If you don't have a need for the attributrepository you can replace it with
the MapBacked one (in fact in the next RC release, that is what will
happen). Otherwise, you can put in an enhancement request for additional
configuration options for the LdapAttributeRepository.
-Scott
On 6/21/07, Burghduff <[EMAIL PROTECTED]> wrote:
I am having a problem with SPNEGO in CAS. I am using the following:
Tomcat 5.5.23 running on Windows XP, CAS 3.1-rc2 connecting through LDAP
to an AD Server.
login.conf file
jcifs.spnego.initiate {
com.sun.security.auth.module.Krb5LoginModule required storeKey=true
useKeyTab=true keyTab="c:/temp/test.keytab" principal=HTTP/my.machine.com@
MACHINE.COM;
};
jcifs.spnego.accept {
com.sun.security.auth.module.Krb5LoginModule required storeKey=true
useKeyTab=true keyTab="c:/temp/test.keytab" principal=HTTP/my.machine.com@
MACHINE.COM;
};
I am getting the following error when Spring is creating the attributeRegistry
bean:
[org.jasig.cas.services.LdapAttributeRepository] - <
javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr:
DSID-0C090627, comment: In order to perform this operation a successful bind
must be completed on the connection., data 0, vece
In the constructor of LdapAttributeRepository it tries to access the LDAP
server without providing any credentials. How are the credentials suppose
to be supplied? I made my own AttributeRepository class that adds an
additional map value of env.put(Context.*SECURITY_AUTHENTICATION*,
"GSSAPI"); With this value I am able to connect to the AD server through
LDAP
I hope that I am including enough information
Thanks
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
--
-Scott Battaglia
LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas
