When I try to log in with AD credentials, I get the following error: [LDAP: error code 32 - 0000208D: NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best match of: I assume the object can't be found due to some sort of permission error, or I'm pointing to the wrong DN. Including my applicationContext-externalAuth-LDAP.xml file for reference. Not sure what I'm doing wrong here. <!-- ~ Copyright © 2005 - 2018 TIBCO Software Inc. ~ http://www.jaspersoft.com. ~ ~ This program is free software: you can redistribute it and/or modify ~ it under the terms of the GNU Affero General Public License as published by ~ the Free Software Foundation, either version 3 of the License, or ~ (at your option) any later version. ~ ~ This program is distributed in the hope that it will be useful, ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ~ GNU Affero General Public License for more details. ~ ~ You should have received a copy of the GNU Affero General Public License ~ along with this program. If not, see <https://www.gnu.org/licenses/>. --><beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd"> <!-- ############ LDAP authentication ############ - Sample configuration of external authentication via an external LDAP server. --> <bean id="proxyAuthenticationProcessingFilter" class="com.jaspersoft.jasperserver.api.security.EncryptionAuthenticationProcessingFilter" parent="authenticationProcessingFilter"> <property name="authenticationManager"> <ref local="ldapAuthenticationManager"/> </property> <property name="authenticationSuccessHandler" ref="externalAuthSuccessHandler" /> </bean> <bean id="proxyRequestParameterAuthenticationFilter" class="com.jaspersoft.jasperserver.war.util.ExternalRequestParameterAuthenticationFilter" parent="requestParameterAuthenticationFilter"> <property name="authenticationManager"> <ref local="ldapAuthenticationManager"/> </property> <property name="externalDataSynchronizer" ref="externalDataSynchronizer"/> </bean> <bean id="externalAuthSuccessHandler" class="com.jaspersoft.jasperserver.api.security.externalAuth.JrsExternalAuthenticationSuccessHandler" parent="successHandler"> <property name="externalDataSynchronizer"> <ref local="externalDataSynchronizer"/> </property> </bean> <bean id="proxyBasicProcessingFilter" class="com.jaspersoft.jasperserver.api.security.externalAuth.ExternalAuthBasicProcessingFilter" parent="basicProcessingFilter"> <property name="authenticationManager" ref="ldapAuthenticationManager"/> <property name="externalDataSynchronizer" ref="externalDataSynchronizer"/> </bean> <bean id="ldapAuthenticationManager" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.JSProviderManager"> <property name="providers"> <list> <ref local="ldapAuthenticationProvider"/> <ref bean="${bean.daoAuthenticationProvider}"/> <!--anonymousAuthenticationProvider only needed if filterInvocationInterceptor.alwaysReauthenticate is set to true <ref bean="anonymousAuthenticationProvider"/> --> </list> </property> </bean> <bean id="ldapAuthenticationProvider" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSLdapAuthenticationProvider"> <constructor-arg> <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSBindAuthenticator"> <constructor-arg><ref local="ldapContextSource"/></constructor-arg> <property name="userSearch" ref="userSearch"/> </bean> </constructor-arg> <constructor-arg> <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSDefaultLdapAuthoritiesPopulator"> <constructor-arg index="0"><ref local="ldapContextSource"/></constructor-arg> <constructor-arg index="1"> <value>OU=Groups,OU=RollaMO-N,OU=CR,DC=**,DC=***,DC=***</value> </constructor-arg> <property name="groupRoleAttribute" value="CN"/> <property name="groupSearchFilter" value="(&(member={0})(objectclass=group)(cn=Jasper*))"/> <property name="searchSubtree" value="true"/> <!-- Can setup additional external default roles here <property name="defaultRole" value="LDAP"/> --> </bean> </constructor-arg> </bean> <bean id="userSearch" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSFilterBasedLdapUserSearch"> <constructor-arg index="0"> <value>OU=Users,OU=RollaMO-N,OU=CR,DC=**,DC=***,DC=***</value> </constructor-arg> <constructor-arg index="1"> <value>(&(sAMAccountName={0}))</value> </constructor-arg> <constructor-arg index="2"> <ref local="ldapContextSource" /> </constructor-arg> <property name="searchSubtree"> <value>true</value> </property> </bean> <bean id="ldapContextSource" class="com.jaspersoft.jasperserver.api.security.externalAuth.ldap.JSLdapContextSource"> <constructor-arg value="ldap://******:389/dc=**,dc=***,dc=***"/> <property name="userDn"> <value> CN=igskrdcn-nix2,OU=Service Accounts,OU=Users,OU=RollaMO-N,OU=CR,DC=**,DC=**,DC=** </value> </property> <property name="password"><value>****</value></property> </bean> <!-- ############ LDAP authentication ############ --> <!-- ############ JRS Synchronizer ############ --> <bean id="externalDataSynchronizer" class="com.jaspersoft.jasperserver.api.security.externalAuth.ExternalDataSynchronizerImpl"> <property name="externalUserProcessors"> <list> <ref local="externalUserSetupProcessor"/> <!-- Example processor for creating user folder--> <!--<ref local="externalUserFolderProcessor"/>--> </list> </property> </bean> <bean id="abstractExternalProcessor" class="com.jaspersoft.jasperserver.api.security.externalAuth.processors.AbstractExternalUserProcessor" abstract="true"> <property name="repositoryService" ref="${bean.repositoryService}"/> <property name="userAuthorityService" ref="${bean.userAuthorityService}"/> <property name="tenantService" ref="${bean.tenantService}"/> <property name="profileAttributeService" ref="profileAttributeService"/> <property name="objectPermissionService" ref="objectPermissionService"/> </bean> <bean id="externalUserSetupProcessor" class="com.jaspersoft.jasperserver.api.security.externalAuth.processors.ExternalUserSetupProcessor" parent="abstractExternalProcessor"> <!--Default permitted role characters; others are removed. Change regular expression to allow other chars. <property name="permittedExternalRoleNameRegex" value="[A-Za-z0-9_]+"/>--> <property name="userAuthorityService"> <ref bean="${bean.internalUserAuthorityService}"/> </property> <property name="defaultInternalRoles"> <list> <value>ROLE_USER</value> </list> </property> <property name="organizationRoleMap"> <map> <!-- Example of mapping customer roles to JRS roles --> <entry> <key> <value>ROLE_IGSGRollaMO-N Jasper Reports Users</value> </key> <!-- JRS role that the <key> external role is mapped to--> <value>ROLE_ADMINISTRATOR</value> </entry> </map> </property> </bean> <!-- EXAMPLE Processor <bean id="externalUserFolderProcessor" class="com.jaspersoft.jasperserver.api.security.externalAuth.processors.ExternalUserFolderProcessor" parent="abstractExternalProcessor"> <property name="repositoryService" ref="${bean.unsecureRepositoryService}"/> </bean> --> <!-- ############ JRS Synchronizer ############ --></beans>[/code]
