Hi Scott, Thanks for the reply. I posted my deployerContextConfig just a while ago. To answer your other questions, I don't know too much about LDAP but I know we use Active Directory on Windows 2003 Server. I have successfully connected to it using the JXplorer LDAP client.
The structure is a bit different from what I have seen in the past. There is a top level OU called 'AC-Users', and within that OU there are many sub - OUs like "Contractors, Contacts, Accounting Personnel" etc. Within each of these sub - OUs there are people. I hope this helps, my LDAP knowledge is limited but will ask around here and try to answer any questions. Thanks again! Jin scott_battaglia wrote: > > Yes, please post your deployerConfigContext (removing any sensitive > information) as well as the structure of your LDAP (as long as that info > isn't sensitive). Also, please let us know the LDAP server you are using. > > -Scott > > On Dec 10, 2007 2:10 PM, Andrew R Feller <[EMAIL PROTECTED]> wrote: > >> Please post your deployerContext.xml file. >> >> >> >> Andrew R Feller, Analyst >> >> University Information Systems >> >> 200 Fred Frey Building >> >> Louisiana State University >> >> Baton Rouge, LA, 70803 >> >> (225) 578-3737 (office) >> ------------------------------ >> >> *From:* [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] >> *On >> Behalf Of *Jin Lee >> *Sent:* Monday, December 10, 2007 1:04 PM >> *To:* [email protected] >> *Subject:* LDAP not working, please advise >> >> >> >> Hello everyone, >> >> First off, thank you for the hard work in writing and maintaining CAS. >> From >> what I have seen so far it looks great. I have been trying to get CAS and >> LDAP working together but after 6 days of being stuck, I am hoping >> someone >> >> here can provide me with some insight. >> >> I am in a Windows 2003 environment, Java 6 Update 3, Tomcat 5.5. >> >> I've setup Tomcat w/ SSL using the self signed cert (keytool), and >> verified >> tomcat is up w/ SSL >> I've included the ldap jar dependency in my pom and built the cas war. >> Copied the war into tomcat/webapps and did a test deployment (verified >> the >> SimpleUsernamePassword to be working) >> Modified the deployerConfigContext to use LDAP (note: I've tried both >> FastBind and regular Bind and both have the same problem, defined below) >> >> The problem I am experiencing is well, aside from a brief message saying >> that CAS could not validate, I don't get much else. I've checked my >> tomcat >> >> logs, changed the logger to DEBUG, and I can't seem to get any >> significant >> messages indicating whether the LDAP server connection was successful. >> This >> is leading me to believe I am doing something wrong outside of LDAP, but >> I >> >> don't know what it is. >> >> Here is the log file output: >> >> 2007-12-10 10:47:01,611 DEBUG >> [org.jasig.cas.web.flow.Initial >> >> FlowSetupAction] - <Action >> 'InitialFlowSetupAction' beginning execution> >> 2007-12-10 10:47:01,611 INFO [ >> org.jasig.cas.web.flow.InitialFlowSetupAction] >> - <Setting ContextPath for cookies to: /cas> >> 2007-12-10 10:47:01,627 DEBUG >> [org.jasig.cas.web.flow.InitialFlowSetupAction] - <Action >> 'InitialFlowSetupAction' completed execution; result is 'success'> >> 2007-12-10 10:47:01,642 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action >> 'AuthenticationViaFormAction' beginning execution> >> 2007-12-10 10:47:01,642 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Executing >> setupForm> >> 2007-12-10 10:47:01,642 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Creating new form >> object with name 'credentials'> >> 2007-12-10 10:47:01,642 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Creating new >> instance of form object class [class >> org.jasig.cas.authentication.principal.UsernamePasswordCredentials ]> >> 2007-12-10 10:47:01,642 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Putting form >> object >> of type [class >> org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in >> scope >> Flow with name 'credentials'> >> 2007-12-10 10:47:01,642 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Creating new form >> errors for object with name 'credentials'> >> 2007-12-10 10:47:01,658 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <No property >> editor >> registrar set, no custom editors to register> >> 2007-12-10 10:47:01,658 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction ] - <Putting form >> errors >> instance in scope Flash> >> 2007-12-10 10:47:01,658 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action >> 'AuthenticationViaFormAction' completed execution; result is 'success'> >> 2007-12-10 10:47:01,658 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action >> 'AuthenticationViaFormAction' beginning execution> >> 2007-12-10 10:47:01,658 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction ] - <Action >> 'AuthenticationViaFormAction' completed execution; result is 'success'> >> 2007-12-10 10:47:07,017 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action >> 'AuthenticationViaFormAction' beginning execution> >> 2007-12-10 10:47:07,017 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Executing bind> >> 2007-12-10 10:47:07,017 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Found existing >> form >> object with name 'credentials' of type [class >> org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in >> scope >> Flow> >> 2007-12-10 10:47:07,017 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction ] - <No property >> editor >> registrar set, no custom editors to register> >> 2007-12-10 10:47:07,017 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Binding allowed >> request parameters in map['lt' -> >> >> '_cB59CE041-38DB-EFCE-F712-75D2FCEBE2C2_k31A0F302-F07F-C630-2113-C14D2C0209F6', >> '_eventId' -> 'submit', 'null' -> '', 'password' -> 'testpass', 'submit' >> -> >> 'LOGIN', 'username' -> 'jlee'] to form object with name 'credentials', >> pre-bind formObject toString = null> >> 2007-12-10 10:47:07,017 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction ] - <(Any field is >> allowed)> >> 2007-12-10 10:47:07,033 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Binding completed >> for form object with name 'credentials', post-bind formObject toString = >> jlee> >> 2007-12-10 10:47:07,033 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <There are [0] >> errors, details: []> >> 2007-12-10 10:47:07,033 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction ] - <Executing >> validation> >> 2007-12-10 10:47:07,033 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Invoking >> validator >> [EMAIL PROTECTED] > >> 2007-12-10 10:47:07,033 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Validation >> completed >> for form object> >> 2007-12-10 10:47:07,033 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction ] - <There are [0] >> errors, details: []> >> 2007-12-10 10:47:07,033 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Putting form >> errors >> instance in scope Flash> >> 2007-12-10 10:47:07,033 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action >> 'AuthenticationViaFormAction' completed execution; result is 'success'> >> 2007-12-10 10:47:07,033 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction ] - <Action >> 'AuthenticationViaFormAction' beginning execution> >> 2007-12-10 10:47:07,033 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Found existing >> form >> object with name 'credentials' of type [class >> org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in >> scope >> Flow> >> 2007-12-10 10:47:07,033 DEBUG >> [org.jasig.cas.CentralAuthenticationServiceImpl] - <Attempting to create >> TicketGrantingTicket for jlee> >> 2007-12-10 10:47:07,049 INFO >> [org.jasig.cas.authentication.AuthenticationManagerImpl] - >> <AuthenticationHandler: >> org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler failed to >> authenticate the user which provided the following credentials: jlee> >> 2007-12-10 10:47:07,049 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Found existing >> form >> object with name 'credentials' of type [class >> org.jasig.cas.authentication.principal.UsernamePasswordCredentials ] in >> scope >> Flow> >> 2007-12-10 10:47:07,049 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <No property >> editor >> registrar set, no custom editors to register> >> 2007-12-10 10:47:07,049 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action >> 'AuthenticationViaFormAction' completed execution; result is 'error'> >> 2007-12-10 10:47:07,049 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction ] - <Action >> 'AuthenticationViaFormAction' beginning execution> >> 2007-12-10 10:47:07,049 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Executing >> setupForm> >> 2007-12-10 10:47:07,049 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Found existing >> form >> object with name 'credentials' of type [class >> org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in >> scope >> Flow> >> 2007-12-10 10:47:07,049 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <No property >> editor >> registrar set, no custom editors to register> >> 2007-12-10 10:47:07,049 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction ] - <Action >> 'AuthenticationViaFormAction' completed execution; result is 'success'> >> 2007-12-10 10:47:07,049 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action >> 'AuthenticationViaFormAction' beginning execution> >> 2007-12-10 10:47:07,049 DEBUG >> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <Action >> 'AuthenticationViaFormAction' completed execution; result is 'success'> >> 2007-12-10 10:47:16,143 INFO >> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - >> <Starting cleaning of expired tickets from ticket registry at [Mon Dec 10 >> 10:47:16 PST 2007]> >> 2007-12-10 10:47:16,158 INFO >> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner ] - >> <0 >> found to be removed. Removing now.> >> 2007-12-10 10:47:16,158 INFO >> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - >> <Finished cleaning of expired tickets from ticket registry at [Mon Dec 10 >> 10:47:16 PST 2007]> >> >> >> >> If anyone can give me some sort of guidance or point me in the right >> directly, it would be greatly appreciated. Thank you very much, >> >> Jin Lee >> >> _______________________________________________ >> Yale CAS mailing list >> [email protected] >> http://tp.its.yale.edu/mailman/listinfo/cas >> >> > > > -- > -Scott Battaglia > > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > _______________________________________________ > Yale CAS mailing list > [email protected] > http://tp.its.yale.edu/mailman/listinfo/cas > > -- View this message in context: http://www.nabble.com/LDAP-not-working%2C-please-advise-tp14259540p14260111.html Sent from the CAS Users mailing list archive at Nabble.com. _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
