Scott, if this may help, here are the catalina.out content for 1) 1 LDAP handler & wrong user 2) 2 LDAPS and wrong user. I can do any tests you like :)
1) 1 LDAP Handler & wrong user/pwd: Tomcat catalina.out content 18 sept. 2008 16:47:23 org.apache.catalina.core.AprLifecycleListener lifecycleEvent INFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /usr/java/jdk1.6.0_03/jre/lib/i386/server:/usr/java/jdk1.6.0_03/jre/lib/i386:/usr/java/jdk1.6.0_03/jre/../lib/i386:/usr/java/packages/lib/i386:/lib:/usr/lib 18 sept. 2008 16:47:23 org.apache.coyote.http11.Http11BaseProtocol init INFO: Initialisation de Coyote HTTP/1.1 sur http-8080 18 sept. 2008 16:47:23 org.apache.catalina.startup.Catalina load INFO: Initialization processed in 529 ms 18 sept. 2008 16:47:23 org.apache.catalina.core.StandardService start INFO: Démarrage du service Catalina 18 sept. 2008 16:47:23 org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/5.5.26 18 sept. 2008 16:47:23 org.apache.catalina.core.StandardHost start INFO: XML validation disabled 18 sept. 2008 16:47:24 org.apache.catalina.startup.HostConfig deployWAR INFO: Déploiement de l'archive cas.war de l'application web 2008-09-18 16:47:26,052 INFO [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <FormObjectClass not set. Using default class of org.jasig.cas.authentication.principal.UsernamePasswordCredentials with formObjectName credentials and validator org.jasig.cas.validation.UsernamePasswordCredentialsValidator.> 18 sept. 2008 16:47:26 org.apache.coyote.http11.Http11BaseProtocol start INFO: Démarrage de Coyote HTTP/1.1 sur http-8080 18 sept. 2008 16:47:26 org.apache.jk.common.ChannelSocket init INFO: JK: ajp13 listening on /0.0.0.0:8009 18 sept. 2008 16:47:26 org.apache.jk.server.JkMain start INFO: Jk running ID=0 time=0/21 config=null 18 sept. 2008 16:47:26 org.apache.catalina.storeconfig.StoreLoader load INFO: Find registry server-registry.xml at classpath resource 18 sept. 2008 16:47:26 org.apache.catalina.startup.Catalina start INFO: Server startup in 3076 ms 2008-09-18 16:47:45,241 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - <Starting cleaning of expired tickets from ticket registry at [Thu Sep 18 16:47:45 CEST 2008]> 2008-09-18 16:47:45,242 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - <0 found to be removed. Removing now.> 2008-09-18 16:47:45,243 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - <Finished cleaning of expired tickets from ticket registry at [Thu Sep 18 16:47:45 CEST 2008]> 2008-09-18 16:47:53,252 INFO [org.jasig.cas.web.flow.InitialFlowSetupAction] - <Setting ContextPath for cookies to: /cas> 2008-09-18 16:48:03,825 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <AuthenticationHandler: org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler failed to authenticate the user which provided the following credentials: unknown_user> 2) 3 LDAP Handlers & wrong user/pwd: Tomcat catalina.out content 18 sept. 2008 16:51:28 org.apache.catalina.core.AprLifecycleListener lifecycleEvent INFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /usr/java/jdk1.6.0_03/jre/lib/i386/server:/usr/java/jdk1.6.0_03/jre/lib/i386:/usr/java/jdk1.6.0_03/jre/../lib/i386:/usr/java/packages/lib/i386:/lib:/usr/lib 18 sept. 2008 16:51:29 org.apache.coyote.http11.Http11BaseProtocol init INFO: Initialisation de Coyote HTTP/1.1 sur http-8080 18 sept. 2008 16:51:29 org.apache.catalina.startup.Catalina load INFO: Initialization processed in 1094 ms 18 sept. 2008 16:51:29 org.apache.catalina.core.StandardService start INFO: Démarrage du service Catalina 18 sept. 2008 16:51:29 org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/5.5.26 18 sept. 2008 16:51:29 org.apache.catalina.core.StandardHost start INFO: XML validation disabled 18 sept. 2008 16:51:29 org.apache.catalina.startup.HostConfig deployWAR INFO: Déploiement de l'archive cas.war de l'application web 2008-09-18 16:51:31,623 INFO [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <FormObjectClass not set. Using default class of org.jasig.cas.authentication.principal.UsernamePasswordCredentials with formObjectName credentials and validator org.jasig.cas.validation.UsernamePasswordCredentialsValidator.> 18 sept. 2008 16:51:32 org.apache.coyote.http11.Http11BaseProtocol start INFO: Démarrage de Coyote HTTP/1.1 sur http-8080 18 sept. 2008 16:51:32 org.apache.jk.common.ChannelSocket init INFO: JK: ajp13 listening on /0.0.0.0:8009 18 sept. 2008 16:51:32 org.apache.jk.server.JkMain start INFO: Jk running ID=0 time=0/21 config=null 18 sept. 2008 16:51:32 org.apache.catalina.storeconfig.StoreLoader load INFO: Find registry server-registry.xml at classpath resource 18 sept. 2008 16:51:32 org.apache.catalina.startup.Catalina start INFO: Server startup in 3141 ms 2008-09-18 16:51:40,651 INFO [org.jasig.cas.web.flow.InitialFlowSetupAction] - <Setting ContextPath for cookies to: /cas> 2008-09-18 16:51:50,801 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - <Starting cleaning of expired tickets from ticket registry at [Thu Sep 18 16:51:50 CEST 2008]> 2008-09-18 16:51:50,804 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - <0 found to be removed. Removing now.> 2008-09-18 16:51:50,804 INFO [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] - <Finished cleaning of expired tickets from ticket registry at [Thu Sep 18 16:51:50 CEST 2008]> 2008-09-18 16:51:51,478 INFO [org.jasig.cas.authentication.AuthenticationManagerImpl] - <AuthenticationHandler: org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler failed to authenticate the user which provided the following credentials: unknown_user> 2008-09-18 16:51:51,520 ERROR [org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/cas].[cas]] - <"Servlet.service()" pour la servlet cas a généré une exception> javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece Scott Battaglia a écrit : > That seems rather strange that it wouldn't work (in theory it should > ;-)). Does it work okay if you have one LDAP handler and say the test > username password handler but both fail? > > The interesting thing is that LDAP (Active Directory) appears to be > throwing an exception which normally it shouldn't do. So either AD is > returning an exception we weren't expecting or there's some > configuration problem with two ADs and a failed password. > > I'm not sure which it is. I don't know if you can do any debugging on > your end (we don't have an AD here that I can use). > > -Scott > > -Scott Battaglia > PGP Public Key Id: 0x383733AA > LinkedIn: http://www.linkedin.com/in/scottbattaglia > > > On Thu, Sep 18, 2008 at 6:12 AM, Chris <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > Hi all, > > I am running a CAS 3.1.1 server on Tomcat 5.5.26. <http://5.5.26.> The > deployerConfigContext.xml is configured to check user authentication on > 3 M$ Active Directories thru 3 LDAP authentication handlers. > > This works fine if the user/password match one of the 3 AD. But if the > password is mistyped (or a bad username), CAS returns an exception (HTTP > 500) instead of the default red error message "The credentials you > provided cannot be determined to be authentic." > > I have tested with only 1 LDAP authentication handler and the warning > message is returned well (No HTTP 500 exception). > > As soon as I configure 2 LDAP authentication handlers, the HTTP 500 > exception occurs. > > Below is the exception returned when 2 LDAP are configured and when I > mistype a password + an example of my deployerConfigContext.xml using 2 > LDAP authentication handlers. > > Any idea why this HTTP 500 exception occurs? Missing configuration > parameters? > > Best > > Chris > > ---------------------------- > > Etat HTTP 500 - > > type Rapport d'exception > > message > > description Le serveur a rencontré une erreur interne () qui l'a empêché > de satisfaire la requête. > > exception > > org.springframework.web.util.NestedServletException: Request processing > failed; nested exception is > org.springframework.webflow.engine.ActionExecutionException: Exception > thrown executing [EMAIL PROTECTED] targetAction = > [EMAIL PROTECTED], attributes = > map['method' -> 'submit']] in state 'submit' of flow 'login-webflow' -- > action execution attributes were 'map['method' -> 'submit']'; nested > exception is org.springframework.ldap.UncategorizedLdapException: > Operation failed; nested exception is > javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: > LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, > vece�] > > > org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:487) > > > org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:440) > javax.servlet.http.HttpServlet.service(HttpServlet.java:710) > javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > > > org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115) > > cause mère > > org.springframework.webflow.engine.ActionExecutionException: Exception > thrown executing [EMAIL PROTECTED] targetAction = > [EMAIL PROTECTED], attributes = > map['method' -> 'submit']] in state 'submit' of flow 'login-webflow' -- > action execution attributes were 'map['method' -> 'submit']'; nested > exception is org.springframework.ldap.UncategorizedLdapException: > Operation failed; nested exception is > javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: > LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, > vece�] > > > org.springframework.webflow.engine.ActionExecutor.execute(ActionExecutor.java:68) > > > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:180) > org.springframework.webflow.engine.State.enter(State.java:200) > > > org.springframework.webflow.engine.Transition.execute(Transition.java:229) > > > org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208) > > > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:185) > org.springframework.webflow.engine.State.enter(State.java:200) > > > org.springframework.webflow.engine.Transition.execute(Transition.java:229) > > > org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208) > > > org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent(FlowExecutionImpl.java:214) > > > org.springframework.webflow.executor.FlowExecutorImpl.resume(FlowExecutorImpl.java:245) > > > org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:115) > > > org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:172) > > > org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) > > > org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) > > > org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:857) > > > org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:792) > > > org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:475) > > > org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:440) > javax.servlet.http.HttpServlet.service(HttpServlet.java:710) > javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > > > org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115) > > cause mère > > org.springframework.ldap.UncategorizedLdapException: Operation failed; > nested exception is javax.naming.AuthenticationException: [LDAP: error > code 49 - 80090308: LdapErr: DSID-0C090334, comment: > AcceptSecurityContext error, data 525, vece�] > > > org.springframework.ldap.DefaultNamingExceptionTranslator.translate(DefaultNamingExceptionTranslator.java:93) > > > org.springframework.ldap.support.AbstractContextSource.createContext(AbstractContextSource.java:204) > > > org.springframework.ldap.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:104) > > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:263) > > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:314) > > > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal(BindLdapAuthenticationHandler.java:67) > > > org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.doAuthentication(AbstractUsernamePasswordAuthenticationHandler.java:56) > > > org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler.authenticate(AbstractPreAndPostProcessingAuthenticationHandler.java:58) > > > org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(AuthenticationManagerImpl.java:84) > > > org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket(CentralAuthenticationServiceImpl.java:383) > > > org.jasig.cas.web.flow.AuthenticationViaFormAction.submit(AuthenticationViaFormAction.java:107) > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > java.lang.reflect.Method.invoke(Method.java:597) > > > org.springframework.webflow.util.DispatchMethodInvoker.invoke(DispatchMethodInvoker.java:103) > > > org.springframework.webflow.action.MultiAction.doExecute(MultiAction.java:136) > > > org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:203) > > > org.springframework.webflow.engine.AnnotatedAction.execute(AnnotatedAction.java:142) > > > org.springframework.webflow.engine.ActionExecutor.execute(ActionExecutor.java:61) > > > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:180) > org.springframework.webflow.engine.State.enter(State.java:200) > > > org.springframework.webflow.engine.Transition.execute(Transition.java:229) > > > org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208) > > > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:185) > org.springframework.webflow.engine.State.enter(State.java:200) > > > org.springframework.webflow.engine.Transition.execute(Transition.java:229) > > > org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208) > > > org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent(FlowExecutionImpl.java:214) > > > org.springframework.webflow.executor.FlowExecutorImpl.resume(FlowExecutorImpl.java:245) > > > org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:115) > > > org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:172) > > > org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) > > > org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) > > > org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:857) > > > org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:792) > > > org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:475) > > > org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:440) > javax.servlet.http.HttpServlet.service(HttpServlet.java:710) > javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > > > org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115) > > cause mère > > javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: > LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, > vece�] > com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3005) > com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951) > com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2753) > com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2667) > com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:287) > > com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175) > > com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193) > > > com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136) > > > com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66) > > javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667) > > javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288) > javax.naming.InitialContext.init(InitialContext.java:223) > > javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134) > > > org.springframework.ldap.support.LdapContextSource.getDirContextInstance(LdapContextSource.java:59) > > > org.springframework.ldap.support.AbstractContextSource.createContext(AbstractContextSource.java:193) > > > org.springframework.ldap.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:104) > > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:263) > > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:314) > > > org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal(BindLdapAuthenticationHandler.java:67) > > > org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.doAuthentication(AbstractUsernamePasswordAuthenticationHandler.java:56) > > > org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler.authenticate(AbstractPreAndPostProcessingAuthenticationHandler.java:58) > > > org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(AuthenticationManagerImpl.java:84) > > > org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket(CentralAuthenticationServiceImpl.java:383) > > > org.jasig.cas.web.flow.AuthenticationViaFormAction.submit(AuthenticationViaFormAction.java:107) > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > > > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > java.lang.reflect.Method.invoke(Method.java:597) > > > org.springframework.webflow.util.DispatchMethodInvoker.invoke(DispatchMethodInvoker.java:103) > > > org.springframework.webflow.action.MultiAction.doExecute(MultiAction.java:136) > > > org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:203) > > > org.springframework.webflow.engine.AnnotatedAction.execute(AnnotatedAction.java:142) > > > org.springframework.webflow.engine.ActionExecutor.execute(ActionExecutor.java:61) > > > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:180) > org.springframework.webflow.engine.State.enter(State.java:200) > > > org.springframework.webflow.engine.Transition.execute(Transition.java:229) > > > org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208) > > > org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:185) > org.springframework.webflow.engine.State.enter(State.java:200) > > > org.springframework.webflow.engine.Transition.execute(Transition.java:229) > > > org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112) > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572) > > > org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208) > > > org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent(FlowExecutionImpl.java:214) > > > org.springframework.webflow.executor.FlowExecutorImpl.resume(FlowExecutorImpl.java:245) > > > org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:115) > > > org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:172) > > > org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153) > > > org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48) > > > org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:857) > > > org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:792) > > > org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:475) > > > org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:440) > javax.servlet.http.HttpServlet.service(HttpServlet.java:710) > javax.servlet.http.HttpServlet.service(HttpServlet.java:803) > > > org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115) > > note La trace complète de la cause mère de cette erreur est disponible > dans les fichiers journaux de Apache Tomcat/5.5.26. <http://5.5.26.> > Apache Tomcat/5.5.26 > > ------------------------------ > > <?xml version="1.0" encoding="UTF-8"?> > <beans xmlns="http://www.springframework.org/schema/beans"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xmlns:p="http://www.springframework.org/schema/p"; > xsi:schemaLocation="http://www.springframework.org/schema/beans > http://www.springframework.org/schema/beans/spring-beans-2.0.xsd";> > <bean id="authenticationManager" > class="org.jasig.cas.authentication.AuthenticationManagerImpl"> > <property name="credentialsToPrincipalResolvers"> > <list> > <bean > > > class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" > /> > <bean > > > class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" > /> > </list> > </property> > > <property name="authenticationHandlers"> > <list> > <bean > > class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" > p:httpClient-ref="httpClient" /> > <!-- BEGIN: Company AD EUROPE Handler --> > <bean > class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"> > <property name="filter" value="sAMAccountName=%u" /> > <property name="searchBase" > value="OU=Subsidiaries,DC=eu,DC=company,DC=com" /> > <property name="contextSource" ref="contextSourceEU" /> > <property name="ignorePartialResultException" value="yes" /> > </bean> > <!-- END: Company AD EUROPE Handler --> > > <!-- BEGIN: Company AD AMERICA Handler --> > <bean > class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"> > <property name="filter" value="sAMAccountName=%u" /> > <property name="searchBase" > value="OU=Subsidiaries,DC=am,DC=company,DC=com" /> > <property name="contextSource" ref="contextSourceAM" /> > <property name="ignorePartialResultException" value="yes" /> > </bean> > <!-- END: Company AD AMERICA Handler --> > > </list> > </property> > </bean> > > <!-- BEGIN: Company AD EUROPE AuthenticatedLdapContextSource --> > <bean id="contextSourceEU" > class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource"> > <property name="urls"> > <list> > <value>ldap://sdceuces01.eu.company.com/ > <http://sdceuces01.eu.company.com/></value> > </list> > </property> > <property name="userName" value="CN=eu_svc,OU=System > Services,OU=Users,OU=Users > Groups,OU=FRA,OU=Subsidiaries,DC=eu,DC=company,DC=com"/> > <property name="password" value="***********"/> > <property name="baseEnvironmentProperties"> > <map> > <entry> > <key> > <value>java.naming.security.authentication</value> > </key> > <value>simple</value> > </entry> > </map> > </property> > </bean> > <!-- END: Company AD EUROPE AuthenticatedLdapContextSource --> > > <!-- BEGIN: Company AD AMERICA AuthenticatedLdapContextSource --> > <bean id="contextSourceAM" > class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource"> > <property name="urls"> > <list> > <value>ldap://sdcamces01.am.company.com/ > <http://sdcamces01.am.company.com/></value> > </list> > </property> > <property name="userName" value="CN=am_svc,OU=System > Services,OU=Users,OU=Users > Groups,OU=USA,OU=Subsidiaries,DC=am,DC=company,DC=com"/> > <property name="password" value="**************"/> > <property name="baseEnvironmentProperties"> > <map> > <entry> > <key> > <value>java.naming.security.authentication</value> > </key> > <value>simple</value> > </entry> > </map> > </property> > </bean> > <!-- END: Company AD AMERICA AuthenticatedLdapContextSource --> > > <bean id="userDetailsService" > class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl"> > <property name="userMap"> > <value> > </value> > </property> > </bean> > > <bean id="attributeRepository" > > class="org.jasig.services.persondir.support.StubPersonAttributeDao"> > <property name="backingMap"> > <map> > <entry key="uid" value="uid" /> > <entry key="eduPersonAffiliation" value="eduPersonAffiliation" /> > <entry key="groupMembership" value="groupMembership" /> > </map> > </property> > </bean> > > <bean > id="serviceRegistryDao" > class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl" /> > </beans> > > _______________________________________________ > Yale CAS mailing list > [email protected] <mailto:[email protected]> > http://tp.its.yale.edu/mailman/listinfo/cas > > _______________________________________________ Yale CAS mailing list [email protected] http://tp.its.yale.edu/mailman/listinfo/cas
