Hello all,
I'm triyng to connect into an AD , authenticate a user and get attribute
values.
With code bellow I succeed in user authentication, but when I try to make
the search I get the "perform this operation a successful bind must be
completed on the connection" error (see bellow). I've googled a lot, but no
solution found.... anyone can help?
Kr,
NRC
-----------------------------------------------------------------------------------------
final JndiLdapContextFactory contextFactory = new
JndiLdapContextFactory();
contextFactory.setUrl("ldap://localhost:389/DC=doc,DC=com";);
contextFactory.setSystemUsername("[email protected]");
contextFactory.setSystemUsername("a1b2c3d4!");
ActiveDirectoryRealm ldapRealm = new ActiveDirectoryRealm();
ldapRealm.setLdapContextFactory(contextFactory);
ldapRealm.setSearchBase("DC=doclog,DC=com");
ldapRealm.setSystemUsername("[email protected]");
ldapRealm.setSystemUsername("a1b2c3d4!");
Hashtable rolesvsGroups = new Hashtable<>();
rolesvsGroups.put( "admins","ADMIN");
rolesvsGroups.put( "powerusers","PWUSER");
ldapRealm.setGroupRolesMap(rolesvsGroups );
ldapRealm.init();
LdapContext ldapContext =
contextFactory.getSystemLdapContext();
SecurityManager securityManager = new
DefaultSecurityManager(ldapRealm);
SecurityUtils.setSecurityManager(securityManager);
Subject currentUser = SecurityUtils.getSubject();
if (!currentUser.isAuthenticated()) {
AuthenticationToken authenticationToken = new
UsernamePasswordToken("[email protected]", "a1b2c3d4!");
currentUser.login(authenticationToken);
}
SearchControls constraints = new SearchControls();
constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
String[] attrIDs = { "internationaliSDNNumber",
"sn"};
constraints.setReturningAttributes(attrIDs);
NamingEnumeration answer = ldapContext.search("DC=doclog,DC=com",
"uid="+ "geanes", constraints);
if (answer.hasMore()) {
Attributes attrs = ((SearchResult)
answer.next()).getAttributes();
logger.info(attrs.get("internationaliSDNNumber"));
logger.info(attrs.get("sn"));
logger.info(currentUser.hasRole("PWUSER"));
}else{
throw new Exception("Error getting user properties");
}
logger.info("User [" + currentUser.getPrincipal() +"] logged
succesfully");
--------------------------------------------------------------------------------------------------
Exception in thread "main" javax.naming.NamingException: [LDAP: error code 1
- 000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this
operation a successful bind must be completed on the connection., data 0,
v1db1
--------------------------------------------------------------------------------------------------
--
View this message in context:
http://shiro-user.582556.n2.nabble.com/Bind-error-while-searching-Active-Directory-tp7579587.html
Sent from the Shiro User mailing list archive at Nabble.com.
