LdapAuthenticationProvider

[hingerl]

Hi everyone,

have Problems using ldap (ms active directory).

in the logfile everything looks fine. But after "searching for roles", and maybe getting the roles, jasperserver starts to "Authenticate using dao.

whats wrong?

Code:

2010-11-02 12:09:20,635 DEBUG AuthenticationProcessingFilter,http-80-Processor21:251 - Request is to process authentication2010-11-02 12:09:20,637 DEBUG ProviderManager,http-80-Processor21:183 - Authentication attempt using org.springframework.security.providers.ldap.LdapAuthenticationProvider2010-11-02 12:09:20,642 DEBUG DefaultSpringSecurityContextSource,http-80-Processor21:76 - Creating context with principal: 'cn=autologin,ou=Administratoren,dc=LEHMANN,dc=local'2010-11-02 12:09:20,656 DEBUG AbstractContextSource,http-80-Processor21:259 - Got Ldap context on server 'ldap://192.168.20.10:389/dc=LEHMANN,dc=local'2010-11-02 12:09:20,666 DEBUG DefaultLdapAuthoritiesPopulator,http-80-Processor21:176 - Getting authorities for user cn=autologin,ou=Administratoren,dc=LEHMANN,dc=local2010-11-02 12:09:20,667 DEBUG DefaultLdapAuthoritiesPopulator,http-80-Processor21:202 - Searching for roles for user 'autologin', DN = 'cn=autologin,ou=Administratoren,dc=LEHMANN,dc=local', with filter (member={0}) in search base 'ou=Gruppen,dc=LEHMANN,dc=local'2010-11-02 12:09:20,667 DEBUG SpringSecurityLdapTemplate,http-80-Processor21:148 - Using filter: (member=cn=autologin,ou=Administratoren,dc=LEHMANN,dc=local)2010-11-02 12:09:20,669  INFO LdapTemplate,http-80-Processor21:1262 - The returnObjFlag of supplied SearchControls is not set but a ContextMapper is used - setting flag to true2010-11-02 12:09:20,675 DEBUG AbstractContextSource,http-80-Processor21:259 - Got Ldap context on server 'ldap://192.168.20.10:389/dc=LEHMANN,dc=local'2010-11-02 12:09:20,696 DEBUG ProviderManager,http-80-Processor21:183 - Authentication attempt using org.springframework.security.providers.dao.DaoAuthenticationProvider2

[hingerl]

bump

 

no one any idea.

 

how many out there using ldap(ms active directory) for authentification??

 

 

[jholden699]

We use AD for authentication.  You have to be careful about your config...in the bean below, I had to add the line that is notated by the comment (the baseEnvironmentProperties):

   <bean id="ldapContextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
     <constructor-arg value="ldap://xxxxxx.xxxx:xxx/dc=xxxxxxx,dc=xxx"/>

      <property name="userDn"><value>CN=xxxxxxx,CN=Users,DC=xxxxxxxx,DC=com</value></property>
     <property name="password"><value>xxxxxxxxxx</value></property>
     <!-- JH JH ADDED TO MAKE IT AUTHENTICATE PROPERLY -->
    <property name="baseEnvironmentProperties">
        <map>
            <entry key="java.naming.referral">
            <value>follow</value>
        </entry>
        </map>
    </property>
   </bean>
 

I think the rest I just uncommented and set up the proper DC values.