seke Posted February 2, 2010 Share Posted February 2, 2010 Hello all,i try to activate the LDAP Auth in Jasperserver 3.7.0 CE.When i uncomment to following lines in the applicationContent-security.xml the Jasperserver will not start. <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager"> <property name="providers"> <list> <ref local="ldapAuthenticationProvider"/> <ref bean="${bean.daoAuthenticationProvider}"/> <ref local="anonymousAuthenticationProvider"/> <!--ref local="jaasAuthenticationProvider"/--> </list> </property> </bean> <bean id="initialDirContextFactory" class="org.springframework.security.ldap.DefaultInitialDirContextFactory"> <constructor-arg value="ldap://mydomaincontroller/dc=mydomain,dc=net"/> <property name="managerDn"><value>myuser@domainnet</value></property> <property name="managerPassword"><value>mypassword</value></property> </bean> <bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch"> <constructor-arg index="0"> <value></value> </constructor-arg> <constructor-arg index="1"> <value>(uid={0})</value> </constructor-arg> <constructor-arg index="2"> <ref local="initialDirContextFactory" /> </constructor-arg> <property name="searchSubtree"> <value>true</value> </property> </bean> <bean id="ldapAuthenticationProvider" class="org.springframework.security.providers.ldap.LdapAuthenticationProvider"> <constructor-arg> <bean class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator"> <constructor-arg><ref local="initialDirContextFactory"/></constructor-arg> <property name="userDnPatterns"><list><value>uid={0}</value></list></property> <property name="userSearch" ref="userSearch"/> </bean> </constructor-arg> <constructor-arg> <bean class="org.springframework.security.providers.ldap.populator.DefaultLdapAuthoritiesPopulator"> <constructor-arg index="0"><ref local="initialDirContextFactory"/></constructor-arg> <constructor-arg index="1"><value></value></constructor-arg> <property name="groupRoleAttribute"><value>cn</value></property> <property name="groupSearchFilter"><value>(&(uniqueMember={0})(objectclass=groupofuniquenames))</value></property> <property name="searchSubtree"><value>true</value></property> </bean> </constructor-arg> </bean> The XML has been checked and is valid.catalina.log says:SEVERE: Context [/jasperserver] startup failed due to previous errors does someone have an idea?Best RegardsSebastianPost Edited by seke at 02/08/2010 15:02 Link to comment Share on other sites More sharing options...
sjongenelen Posted March 12, 2010 Share Posted March 12, 2010 Im having the exact same issue. Did you resolve this?I've read somewhere on the forums that the used classes do not exist anymore...?my 3.5 setup was: <bean id="initialDirContextFactory" class="org.acegisecurity.ldap.DefaultInitialDirContextFactory"> <constructor-arg value="ldap://fs-ad.domain.nl:389/dc=domainname,dc=nl"/> <property name="managerDn"><value>cn=administrator,cn=users,dc=domain,dc=nl</value></property> <property name="managerPassword"><value>password</value></property> </bean> the Bold sentance has been replaced in 3.7 with:org.springframework.security.ldap.DefaultInitialDirContextFactoryhowever, this shouldnt matter ofcourse..? the constructor and attributes look the same in both files. Link to comment Share on other sites More sharing options...
seke Posted April 14, 2010 Author Share Posted April 14, 2010 Hello,i did not resolve the problem.I had only removed the comments from the original "applicationContent-security.xml" and changed the LDAP Server, user and password. Link to comment Share on other sites More sharing options...
mileidysg Posted April 14, 2010 Share Posted April 14, 2010 Hi,Mine is working... Just replace the line<code> <bean class="org.springframework.security.providers.ldap.populator.DefaultLdapAuthoritiesPopulator"></code>by<code> <bean class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator"></code>The previous class does not exist anymore.Hope it helps Link to comment Share on other sites More sharing options...
seke Posted April 14, 2010 Author Share Posted April 14, 2010 Hi,thank you.I will try it tomorrow and give a feedback. Link to comment Share on other sites More sharing options...
seke Posted April 15, 2010 Author Share Posted April 15, 2010 Hello,now it works.I have modified the applicationContext-security.xml as you wrote it.The second thing i had forgotten was to copy the spring-ldap-1.3.0.RELEASE-all.jar into the 'lib' folder.Thank you for your help. Post Edited by seke at 04/15/2010 12:57 Link to comment Share on other sites More sharing options...
sjongenelen Posted July 6, 2010 Share Posted July 6, 2010 This was no solution for me, Jasper Pro 3.7.1 I already copied the .jar file, and i would get the authentication to start (in console) without errors, but after logging in on the JS portal i get 'bad credentials'. sigh.. Link to comment Share on other sites More sharing options...
sjongenelen Posted July 7, 2010 Share Posted July 7, 2010 i've made some ajustments, but it still doesnt work for me :(can someone give me some feedback?I attached my ApplicationContext-security.xml & applicationContext-multitenancy-security.xmlnote: I use sAMAccountname in UserSearch bean!Post Edited by sjongenelen at 07/12/2010 08:19 Link to comment Share on other sites More sharing options...
sjongenelen Posted July 12, 2010 Share Posted July 12, 2010 *bump* Link to comment Share on other sites More sharing options...
markgard Posted July 17, 2010 Share Posted July 17, 2010 Well the good news Is that I can get JS 3.7.0 CE to auth from LDAP. The bad news is that it all goes to HELL once I try and MAP LDAP groups to Jasperserver Groups. I get an error message, i tracked it down in the spring framework forums and it is related to classloaders and how the LDAP code is loaded outside of the rest of the code. With all the changes I made in the security context, JS starts up ok and without error, and as long as there are no LDAP groups assiciated with the user logging in it works like a champ. But as soon as the user is a member of an LDAP group then the login fails, just after JS gathers the groups and throws an error that Javax can't be cast as a spring object. This is a big showstopper for us. We were thinking of purchasing the PRO edition but LDAP seems way to unstable to use JS in a production environment. Link to comment Share on other sites More sharing options...
sjongenelen Posted July 19, 2010 Share Posted July 19, 2010 well, when you purchase PRO edition, you can get real support calls and also they can engineer custom user imports (quite expensive tbh). I've been running 3.5 pro in production (with LDAP) for 1.5 years now - very stable! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now