Turn on DEBUG for org.springframework.ldap (or for the LdapTemplate project
depending on the CAS version). That should help you figure out what is
going on with LDAP.
I believe the JDK also has some LDAP debugging parameters.
-Scott
On 3/1/07, Sandeep Sheth <[EMAIL PROTECTED]> wrote:
*I configured Cas Server 3.0.5 for Ldap authentication and deployed
cas.war on Tomcat.*
* *
*I always see following message when I try to login to *
* *
The credentials you provided cannot be determined to be authentic.
I am able to login using ldap using another piece of code with same
credentials.
*Please help!!***
* *
*Here is my deployerConfigContext.xml*
<property name="authenticationHandlers">
<list>
<!--
| This is the
authentication handler that authenticates services by means of callback via
SSL, thereby validating
| a server
side SSL certificate.
+-->
<bean
class="
org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
/>
<!--
| This is the
authentication handler declaration that every CAS deployer will need to
change before deploying CAS
| into
production.
| With this
configuration you will be using LDAP FastBind authentication.
+-->
<bean
class="
org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler" >
<property name="filter" value="sAMAccountId=%u, dc=delegata, dc=com" />
<property name="contextSource" ref="contextSource" />
</bean>
</list>
</property>
</bean>
<bean id="contextSource"
class="
org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
<property name="urls">
<list>
<value>ldap://ldap.delegata.com:389</value>
<value>ldap://ldap2.delegata.com:389</value>
</list>
</property>
</bean>
*This is what I see in the console: *
2007-03-01 11:55:59,859 INFO [
org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
<Starting cleaning of expired tickets from ticket registry at [Thu Mar 01
11:55:59 PST 2007]>
2007-03-01 11:55:59,859 INFO [
org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - <0
found to be removed. Removing now.>
2007-03-01 11:55:59,859 INFO [
org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
<Finished cleaning of expired tickets from ticket registry at [Thu Mar 01
11:55:59 PST 2007]>
2007-03-01 12:07:37,030 DEBUG [
org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Action
'AutomaticCookiePathSetterAction' beginning execution>
2007-03-01 12:07:37,030 INFO [
org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Setting
ContextPath for cookies to: /cas>
2007-03-01 12:07:37,030 DEBUG [
org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Action
'AutomaticCookiePathSetterAction' completed execution; result is 'success'>
2007-03-01 12:07:37,030 DEBUG [
org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action
'TicketGrantingTicketExistsAction' beginning execution>
2007-03-01 12:07:37,046 DEBUG [
org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action
'TicketGrantingTicketExistsAction' completed execution; result is
'noTicketGrantingTicketExists'>
2007-03-01 12:07:37,046 DEBUG [
org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action
'GatewayRequestCheckAction' beginning execution>
2007-03-01 12:07:37,046 DEBUG [
org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action
'GatewayRequestCheckAction' completed execution; result is
'authenticationRequired'>
2007-03-01 12:07:38,170 DEBUG [
org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Action
'AutomaticCookiePathSetterAction' beginning execution>
2007-03-01 12:07:38,170 DEBUG [
org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Action
'AutomaticCookiePathSetterAction' completed execution; result is 'success'>
2007-03-01 12:07:38,170 DEBUG [
org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action
'TicketGrantingTicketExistsAction' beginning execution>
2007-03-01 12:07:38,170 DEBUG [
org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action
'TicketGrantingTicketExistsAction' completed execution; result is
'noTicketGrantingTicketExists'>
2007-03-01 12:07:38,186 DEBUG [
org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action
'GatewayRequestCheckAction' beginning execution>
2007-03-01 12:07:38,201 DEBUG [
org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action
'GatewayRequestCheckAction' completed execution; result is
'authenticationRequired'>
2007-03-01 12:09:03,722 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action
'AuthenticationViaFormAction' beginning execution>
2007-03-01 12:09:03,722 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Executing bind>
2007-03-01 12:09:03,738 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Loading new form
object>
2007-03-01 12:09:03,738 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Creating new
instance of form object class [class
org.jasig.cas.authentication.principal.UsernamePasswordCredentials]>
2007-03-01 12:09:03,738 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Setting form object
of type [class
org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in
scope [class org.springframework.webflow.ScopeType.Flow (1)] with name
'credentials'>
2007-03-01 12:09:03,769 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <No property editor
registrar set, no custom editors to register>
2007-03-01 12:09:03,785 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Binding allowed
request parameters in map['lt' ->
'_c098887B4-2F64-6805-90CF-23A7E53A0776_kBE08773B-B693-84EE-4764989E6882',
'_eventId' -> 'submit', 'password' -> 'sam', 'username' -> 'sam'] to form
object with name 'credentials', pre-bind formObject toString = null>
2007-03-01 12:09:03,785 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <(Any field is
allowed)>
2007-03-01 12:09:03,800 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Binding completed
for form object with name 'credentials', post-bind formObject toString =
sam>
2007-03-01 12:09:03,800 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <There are [0]
errors, details: []>
2007-03-01 12:09:03,800 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Setting form errors
instance in scope [class org.springframework.webflow.ScopeType.Request(0)]>
2007-03-01 12:09:03,800 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Executing validate>
2007-03-01 12:09:03,800 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Invoking validator
[EMAIL PROTECTED]>
2007-03-01 12:09:03,816 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Validation
completed for form object with name 'credentials'>
2007-03-01 12:09:03,816 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <There are [0]
errors, details: []>
2007-03-01 12:09:03,816 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action
'AuthenticationViaFormAction' completed execution; result is 'success'>
2007-03-01 12:09:03,816 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action
'AuthenticationViaFormAction' beginning execution>
2007-03-01 12:09:03,816 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Found existing form
object with name 'credentials' of type [class
org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in
scope [class org.springframework.webflow.ScopeType.Flow (1)]>
2007-03-01 12:09:03,816 DEBUG [
org.jasig.cas.CentralAuthenticationServiceImpl] - <Attempting to create
TicketGrantingTicket for sam>
2007-03-01 12:09:03,941 INFO [
org.jasig.cas.authentication.AuthenticationManagerImpl] -
<AuthenticationHandler:
org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler failed to
authenticate the user which provided the following credentials: sam>
2007-03-01 12:09:03,941 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Found existing form
object with name 'credentials' of type [class
org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in
scope [class org.springframework.webflow.ScopeType.Flow (1)]>
2007-03-01 12:09:03,941 DEBUG [
org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action
'AuthenticationViaFormAction' completed execution; result is 'error'>
2007-03-01 12:09:04,034 DEBUG [
org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Action
'AutomaticCookiePathSetterAction' beginning execution>
2007-03-01 12:09:04,034 DEBUG [
org.jasig.cas.web.flow.AutomaticCookiePathSetterAction] - <Action
'AutomaticCookiePathSetterAction' completed execution; result is 'success'>
2007-03-01 12:09:04,034 DEBUG [
org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action
'TicketGrantingTicketExistsAction' beginning execution>
2007-03-01 12:09:04,034 DEBUG [
org.jasig.cas.web.flow.TicketGrantingTicketExistsAction] - <Action
'TicketGrantingTicketExistsAction' completed execution; result is
'noTicketGrantingTicketExists'>
2007-03-01 12:09:04,034 DEBUG [
org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action
'GatewayRequestCheckAction' beginning execution>
2007-03-01 12:09:04,034 DEBUG [
org.jasig.cas.web.flow.GatewayRequestCheckAction] - <Action
'GatewayRequestCheckAction' completed execution; result is
'authenticationRequired'>
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
--
-Scott Battaglia
LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
