DEBUG [ >>> org.springframework.core.CollectionFactory] - Creating >>> [java.util.LinkedHashMap] >>> 2007-02-06 19:27:08,578 DEBUG >>> [org.springframework.web.servlet.DispatcherServlet] - Bound >>> request context to thread: >>> [EMAIL PROTECTED] >>> 2007-02-06 19:27:08,578 DEBUG >>> [org.springframework.web.servlet.DispatcherServlet] - >>> Testing handler adapter >>> [EMAIL PROTECTED] >>> 2007-02-06 19:27:08,578 DEBUG >>> [org.springframework.web.servlet.DispatcherServlet ] - >>> Testing handler adapter >>> [EMAIL PROTECTED] >>> ############################## >>> >>> i have searched former mail-list of cas, there are some same >>> problems with me. but a few user to paste the correct >>> answer, and some situation is not adapt to me. >>> >>> and this is my ldap client information. >>> >>> #################### >>> Expanding base 'CN=Users,DC=OPDEVNET'... >>> Result <0>: (null) >>> Matched DNs: >>> Getting 1 entries: >>> >> Dn: CN=Users,DC=OPDEVNET >>> 2> objectClass: top; container; >>> 1> cn: Users; >>> 1> description: Default container for upgraded user accounts; >>> 1> distinguishedName: CN=Users,DC=OPDEVNET; >>> 1> instanceType: 0x4 = ( IT_WRITE ); >>> 1> whenCreated: 11/7/2006 18:14:50 China Standard Time China >>> Standard Time; >>> 1> whenChanged: 11/7/2006 18:14:50 China Standard Time China >>> Standard Time; >>> 1> uSNCreated: 4304; >>> 1> uSNChanged: 4304; >>> 1> showInAdvancedViewOnly: FALSE; >>> 1> name: Users; >>> 1> objectGUID: 9105dc75-62e4-472e-a41f-acee515a0933; >>> 1> systemFlags: 0x8C000000 = ( FLAG_DISALLOW_DELETE | >>> FLAG_DOMAIN_DISALLOW_RENAME | FLAG_DOMAIN_DISALLOW_MOVE ); >>> 1> objectCategory: >>> CN=Container,CN=Schema,CN=Configuration,DC=OPDEVNET; >>> 1> isCriticalSystemObject: TRUE; >>> >>> ################### >>> >>> 1、do i need a LDAP server's certificate to the JVM? >>> 2、what's the problem with my configure file? >>> 3、i have viewed the thread: >>> http://forum.java.sun.com/thread.jspa?messageID=4227692 >>> <http://forum.java.sun.com/thread.jspa?messageID=4227692>but >>> i don't know what 's wrong with the configure in cas. >>> >>> >>> thank you in advance. >>> >>> oldman >>> 2/6/2007 >>> >> hi : >> can you help me to solve the problem? thank you very much. i >> am new to cas. >> >> >> oldman >> >> >> _______________________________________________ >> Yale CAS mailing list >> [email protected] <mailto:[email protected]> >> http://tp.its.yale.edu/mailman/listinfo/cas >> >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Yale CAS mailing list >> [email protected] <mailto:[email protected]> >> http://tp.its.yale.edu/mailman/listinfo/cas >> > > _______________________________________________ > Yale CAS mailing list > [email protected] <mailto:[email protected]> > http://tp.its.yale.edu/mailman/listinfo/cas > > > ------------------------------------------------------------------------ > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas >
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
