Hi Guys, Hope someone can help me with this one. I am running JasperServer Pro 3.7 on RHEL. I am configuring it to authenticate against a Windows 2003 AD. I have confirmed that the LDAP service is running on the AD and can connect using an Softerra LDAP browser. Authentication bean looks like this: <bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager"> <property name="providers"> <list> <ref local="ldapAuthenticationProvider"/> <ref local="daoAuthenticationProvider"/> <ref local="anonymousAuthenticationProvider"/> <!--ref local="jaasAuthenticationProvider"/--> </list> </property> </bean> The context source config looks like this: <bean id="ldapContextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource"> <constructor-arg value="ldap://10.0.3.21:389/dc=entitysolutions,dc=local"/> <property name="userDn"><value>cn=Application Authenticator,cn=Users,dc=entitysolutions,dc=local</value></property> <property name="password"><value>Password_1</value></property> </bean> The user 'Application Authenticator' is a basic AD user which can browse the LDAP directory easily using the external utility (See 1.jpg)To locate the users, I have made the following modifications: <!-- For LDAP authentication This bean is not used by default --> <bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch"> <constructor-arg index="0"><value>cn=Users</value></constructor-arg> <constructor-arg index="1"><value>(sAMAccountName={0})</value></constructor-arg> <constructor-arg index="2"><ref local="ldapContextSource" /></constructor-arg> <property name="searchSubtree"><value>true</value></property> </bean> The below code i.e. the first constuctor, I haven't modified, please advise if any modifications have to be made? <!-- For LDAP authentication --> <bean id="ldapAuthenticationProvider" class="org.springframework.security.providers.ldap.LdapAuthenticationProvider"> <constructor-arg> <bean class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator"> <constructor-arg><ref local="ldapContextSource"/></constructor-arg> <!-- <property name="userDnPatterns"><list><value>uid={0}</value></list></property> --> <property name="userSearch"><ref local="userSearch"/> </property> </bean> </constructor-arg> I have however modified the second constructor which is as below:<constructor-arg> <bean class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator"> <constructor-arg index="0"><ref local="ldapContextSource"/></constructor-arg> <constructor-arg index="1"><value>cn=Builtin</value></constructor-arg> <property name="groupRoleAttribute"><value>cn</value></property> <property name="groupSearchFilter"><value>(&(uniqueMember={0})(objectclass=groupofuniquenames))</value></property> <property name="searchSubtree"><value>true</value></property> </bean></constructor-arg>
needless to say the authentication isnt working when I try to log in as JasperTest, and in the log, I get the below message: 2010-06-29 14:14:26,775 WARN LoggerListener,http-8080-Processor24:60 - Authentication event AuthenticationFailureBadCredentialsEvent: JasperTest; details: com.jaspersoft.jasperserver.multipleTenancy.MTWebAuthenticationDetails@0: RemoteIpAddress: 10.0.3.249; SessionId: 358C8EEA5CC208C4E0532E7BCDC64539; exception: Bad credentials
Any help will be greatly appreciated:Cheers Kamran 1.jpg - Screen grab of LDAP Browser2.jpg - Screen grab of the AD Post Edited by kchanna at 06/29/2010 06:05