Hi Community!
I'm new to shiro and new to AD/LDAP authentication and authorization.
I did the following in order to integrate shiro with spring:
<bean id="shiroFilter"
class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<property name="securityManager" ref="securityManager"/>
<property name="loginUrl" value="/login.jsp"/>
<property name="successUrl" value="/menu.jsp"/>
<property name="unauthorizedUrl" value="/error.jsp"/>
</bean>
<bean id="realm"
class="org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm">
<property name="url" value="ldap://...:123/"/>
<property name="searchBase" value="DC=BASE,DC=COM"/>
<property name="principalSuffix" value="@DOMAIN.COM"/>
</bean>
<bean id="securityManager"
class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="realm" />
</bean>
And then in my LoginServlet.java, I'm doing the following:
UsernamePasswordToken token = new UsernamePasswordToken(login, password);
Subject currentUser = SecurityUtils.getSubject();
currentUser.login(token);
currentUser.hasRole("AM-IS");
I'm trying to get the roles for the user but I get the following error
message:
In order to perform this operation a successful bind must be completed on
the connection.
So, it seems that the authentication is ok, but the authorization fails.
What am I doing wrong?!
Thanks
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Shiro-ActiveDirectory-bind-tp7578576.html
Sent from the Shiro User mailing list archive at Nabble.com.
