Scott,

Did you check my two XMLs. are they okay. I just want to know.

I am attaching a plain java program which does LDAP authentication correctly. 
It authenticates the sAMAccountName (basically employee-id) which i give in the 
program.

Please look at the value that is put for Context.PROVIDER_URL. Is this the IP 
which i should give in my deployerConfig..xml for URLs property. Currently i 
have given something like "localhost:389".

Please let me know.

Thanks


Scott Battaglia <[EMAIL PROTECTED]> wrote: Yes, that login screen is correct 
(because you have not modified it at all).  The exception you are getting is 
that your LDAP server refused the connection from the LDAP server.  Your LDAP 
server may be behind a firewall or you may be attempting to access it via an 
incorrect protocol ( i.e. ldap vs. ldaps) for what you are trying to do.  You 
may want to talk to your LDAP admins.

-Scott


On 6/20/07, sriram purushothaman < [EMAIL PROTECTED]> wrote:
Hi

I removed the CAS-FILTER related entries from my CAS  web.xml. I am attaching 
it as CAS-web.xml
I have added the CAS-FILTER related entries in my project's web.xml. I am 
attaching it as project-web.xml

Now, When i give  https://localhost:8443/cas/login, i get the Security-Alert 
dialog box and when i click on YES, i get CAS login screen. I am attaching this 
screen also here (cas-login.doc). Is this the correct screen, because as per 
the description in this page "usernames equals passwords" is given. 

In this login page (if this is the correct page), When i give my Id and 
password and click on LOGIN button, i get an exception. I am attaching the 
exception trace also(exception-on-click-of-login).

In all, i am adding 4  attachments.Sorry for bothering so much.

Please let me know where i am going wrong.

Thanks

Adrien Futschik < [EMAIL PROTECTED]> wrote:  On Wednesday 20 June 2007 08:18:26 
sriram purushothaman wrote: 
 > Scott,
 >
 > I am attaching my WEB.XML available under tomcat-5.5.16/cas/WEB-INF folder.
 > I have given entries only loginURL, validateURL and ServerName. I have not 
 > given an entry for ServiceURL. Is that required?
 >
 > Please check my web.xml and tell me which URL should I use in my IE?
 > I tried using  http://localhost:8080/cas/login. I got CAS login page. But
 > after giving my credentials i got an exception. My LDAP auth did not happen
 >
 > Thanks
 >
  > Scott Battaglia <[EMAIL PROTECTED]> wrote: This might help you:
 >  http://www.ja-sig.org/wiki/display/CASUM/LDAP
  >
 > (note that the first step about the dependency relates to CAS 3.1 and not
 > CAS 3.0.x but the rest of the information should be okay).
 >
 > -Scott
  >
 > On 6/19/07, sriram purushothaman <[EMAIL PROTECTED]> wrote: Please check
  > this bean entry in deployer..xml <bean id="contextSource"
 > class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
 > <property name="authenticatedReadOnly" value="false" /> <property 
 > name="userName" value="" />
 >                  <property name="password" value="" />
 >                  <property name="urls"> 
 >                           <list>
 >                                  <value>ldap://XX.XXX.X.XXX:389/</value>
 >                          </list>
  >                  </property>
 >
 >                  <property name="baseEnvironmentProperties">
 >                           <map>
  >                                  <entry>
 >                                         
 > <key><value>java.naming.security.authentication</value></key>
  > <value>simple</value>
 >                                  </entry>
 >                         </map>
 >                 </property>
 > </bean> 
 >
 > What should i give for UserName and Password?
 > Should i give the Distinguished Name and password that i normally use in
 > httpd.conf(Apache web-server + weblogic) and what should i give for URLs 
 > list
 >
 > Please let  me know
 >
 > Thanks
 >
 >  Scott Battaglia <[EMAIL PROTECTED] > wrote:  If you're using a 
 > non-Sun JVM, then you need to set the "responseControlFactory" property on
 > the ContextSource.  The default is an internal Sun implementation. 
 >
 > -Scott
 >
 >  On 6/19/07,  sriram purushothaman <[EMAIL PROTECTED] > wrote:  Hi
 >
 > I have done LDAP authentication using Apache Webserver 2.0.59 and Weblogic
 > 8.1 and I am successful with it. Now i want to do it with CAS.
 > 
 > I am new to CAS and i am trying out few stuff. I am using Tomcat   5.5.16,
 > JDK 1.42
 >
 > 1. I have download cas-server-3.0.7 and cas-client-java-2.1.1
  > 2. I have downloaded cas-server-ldap-3.0.7 JAR , spring-ldap1.1.2 JAR,
  > ldapbp1.0 JAR and put these 3 JARs in localplugins/lib folder. 3. Did ant
 > jar and ant war. Got the localplugins.jar and the WAR  file 4. I changed my
 > deployerConfigContext.xml. I have attached the same  here.Please check and
 > tell me whether it is correct. 5. Copied the WAR into my tomcat/webapps
 > 6. When i start my tomcat, i am getting the attached error.
 >
 > I have downloaded this folder structure  com.sun.jndi.ldap.<>, but not sure
 > what to do with it.
 >
 > Regards,
 > Sriram
 >
 >
 > --------------------------------- 
 > Don't pick lemons.
 >  See all the  new 2007 cars  at  Yahoo! Autos.
 >
 >
 > 2007-06-19 14:55:45,250 ERROR 
 > [org.springframework.web.context.ContextLoader ] - <Context  initialization
 > failed> org.springframework.beans.factory.BeanCreationException: Error
 > creating bean with name 'centralAuthenticationService' defined in
 > ServletContext resource [/WEB-INF/applicationContext.xml]: Cannot resolve 
 > reference to bean 'authenticationManager' while setting bean property
 > 'authenticationManager'; nested exception is  
 > org.springframework.beans.factory.BeanCreationException : Error creating
 > bean with name 'authenticationManager' defined in ServletContext resource
 > [/WEB-INF/deployerConfigContext.xml]: Cannot create inner bean ' 
 > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#b2e752 ' of type
 > [org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler] while setting
 > bean property 'authenticationHandlers' with key [1]; nested exception is  
 >  org.springframework.beans.factory.BeanCreationException: Error creating
 > bean with name 
 > 'org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#b2e752' defined
 > in ServletContext resource [/WEB-INF/deployerConfigContext.xml]: Cannot 
 > resolv!
 >  e reference to bean 'contextSource' while setting bean property
 > 'contextSource'; nested exception is 
 > org.springframework.beans.factory.BeanCreationException : Error creating
 > bean with name 'contextSource' defined in ServletContext resource
 > [/WEB-INF/deployerConfigContext.xml]: Instantiation of bean failed; nested
 > exception is    java.lang.NoClassDefFoundError:
 > com.sun.jndi.ldap.ctl.ResponseControlFactory Caused by:
 > org.springframework.beans.factory.BeanCreationException: Error creating
 > bean with name 'authenticationManager'  defined in ServletContext resource
 > [/WEB-INF/deployerConfigContext.xml]: Cannot create inner bean ' 
 > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#b2e752' of type
  > [org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler] while setting
 > bean property 'authenticationHandlers'  with key [1]; nested exception is 
 > org.springframework.beans.factory.BeanCreationException : Error creating
 > bean with name
 > 'org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#b2e752' defined
 > in ServletContext resource [/WEB-INF/deployerConfigContext.xml]: Cannot 
 > resolve reference to bean 'contextSource' while setting bean property
 > 'contextSource'; nested exception is  
 > org.springframework.beans.factory.BeanCreationException : Error creating
 > bean with name 'contextSource' defined in ServletContext  resource
 > [/WEB-INF/deployerConfigContext.xml]: Instantiation of bean failed; nested
 > exce!
 >  ption is java.lang.NoClassDefFoundError:
 > com.sun.jndi.ldap.ctl.ResponseControlFactory  Caused by:
 > org.springframework.beans.factory.BeanCreationException: Error creating
 > bean with name
 > 'org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler#b2e752  ' 
 > defined in ServletContext resource [/WEB-INF/deployerConfigContext.xml]:
 > Cannot resolve reference to bean 'contextSource'  while setting bean
 > property 'contextSource'; nested exception is 
 > org.springframework.beans.factory.BeanCreationException : Error creating
 > bean with name 'contextSource' defined in ServletContext resource
 > [/WEB-INF/deployerConfigContext.xml]: Instantiation of bean failed; nested 
 > exception is   java.lang.NoClassDefFoundError:
 > com.sun.jndi.ldap.ctl.ResponseControlFactory Caused by:
 > org.springframework.beans.factory.BeanCreationException: Error creating
 > bean with name 'contextSource' defined in ServletContext resource 
 > [/WEB-INF/deployerConfigContext.xml]: Instantiation of bean failed; nested
 > exception is   java.lang.NoClassDefFoundError:
 > com.sun.jndi.ldap.ctl.ResponseControlFactory Caused by: 
 > java.lang.NoClassDefFoundError:
 > com.sun.jndi.ldap.ctl.ResponseControlFactory at
 > org.springframework.ldap.support.LdapContextSource.class$ 
 > (LdapContextSource.java :42) at 
 > org.springframework.ldap.support.LdapContextSource.<clinit>(LdapContextSour
 >ce.java:42) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
 > Method) at  sun.reflect.NativeConstructorAccessorImpl.newInstance
 > (NativeConstructorAccessorImpl.java:39) at
 > sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstru
 > ctorAccessorImpl.java:27) at
 > java.lang.reflect.Constructor.newInstance(Constructor.java :274) at
 > org.springframework.beans.BeanUtils.instantiateClass(BeanUtils.java:84) at
 > org.springframework.beans.BeanUtils.instantiateClass  (BeanUtils.java:60) at
 > org.springframework.beans.factory.support.SimpleInstantiationStrategy.insta
 >ntiate (SimpleInstantiationStrategy.java:45) at 
 > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor 
 >y.instantiateBean (AbstractAutowireCapableBeanFactory.java:739) at
 > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
 >y.createBeanInstance  (AbstractAutowireCapableBeanFactory.java:727) at
 > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
 >y.createBean (AbstractAutowireCapableBeanFactory.java:390) at
  > org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject
 > (AbstractBeanFactory.java:254) at
 > org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getS 
 >ingleton (DefaultSingletonBeanRegistry.java:144) at
 > org.springframework.beans.factory.support.AbstractBeanFactory.getBean
 > (AbstractBeanFactory.java:251) at 
 >  org.springframework.beans.factory.support.AbstractBeanFactory.getBean
 > (AbstractBeanFactory.java:163) at
 > org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol
  >veReference(BeanDefinitionValueResolver.java :271) at
 >  org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol
 >veValueIfNecessary (BeanDefinitionValueResolver.java:128) at
 > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor 
 >y.applyPropertyValues (AbstractAutowireCapableBeanFactory.java:1047) at
 > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
 >y.populateBean (AbstractAutowireCapableBeanFactory.java :843) at
 > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
 >y.createBean (AbstractAutowireCapableBeanFactory.java:427) at 
 > org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol 
 >veInnerBean (BeanDefinitionValueResolver.java:221) at
 > org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol
 >veValueIfNecessary  (BeanDefinitionValueResolver.java:111) at
 > org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol
 >veManagedList (BeanDefinitionValueResolver.java:291) at
 >  org.springframework.beans.factory.support.BeanDefinitionValueResolver.resol
 >veValueIfNecessary (BeanDefinitionValueResolver.java:132) at
 > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor 
 >y.applyPropertyValues (AbstractAutowireCapableBeanFactory.java:1047) at
 > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
 >y.populateBean (AbstractAutowireCapableBeanFactory.java :843) at
 > org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactor
 >y.createBean (AbstractAutowireCapableBeanFactory.java:427) at
 > org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject 
  > (AbstractBeanFactory.java:254) at
 > org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getS
 >ingleton (DefaultSingletonBeanRegistry.java:144) at
 >  org.springframework.beans.factory.support.AbstractBeanFactory.getBean
 > (AbstractBeanFactory.java:251) at
 > org.springframework.beans.factory.support.AbstractBeanFactory.getBean
 > ( AbstractBeanFactory.java:163)
 > _______________________________________________
 > Yale CAS mailing list
 >  [email protected]
 >  http://tp.its.yale.edu/mailman/listinfo/cas
  >
 >
 >
 >
 >
 >
 > --
 > -Scott Battaglia
 >
 >
 > LinkedIn:   http://www.linkedin.com/in/scottbattaglia
 > _______________________________________________  Yale CAS mailing list
 >  [email protected]
 >  http://tp.its.yale.edu/mailman/listinfo/cas
 >
 >
 >
 > ---------------------------------
 > We won't tell. Get more on shows you hate to love
  > (and love to hate): Yahoo! TV's Guilty Pleasures list.
 >
 > _______________________________________________
 > Yale CAS mailing list
 >  [email protected]
 >  http://tp.its.yale.edu/mailman/listinfo/cas
  
 you mixed up a few things. The cas-filter is to be used with your client 
 application not with cas. This means that your web.xml for cas is wrong.
 It should look like this ....
  
 
 <?xml version="1.0" encoding="ISO-8859-1"?>
 <web-app  xmlns="http://java.sun.com/xml/ns/j2ee";
  xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance";
   xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee  
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd";
  version="2.4">
  <display-name>Central Authentication System (CAS)  3.0</display-name>
  <context-param>
   <param-name>contextConfigLocation</param-name>
    <param-value>
    /WEB-INF/applicationContext.xml,
    /WEB-INF/deployerConfigContext.xml 
    </param-value>
  </context-param>
  
  <!-- DEBUT Ajout pour OPIAM --> 
  <filter>
   <filter-name>additional cookie</filter-name> 
    
<filter-class>com.atosorigin.opiam.auth.cas.CreateAdditionalCookie</filter-class>
  </filter>
   
  <filter-mapping>
   <filter-name>additional cookie</filter-name> 
    <url-pattern>/*</url-pattern> 
      </filter-mapping>
  
   <!-- FIN Ajout pour OPIAM -->
  <!-- 
   place this into the contextConfigLocation to enable
    service restrictions.
   /WEB-INF/approvedServices.xml, .....
 
 In  fact I didn't not even change anything in-there.
 The first thing you have to do is try out https connection to CAS. For me it 
was : 
 
 https://localhost:8443/cas/login but by default the port is 8444, so it would 
be  
 https://localhost:8444/cas/login
 Then if you've made the changes you need to in  deployerConfigContext.xml, you 
should be able to authenticate with a valid  user&password.
 
 See my configuration attached.
 
 Hope it helps
 
 -- 
 Futschik Adrien
 Atos Origin
 Tour "Les Miroirs"  
 18, avenue d'Alsace 

 92296 Paris La Défense Cedex
 FRANCE
  
 Phone: +33 (0) 1 55 91 24 82
 
  [EMAIL PROTECTED] 
 www.si.fr.atosorigin.com
 



 
 
         class="org.jasig.cas.authentication.AuthenticationManagerImpl">
  
  
   
    
     
         
class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"
 />
    
    
         
class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver
 " />
   
  
  
  
  
   
    
    
         
class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
 >
     
    
    
     
    
         class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" >
     
     
     
    
   
  
 
 
 
  
  
  
  
  
   
    ldap://localhost:4800/ 
   
  
  
  
   
    
     java.naming.security.authentication
     simple
    
   
  
     

_______________________________________________
 Yale CAS mailing list
[email protected]
 http://tp.its.yale.edu/mailman/listinfo/cas

        

---------------------------------
You snooze, you lose.  Get messages ASAP with AutoCheck
  in the all-new Yahoo! Mail Beta. 

_______________________________________________
Yale CAS mailing list
[email protected] 
http://tp.its.yale.edu/mailman/listinfo/cas



 


-- 
-Scott Battaglia

LinkedIn: http://www.linkedin.com/in/scottbattaglia 
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas


       
---------------------------------
Be a better Globetrotter. Get better travel answers from someone who knows.
Yahoo! Answers - Check it out.
package com.feedback.util;

import java.util.Hashtable;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NameClassPair;
import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.directory.Attribute;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.*;
import javax.naming.*;
import javax.naming.directory.*;

public final class LDAPAccessCode

{
            public static void getUserNameAndEmail()
            {
            	System.out.println("1111 ...  ");
                        Hashtable env = new Hashtable ();
                        env.put (Context.SECURITY_AUTHENTICATION, "simple");
                        env.put (Context.SECURITY_PRINCIPAL, "CN=CompanyAdmin,OU=MUMBAI,OU=INDIA,OU=myCompanyUsers,DC=myCompany,DC=com");
                        env.put (Context.SECURITY_CREDENTIALS, "secret");
                        env.put (Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
                        env.put (Context.PROVIDER_URL, "ldap://XX.YYY.Z.UUU:389";);
                        System.out.println("222 ...  ");
                        try
                        {
                        	System.out.println("3333 ...  " + env);      
                                    InitialLdapContext ctx = new InitialLdapContext (env,null);
                        			//DirContext ctx = new InitialDirContext(env);
                                    System.out.println("44444 ...  " );
                                    String[] attrIDs = {"cn", "mail","title"};
                                    SearchControls ctls = new SearchControls();
                                    ctls.setReturningAttributes (attrIDs);
                                    ctls.setReturningObjFlag (true);
                                    ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
                                    String filter = "sAMAccountName=XXXXXX";
                                    NamingEnumeration answer = ctx.search("OU=myCompanyUsers,DC=myCompany,DC=com", filter, ctls);
                                    formatResults(answer);
                                    ctx.close();
                                    }catch (NamingException e){
                                                e.printStackTrace();
                                    } catch (Exception ex){
                                                ex.printStackTrace ();
                                    }
            }


                        /*
                        * Generic method to format the NamingEnumeration returned from a search.
                        */
                        public  static void formatResults(NamingEnumeration enum) throws Exception{
                                    System.out.println("======================Inside FormatResults============================");
                                    int count=0;
                                    try {
                                        while (enum.hasMore()) {
                                                SearchResult sr = (SearchResult)enum.next();
                                                System.out.println("SEARCH RESULT:" + sr.getName());
                                                formatAttributes(sr.getAttributes());
                                                System.out.println("====================================================");
                                                count++;
                                                   }

                                       System.out.println("Search returned "+ count+ " results");

                                    } catch (NamingException e) {
                                        e.printStackTrace();
                                    }
                            }


                        /*
                        * Generic method to format the Attributes .Displays all the multiple values of
                        * each Attribute in the Attributes
                        */

                         public  static void formatAttributes(Attributes attrs) throws Exception{
                                    if (attrs == null) {
                                        System.out.println("This result has no attributes");
                                    } else {
                                        try {
                                                for (NamingEnumeration enum = attrs.getAll(); enum.hasMore();) {
                                                    Attribute attrib = (Attribute)enum.next();
                                                    System.out.println("ATTRIBUTE :" + attrib.getID());
                                                    for (NamingEnumeration e = attrib.getAll();e.hasMore();)
                                                             System.out.println("\t\t        = " + e.next());
                                                }

                                        } catch (NamingException e) {
                                                e.printStackTrace();
                                        }
                                    }
                        }

            public static void main(String args[]) {
            	System.out.println("MAINN...  ");
                        getUserNameAndEmail();
            }

}
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC  "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd";>
<!--
	| deployerConfigContext.xml centralizes into one file some of the declarative configuration that
	| all CAS deployers will need to modify.
	|
	| This file declares some of the Spring-managed JavaBeans that make up a CAS deployment.  
	| The beans declared in this file are instantiated at context initialization time by the Spring 
	| ContextLoaderListener declared in web.xml.  It finds this file because this
	| file is among those declared in the context parameter "contextConfigLocation".
	|
	| By far the most common change you will need to make in this file is to change the last bean
	| declaration to replace the default SimpleTestUsernamePasswordAuthenticationHandler with
	| one implementing your approach for authenticating usernames and passwords.
	+-->
<beans>
	<!--
		| This bean declares our AuthenticationManager.  The CentralAuthenticationService service bean
		| declared in applicationContext.xml picks up this AuthenticationManager by reference to its id, 
		| "authenticationManager".  Most deployers will be able to use the default AuthenticationManager
		| implementation and so do not need to change the class of this bean.  We include the whole
		| AuthenticationManager here in the userConfigContext.xml so that you can see the things you will
		| need to change in context.
		+-->
	<bean id="authenticationManager"
		class="org.jasig.cas.authentication.AuthenticationManagerImpl">
		<!--
			| This is the List of CredentialToPrincipalResolvers that identify what Principal is trying to authenticate.
			| The AuthenticationManagerImpl considers them in order, finding a CredentialToPrincipalResolver which 
			| supports the presented credentials.
			|
			| AuthenticationManagerImpl uses these resolvers for two purposes.  First, it uses them to identify the Principal
			| attempting to authenticate to CAS /login .  In the default configuration, it is the DefaultCredentialsToPrincipalResolver
			| that fills this role.  If you are using some other kind of credentials than UsernamePasswordCredentials, you will need to replace
			| DefaultCredentialsToPrincipalResolver with a CredentialsToPrincipalResolver that supports the credentials you are
			| using.
			|
			| Second, AuthenticationManagerImpl uses these resolvers to identify a service requesting a proxy granting ticket. 
			| In the default configuration, it is the HttpBasedServiceCredentialsToPrincipalResolver that serves this purpose. 
			| You will need to change this list if you are identifying services by something more or other than their callback URL.
			+-->
		<property name="credentialsToPrincipalResolvers">
			<list>
				<!--
					| UsernamePasswordCredentialsToPrincipalResolver supports the UsernamePasswordCredentials that we use for /login 
					| by default and produces SimplePrincipal instances conveying the username from the credentials.
					| 
					| If you've changed your LoginFormAction to use credentials other than UsernamePasswordCredentials then you will also
					| need to change this bean declaration (or add additional declarations) to declare a CredentialsToPrincipalResolver that supports the
					| Credentials you are using.
					+-->
				<bean
					class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" />
				<!--
					| HttpBasedServiceCredentialsToPrincipalResolver supports HttpBasedCredentials.  It supports the CAS 2.0 approach of
					| authenticating services by SSL callback, extracting the callback URL from the Credentials and representing it as a
					| SimpleService identified by that callback URL.
					|
					| If you are representing services by something more or other than an HTTPS URL whereat they are able to
					| receive a proxy callback, you will need to change this bean declaration (or add additional declarations).
					+-->
				<bean
					class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" />
			</list>
		</property>

		<!--
			| Whereas CredentialsToPrincipalResolvers identify who it is some Credentials might authenticate, 
			| AuthenticationHandlers actually authenticate credentials.  Here we declare the AuthenticationHandlers that
			| authenticate the Principals that the CredentialsToPrincipalResolvers identified.  CAS will try these handlers in turn
			| until it finds one that both supports the Credentials presented and succeeds in authenticating.
			+-->
		<property name="authenticationHandlers">
			<list>
				<!--
					| This is the authentication handler that authenticates services by means of callback via SSL, thereby validating
					| a server side SSL certificate.
					+-->
				<bean
					class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler">
					<property
						name="httpClient"
						ref="httpClient" />
				</bean>

				<!--
					| This is the authentication handler declaration that every CAS deployer will need to change before deploying CAS 
					| into production.  The default SimpleTestUsernamePasswordAuthenticationHandler authenticates UsernamePasswordCredentials
					| where the username equals the password.  You will need to replace this with an AuthenticationHandler that implements your
					| local authentication strategy.  You might accomplish this by coding a new such handler and declaring
					| edu.someschool.its.cas.MySpecialHandler here, or you might use one of the handlers provided in the adaptors modules.
					+-->
				<bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" >
                           <property name="filter" value="sAMAccountName=%u" />
                           <property name="searchBase" value="cn=Admin Annuity,OU=MUMBAI,OU=INDIA,OU=myCompanyusers,dc=myCompany,dc=com" />
                           <property name="contextSource" ref="contextSource" />
						   <property name="ignorePartialResultException" value="yes" />
				</bean>
			</list>
		</property>
	</bean>

	<bean id="contextSource" class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
                 <!--<property name="authenticatedReadOnly" value="false" />-->
				 <property name="anonymousReadOnly" value="false"/>
				 <property name="pooled" value="true" />
                 <property name="userName" value="cn=CompanyAdmin,dc=myCompany,dc=com" />				 
                 <property name="password" value="secret" />
                 <property name="urls">
                         <list>
                                 <value>ldap://localhost:389/</value>
                         </list>
                 </property>

                 <property name="baseEnvironmentProperties">
                         <map>
                                 <entry>
                                         <key><value>java.naming.security.authentication</value></key>
                                         <value>simple</value>
                                 </entry>
                        </map>
                </property>
</bean>
</beans>
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to