jsantiago Posted July 2, 2014 Share Posted July 2, 2014 We have unsuccesfully tried to integrate our JasperServer with our Server 2008 R2 AD organization. These are the contents for the configuration file (applicationContext-externalAuth-LDAP.xml) : <bean id="ldapAuthenticationProvider" class="org.springframework.security.providers.ldap.LdapAuthenticationProvider"> <constructor-arg> <bean class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator"> <constructor-arg><ref local="ldapContextSource"/></constructor-arg> <property name="userDnPatterns"> <list> <value>uid={0},ou=users</value> </list> </property> </bean> </constructor-arg> ...</bean><bean id="ldapContextSource" class="org.springframework.security.ldap.JSLdapContextSource"> <constructor-arg value="ldap://ad1.contoso.com:389/dc=contoso,dc=com"/> <property name="userDn"><value>cn=Administrator,dc=contoso,dc=com</value></property> <property name="password"><value>Password</value></property></bean><bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch"> <constructor-arg index="0"><value><span class="Forceful">cn=Users</span></value></constructor-arg> <constructor-arg index="1"><value><span class="Forceful">(sAMAccountName={0})</span></value></constructor-arg> <constructor-arg index="2"><ref local="ldapContextSource"/></constructor-arg> <property name="searchSubtree"><value>true</value></property></bean>[/code]Once the server is restarted it dows not just fail to login, it gives a 404 Tomcat Error.The "Administrator" user is part of the Builtin "Administrators" group. When the server starts, there is a new entry displaying the following error when reading applicationContext-externalAuth-LDAP.xml file:2014-07-02 13:15:07,165 ERROR ContextLoader,localhost-startStop-1:318 - Context initialization failedorg.springframework.beans.factory.xml.XmlBeanDefinitionStoreException:Line 1 in XML document from ServletContext resource[/WEB-INF/applicationContext-externalAuth-LDAP.xml] is invalid; nestedexception is org.xml.sax.SAXParseException: cvc-elt.1.a: Cannot find thedeclaration of element 'bean'.[/code] Regards. EDIT: Ok, we hve been testing anc checking this and "some" progress has been mande. Apparently AD binds. The user is checked (as per the user fulter search) and do found (we introduce the sAMAccountName string, i.e johndoe@contoso.com. We have a sample user who is part of a group following this schema:DOMAIN > OU=jasperusers > GROUP=jasper_usersDOMAIN > OU=CityX > OU=Users >OU = it > CN = jhondoeThis is what the log says:2014-07-04 16:21:37,696 DEBUG SpringSecurityLdapTemplate,http-bio-0.0.0.0-80-exec-3:214 - Found DN: cn=John Doe,ou=IT,ou=Users,ou=CityX2014-07-04 16:21:39,873 DEBUG BindAuthenticator,http-bio-0.0.0.0-80-exec-3:106 - Attemptimg to bind as cn=John Doe,ou=IT,ou=Users,ou=CityX,dc=contoso,dc=comAnd afther that error code 49 is triggered2014-07-04 16:21:39,959 DEBUG BindAuthenticator,http-bio-0.0.0.0-80-exec-3:142 - Failed to bind as cn=John Doe,ou=IT,ou=Users,ou=CityX,dc=contoso,dc=com: org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1^@]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1^@] Any ideas?. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now