[cas-user] CAS with LDAP

82 views
Skip to first unread message

acnu

unread,
Aug 1, 2011, 7:34:23 AM8/1/11
to cas-...@lists.jasig.org
Hi

I am trying to integrate CAS with OpenLDAP using CAS overlay method.

The maven CAS application application works perfectly at home system. The
same project doesn't work with in office network environment.

Any thoughts? advise me please.

acnu

Audit Trail Message
------------------

2011-08-01 12:07:43,696 INFO
[com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] -
<Audit trail record BEGIN
=============================================================
WHO: [username: srini]
WHAT: [LDAP: error code 49 - Invalid Credentials]; nested exception is
javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid
Credentials]
ACTION: TICKET_GRANTING_TICKET_NOT_CREATED
APPLICATION: CAS
WHEN: Mon Aug 01 12:07:43 BST 2011
CLIENT IP ADDRESS: 127.0.0.1
SERVER IP ADDRESS: 127.0.0.1
=============================================================

Error message:

SEVERE: Servlet.service() for servlet [cas] in context with path [/CasEx1]
threw exception [Request processing failed; nested exception is
org.springframework.webflow.execution.ActionExecutionException: Exception
thrown executing [AnnotatedAction@a88a21 targetAction =
[EvaluateAction@1049db0 expression =
authenticationViaFormAction.submit(flowRequestContext,
flowScope.credentials, messageContext), resultExpression = [null]],
attributes = map[[empty]]] in state 'realSubmit' of flow 'login' -- action
execution attributes were 'map[[empty]]'] with root cause
javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid
Credentials]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3041)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2789)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2703)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at
com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at
com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
at
org.springframework.ldap.core.support.LdapContextSource.getDirContextInstance(LdapContextSource.java:43)
at
org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:254)
at
org.springframework.ldap.core.support.AbstractContextSource.getContext(AbstractContextSource.java:106)
at
org.springframework.ldap.core.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:125)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:287)
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:361)
at
org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal(BindLdapAuthenticationHandler.java:68)
at
org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.doAuthentication(AbstractUsernamePasswordAuthenticationHandler.java:58)
at
org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler.authenticate_aroundBody2(AbstractPreAndPostProcessingAuthenticationHandler.java:72)
at
org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler.authenticate_aroundBody3$advice(AbstractPreAndPostProcessingAuthenticationHandler.java:44)
at
org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler.authenticate(AbstractPreAndPostProcessingAuthenticationHandler.java:1)
at
org.jasig.cas.authentication.AuthenticationManagerImpl.authenticateAndObtainPrincipal(AuthenticationManagerImpl.java:78)
at
org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate_aroundBody0(AbstractAuthenticationManager.java:41)
at
org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate_aroundBody1$advice(AbstractAuthenticationManager.java:44)
at
org.jasig.cas.authentication.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:1)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)

--
View this message in context: http://jasig.275507.n4.nabble.com/CAS-with-LDAP-tp3709411p3709411.html
Sent from the CAS Users mailing list archive at Nabble.com.

--
You are currently subscribed to cas-...@lists.jasig.org as: jasig-cas-user...@googlegroups.com
To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user

Michael Ströder

unread,
Aug 1, 2011, 7:56:39 AM8/1/11
to cas-...@lists.jasig.org, acnu
acnu wrote:
> WHO: [username: srini]
> WHAT: [LDAP: error code 49 - Invalid Credentials]; nested exception is
> javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid
> Credentials]

This simply says the combination of bind-DN and password used in the LDAP bind
request is not correct.

You probably should look in the OpenLDAP syslog messages to determine whether
the search for the user and the bind-DN actually used is correct. And of
course the password should be correct. ;-)

Ciao, Michael.

acnu

unread,
Aug 2, 2011, 6:43:53 AM8/2/11
to cas-...@lists.jasig.org
Issue was resolved.

Thanks for your help.

acnu


--
View this message in context: http://jasig.275507.n4.nabble.com/CAS-with-LDAP-tp3709411p3711944.html

Reply all
Reply to author
Forward
0 new messages