ndavis_1 Posted February 27, 2019 Share Posted February 27, 2019 When I try to log in with AD credentials, I get the following error: [LDAP: error code 32 - 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of: I assume the object can't be found due to some sort of permission error, or I'm pointing to the wrong DN. Including my applicationContext-externalAuth-LDAP.xml file for reference. Not sure what I'm doing wrong here. <!-- ~ Copyright © 2005 - 2018 TIBCO Software Inc. ~ http://www.jaspersoft.com. ~ ~ This program is free software: you can redistribute it and/or modify ~ it under the terms of the GNU Affero General Public License as published by ~ the Free Software Foundation, either version 3 of the License, or ~ (at your option) any later version. ~ ~ This program is distributed in the hope that it will be useful, ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ~ GNU Affero General Public License for more details. ~ ~ You should have received a copy of the GNU Affero General Public License ~ along with this program. If not, see <https://www.gnu.org/licenses/>. --><beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd"> <!-- ############ LDAP authentication ############ - Sample configuration of external authentication via an external LDAP server. --> <bean id="proxyAuthenticationProcessingFilter" class="com.jaspersoft.jasperserver.api.security.EncryptionAuthenticationProcessingFilter" parent="authenticationProcessingFilter"> <property name="authenticationManager"> <ref local="ldapAuthenticationManager"/> </property> <property name="authenticationSuccessHandler" ref="externalAuthSuccessHandler" /> </bean> <bean id="proxyRequestParameterAuthenticationFilter" class="com.jaspersoft.jasperserver.war.util.ExternalRequestParameterAuthenticationFilter" parent="requestParameterAuthenticationFilter"> <property name="authenticationManager"> <ref local="ldapAuthenticationManager"/> </property> <property name="externalDataSynchronizer" ref="externalDataSynchronizer"/> </bean> <bean id="externalAuthSuccessHandler" class="com.jaspersoft.jasperserver.api.security.externalAuth.JrsExternalAuthenticationSuccessHandler" parent="successHandler"> <property name="externalDataSynchronizer"> <ref local="externalDataSynchronizer"/> </property> </bean> <bean id="proxyBasicProcessingFilter" class="com.jaspersoft.jasperserver.api.security.externalAuth.ExternalAuthBasicProcessingFilter" parent="basicProcessingFilter"> <property name="authenticationManager" ref="ldapAuthenticationManager"/> <property name="externalDataSynchronizer" ref="externalDataSynchronizer"/> </bean> <bean id="ldapAuthenticationManager" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.JSProviderManager"> <property name="providers"> <list> <ref local="ldapAuthenticationProvider"/> <ref bean="${bean.daoAuthenticationProvider}"/> <!--anonymousAuthenticationProvider only needed if filterInvocationInterceptor.alwaysReauthenticate is set to true <ref bean="anonymousAuthenticationProvider"/> --> </list> </property> </bean> <bean id="ldapAuthenticationProvider" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSLdapAuthenticationProvider"> <constructor-arg> <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSBindAuthenticator"> <constructor-arg><ref local="ldapContextSource"/></constructor-arg> <property name="userSearch" ref="userSearch"/> </bean> </constructor-arg> <constructor-arg> <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSDefaultLdapAuthoritiesPopulator"> <constructor-arg index="0"><ref local="ldapContextSource"/></constructor-arg> <constructor-arg index="1"> <value>OU=Groups,OU=RollaMO-N,OU=CR,DC=**,DC=***,DC=***</value> </constructor-arg> <property name="groupRoleAttribute" value="CN"/> <property name="groupSearchFilter" value="(&(member={0})(objectclass=group)(cn=Jasper*))"/> <property name="searchSubtree" value="true"/> <!-- Can setup additional external default roles here <property name="defaultRole" value="LDAP"/> --> </bean> </constructor-arg> </bean> <bean id="userSearch" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSFilterBasedLdapUserSearch"> <constructor-arg index="0"> <value>OU=Users,OU=RollaMO-N,OU=CR,DC=**,DC=***,DC=***</value> </constructor-arg> <constructor-arg index="1"> <value>(&(sAMAccountName={0}))</value> </constructor-arg> <constructor-arg index="2"> <ref local="ldapContextSource" /> </constructor-arg> <property name="searchSubtree"> <value>true</value> </property> </bean> <bean id="ldapContextSource" class="com.jaspersoft.jasperserver.api.security.externalAuth.ldap.JSLdapContextSource"> <constructor-arg value="ldap://******:389/dc=**,dc=***,dc=***"/> <property name="userDn"> <value> CN=igskrdcn-nix2,OU=Service Accounts,OU=Users,OU=RollaMO-N,OU=CR,DC=**,DC=**,DC=** </value> </property> <property name="password"><value>****</value></property> </bean> <!-- ############ LDAP authentication ############ --> <!-- ############ JRS Synchronizer ############ --> <bean id="externalDataSynchronizer" class="com.jaspersoft.jasperserver.api.security.externalAuth.ExternalDataSynchronizerImpl"> <property name="externalUserProcessors"> <list> <ref local="externalUserSetupProcessor"/> <!-- Example processor for creating user folder--> <!--<ref local="externalUserFolderProcessor"/>--> </list> </property> </bean> <bean id="abstractExternalProcessor" class="com.jaspersoft.jasperserver.api.security.externalAuth.processors.AbstractExternalUserProcessor" abstract="true"> <property name="repositoryService" ref="${bean.repositoryService}"/> <property name="userAuthorityService" ref="${bean.userAuthorityService}"/> <property name="tenantService" ref="${bean.tenantService}"/> <property name="profileAttributeService" ref="profileAttributeService"/> <property name="objectPermissionService" ref="objectPermissionService"/> </bean> <bean id="externalUserSetupProcessor" class="com.jaspersoft.jasperserver.api.security.externalAuth.processors.ExternalUserSetupProcessor" parent="abstractExternalProcessor"> <!--Default permitted role characters; others are removed. Change regular expression to allow other chars. <property name="permittedExternalRoleNameRegex" value="[A-Za-z0-9_]+"/>--> <property name="userAuthorityService"> <ref bean="${bean.internalUserAuthorityService}"/> </property> <property name="defaultInternalRoles"> <list> <value>ROLE_USER</value> </list> </property> <property name="organizationRoleMap"> <map> <!-- Example of mapping customer roles to JRS roles --> <entry> <key> <value>ROLE_IGSGRollaMO-N Jasper Reports Users</value> </key> <!-- JRS role that the <key> external role is mapped to--> <value>ROLE_ADMINISTRATOR</value> </entry> </map> </property> </bean> <!-- EXAMPLE Processor <bean id="externalUserFolderProcessor" class="com.jaspersoft.jasperserver.api.security.externalAuth.processors.ExternalUserFolderProcessor" parent="abstractExternalProcessor"> <property name="repositoryService" ref="${bean.unsecureRepositoryService}"/> </bean> --> <!-- ############ JRS Synchronizer ############ --></beans>[/code] Link to comment Share on other sites More sharing options...
ndavis_1 Posted February 27, 2019 Author Share Posted February 27, 2019 FYI, I'm a government contractor, so the *'s are intentional. Just need anyone with the knowhow to chime in on the rest of the syntax. Thanks! Link to comment Share on other sites More sharing options...
aalqinneh Posted September 20, 2019 Share Posted September 20, 2019 Did you figure this one out, i'm having the same issue. Link to comment Share on other sites More sharing options...
administrator_19 Posted August 17, 2020 Share Posted August 17, 2020 I found a solution in another post. <bean id="proxyBasicProcessingFilter" class="com.jaspersoft.jasperserver.api.security.externalAuth.ExternalAuthBasicProcessingFilter" parent="basicProcessingFilter"> <constructor-arg index="0" ref="ldapAuthenticationManager"/> <property name="externalDataSynchronizer" ref="externalDataSynchronizer"/> </bean>Delete the line: <property name="authenticationManager" ref="ldapAuthenticationManager"/>That worked for me. on version 7.5.0 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now