[Shib-Users] LdapLoginModule errors: In order to perform this operation a successful bind must be completed on the connection

[Sachin Shekar Shetty]

Hi,

I am trying to use the LDAPLoginModule as follows

ShibUserPassAuth {
edu.vt.middleware.ldap.jaas.LdapLoginModule required
host="ldap://hqusdc1:3268"
ssl="false"
base="DC=us,DC=win,DC=equinix,DC=com"
userField="uid";
};

However i get this error:

Exception in thread "main" javax.security.auth.login.LoginException: javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece

[Chad La Joie]

Well, the error is probably what the LDAP server is reporting. That you
can't bind. You'll need to talk to your LDAP admin to determine how to
correct that.

--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Net Services
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
chad....@switch.ch, http://www.switch.ch

[Sachin Shekar Shetty]

Hi Chad, This error is seen when you have to preautenticate binddn and password as before you can authenticate against the LDAP, but the the LDAPLoginmodule does not seem to support a way to do that Thanks Sachin --- On Mon, 3/23/09, Chad La Joie <chad....@switch.ch> wrote:

[Chad La Joie]

Yes it does, and the documentation gives you the parameters to set to
enable it.

[Sachin Shekar Shetty]

cool, I got it to work with serviceUser, serviceCredential and subtreeSearch attributes. Thanks a bunch Chad. --- On Mon, 3/23/09, Sachin Shekar Shetty <sachin...@yahoo.com> wrote: