John,

Have you looked into using AD + Kerberos instead of AD + LDAP?  We have done
AD + LDAP in the past and currently do AD + Kerberos due to our AD
administrators preferences; also it doesn¹t require us to use a service
account.  If interested in Kerberos, you should look into the
JaasAuthenticationHandler ( http://www.ja-sig.org/wiki/display/CASUM/JAAS ).

HTH,
Andrew

PS: You wouldn¹t happen to be at the Tucson branch of Raytheon by any chance
would you?

On 10/17/08 9:27 AM, "Scott Battaglia" <[EMAIL PROTECTED]> wrote:

> This seems to have popped up previously:
> 
> http://tp.its.yale.edu/pipermail/cas/2008-July/008884.html
> 
> Not sure if its the same problem though.
> 
> -Scott
> 
> -Scott Battaglia
> PGP Public Key Id: 0x383733AA
> LinkedIn: http://www.linkedin.com/in/scottbattaglia
> 
> 
> On Fri, Oct 17, 2008 at 10:17 AM, John M Stewart <[EMAIL PROTECTED]>
> wrote:
>> 
>> Greetings:
>> 
>> We recently deployed CAS as our sso solution on Tomcat 6.  During
>> development and testing it's worked fine but now after we've deployed we
>> are randomly getting failures where no one can login and the users get a
>> stacktrace after they enter their credentials with an AD LDAP error message
>> that looks like this:
>> 
>> [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment
>> AcceptSecurityContext error, data 52e, vece]
>> 
>> I say it's random because the app works fine for a day or two and then we
>> start getting this error and no one can login, but after I stop/start CAS
>> via the manager it works fine again.  I know that the users are putting in
>> the right credentials.  Has anyone else seen this behaviour with CAS + AD?
>> Thanks in advance!
>> 
>> John Stewart.
>> 
>> _______________________________________________
>> Yale CAS mailing list
>> [email protected]
>> http://tp.its.yale.edu/mailman/listinfo/cas
> 
> 
> 
> _______________________________________________
> Yale CAS mailing list
> [email protected]
> http://tp.its.yale.edu/mailman/listinfo/cas

-- 
Andrew R. Feller, Analyst
Information Technology Services
200 Fred Frey Building
Louisiana State University
Baton Rouge, LA 70803
(225) 578-3737 (Office)
(225) 578-6400 (Fax)

_______________________________________________
Yale CAS mailing list
[email protected]
http://tp.its.yale.edu/mailman/listinfo/cas

Reply via email to