To expand upon what Andrew said, if you are doing anonymous binds lookups then you'll want to remove the username and password. Otherwise, you'll want to set anonymousReadOnly to false.
In general, in my experience, you'll most likely want to set anonymousReadOnly to false. On 10/23/07, Andrew R Feller <[EMAIL PROTECTED]> wrote: > > Remove the "password" property off of your > AuthenticatedLdapContextSource; you cannot connect as anonymousReadOnly > and specify a password. =P > > Andrew R Feller, Analyst > Subversion Administrator > University Information Systems > Louisiana State University > [EMAIL PROTECTED] > (office) 225.578.3737 > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of Tarik Arrad > Sent: Tuesday, October 23, 2007 7:50 AM > To: [email protected] > Subject: Re: CAS and LDAP problem > > > Hi Scott > I'm doing authenticated reading. > My authentication handler look like this : > <bean > > class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"> > <property name="filter" > value="uid=%u" /> > <property name="searchBase" > value="dc=inspire-media,dc=ma" /> > <property name="contextSource" > ref="contextSource" /> > </bean> > </list> > </property> > </bean> > <bean id="contextSource" > class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource"> > <property name="userName" > value="cn=Manager,dc=inspire-media,dc=ma" /> > <property name="anonymousReadOnly" value="True" /> > <property name="password" value="password" /> > <property name="pooled" value="true" /> > <property name="urls"> > <list> > <value>ldap://localhost:389/</value> > </list> > </property> > <property name="baseEnvironmentProperties"> > <map> > <!--<entry> > > <key><value>java.naming.security.protocol</value></key> > <value>ssl</value> > </entry>--> > <entry> > > <key><value>java.naming.security.authentication</value></key> > <value>simple</value> > </entry> > </map> > </property> > </bean> > > > > > scott_battaglia wrote: > > > > Tarik, > > > > First, if you have a question please send the message once to the CAS > > users > > list. It generates less noise that way. You do not increase your > chances > > of getting a response by sending it multiple times in such a short > period > > of > > time (I should also never be emailed personally if you have a > question). > > > > As for your question, if you are having trouble logging in via LDAP, > > ensure > > the following: > > you are doing authenticated reading (providing a username and password > in > > the Context with the appropriate LDAP properties set for your > > configuration) > > and ensure that your filter and base are set correctly. > > > > This page gives some example configurations of the Context and > properties. > > Note that your configuration may be different: > > http://www.ja-sig.org/wiki/display/CASUM/LDAP > > > > Thanks > > -Scott > > > > On 10/23/07, Tarik Arrad <[EMAIL PROTECTED]> wrote: > >> > >> > >> I'm trying to deploy CAS with LDAP (OpenLDAP), after authentication i > >> have > >> this log messages : > >> > >> 2007-10-23 10:19:25,770 INFO [ > >> org.jasig.cas.web.flow.InitialFlowSetupAction] > >> - <Setting ContextPath for cookies to: /cas> > >> 2007-10-23 10:19:30,920 INFO > >> [org.jasig.cas.authentication.AuthenticationManagerImpl] - > >> <AuthenticationHandler: > >> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler failed to > >> authenticate the user which provided the following credentials: > Driss> > >> Exception in thread "Store ticketCache Expiry Thread" > >> java.lang.NullPointerException > >> at org.apache.log4j.LogManager.getLogger(LogManager.java:188) > >> at org.apache.log4j.Logger.getLogger(Logger.java:104) > >> at > >> > org.apache.commons.logging.impl.Log4JLogger.getLogger(Log4JLogger.java > >> :283) > >> at > >> org.apache.commons.logging.impl.Log4JLogger.isDebugEnabled( > >> Log4JLogger.java:293) > >> at > >> net.sf.ehcache.store.DiskStore.expiryThreadMain(DiskStore.java:834) > >> at net.sf.ehcache.store.DiskStore.access$700(DiskStore.java:59) > >> at net.sf.ehcache.store.DiskStore$ExpiryThread.run(DiskStore.java > >> :1008) > >> 2007-10-23 10:20:44,687 INFO > >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - > <FormObjectClass > >> not > >> set. Using default class of > >> org.jasig.cas.authentication.principal.UsernamePasswordCredentials > with > >> formObjectName credentials and validator > >> org.jasig.cas.validation.UsernamePasswordCredentialsValidator.> > >> 2007-10-23 10:20:47,878 INFO [ > >> org.jasig.cas.web.flow.InitialFlowSetupAction] > >> - <Setting ContextPath for cookies to: /cas> > >> 2007-10-23 10:20:53,176 INFO > >> [org.jasig.cas.authentication.AuthenticationManagerImpl] - > >> <AuthenticationHandler: > >> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler failed to > >> authenticate the user which provided the following credentials: > Tarik> > >> 2007-10-23 10:20:59,737 INFO > >> [org.jasig.cas.authentication.AuthenticationManagerImpl] - > >> <AuthenticationHandler: > >> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler failed to > >> authenticate the user which provided the following credentials: > Manager> > >> 2007-10-23 10:21:03,940 INFO > >> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] > - > >> <Starting cleaning of expired tickets from ticket registry at [Tue > Oct 23 > >> 10:21:03 WET 2007]> > >> 2007-10-23 10:21:03,940 INFO > >> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] > - <0 > >> found to be removed. Removing now.> > >> 2007-10-23 10:21:03,940 INFO > >> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] > - > >> <Finished cleaning of expired tickets from ticket registry at [Tue > Oct 23 > >> 10:21:03 WET 2007]> > >> 2007-10-23 10:23:45,405 INFO > >> [org.jasig.cas.authentication.AuthenticationManagerImpl] - > >> <AuthenticationHandler: > >> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler failed to > >> authenticate the user which provided the following credentials: > Tarik> > >> Exception in thread "Store ticketCache Expiry Thread" > >> java.lang.NullPointerException > >> at org.apache.log4j.LogManager.getLogger(LogManager.java:188) > >> at org.apache.log4j.Logger.getLogger(Logger.java:104) > >> at > >> > org.apache.commons.logging.impl.Log4JLogger.getLogger(Log4JLogger.java > >> :283) > >> at > >> org.apache.commons.logging.impl.Log4JLogger.isDebugEnabled( > >> Log4JLogger.java:293) > >> at > >> net.sf.ehcache.store.DiskStore.expiryThreadMain(DiskStore.java:834) > >> at net.sf.ehcache.store.DiskStore.access$700(DiskStore.java:59) > >> at net.sf.ehcache.store.DiskStore$ExpiryThread.run(DiskStore.java > >> :1008) > >> 2007-10-23 10:23:59,140 INFO > >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - > <FormObjectClass > >> not > >> set. Using default class of > >> org.jasig.cas.authentication.principal.UsernamePasswordCredentials > with > >> formObjectName credentials and validator > >> org.jasig.cas.validation.UsernamePasswordCredentialsValidator.> > >> 2007-10-23 10:24:02,829 INFO [ > >> org.jasig.cas.web.flow.InitialFlowSetupAction] > >> - <Setting ContextPath for cookies to: /cas> > >> 2007-10-23 10:24:12,016 INFO > >> [org.jasig.cas.authentication.AuthenticationManagerImpl] - > >> <AuthenticationHandler: > >> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler failed to > >> authenticate the user which provided the following credentials: > Manager> > >> 2007-10-23 10:24:17,246 INFO > >> [org.jasig.cas.authentication.AuthenticationManagerImpl] - > >> <AuthenticationHandler: > >> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler failed to > >> authenticate the user which provided the following credentials: > Tarik> > >> 2007-10-23 10:24:18,374 INFO > >> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] > - > >> <Starting cleaning of expired tickets from ticket registry at [Tue > Oct 23 > >> 10:24:18 WET 2007]> > >> 2007-10-23 10:24:18,374 INFO > >> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] > - <0 > >> found to be removed. Removing now.> > >> 2007-10-23 10:24:18,374 INFO > >> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] > - > >> <Finished cleaning of expired tickets from ticket registry at [Tue > Oct 23 > >> 10:24:18 WET 2007]> > >> > >> Help Plz > >> Tarik Arrad > >> > >> -- > >> View this message in context: > >> http://www.nabble.com/CAS-and-LDAP-problem-tf4676586.html#a13361444 > >> Sent from the CAS Users mailing list archive at Nabble.com. > >> > >> _______________________________________________ > >> Yale CAS mailing list > >> [email protected] > >> http://tp.its.yale.edu/mailman/listinfo/cas > >> > > > > > > > > -- > > -Scott Battaglia > > > > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > > _______________________________________________ > > Yale CAS mailing list > > [email protected] > > http://tp.its.yale.edu/mailman/listinfo/cas > > > > > > -- > View this message in context: > http://www.nabble.com/CAS-and-LDAP-problem-tf4676586.html#a13363452 > Sent from the CAS Users mailing list archive at Nabble.com. > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > -- -Scott Battaglia LinkedIn: http://www.linkedin.com/in/scottbattaglia
_______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
