LDAP Authentication error
64 views
Skip to first unread message
Mihalis
Feb 1, 2011, 3:16:37 AM2/1/11
to calips...@googlegroups.com
I would like to have ldap authentication, so I added the required ldap entries in calipso.properties:
ldap.url=ldaps://ldap.example.com:636
ldap.searchBase=dc=xxx,dc=example,dc=com
I restarted tomcat and then I get this error (calipso.log):
2011-02-01 10:05:40,197 [http-8080-1] DEBUG [gr.abiss.calipso.acegi.LdapAuthenticationProvider] - bind failed: javax.naming.AuthenticationException: [LDAP: error code 32 - No Such Object]
Any thoughts?
ldap.url=ldaps://ldap.example.com:636
ldap.searchBase=dc=xxx,dc=example,dc=com
I restarted tomcat and then I get this error (calipso.log):
2011-02-01 10:05:40,197 [http-8080-1] DEBUG [gr.abiss.calipso.acegi.LdapAuthenticationProvider] - bind failed: javax.naming.AuthenticationException: [LDAP: error code 32 - No Such Object]
Any thoughts?
Emmanouil Batsis
Feb 1, 2011, 6:44:53 AM2/1/11
to calips...@googlegroups.com
Quoting Mihalis <milia...@gmail.com>:
Your config is probably wrong. Try using another tool to verify those?
MAnos
Mihalis
Feb 1, 2011, 7:06:27 AM2/1/11
to calips...@googlegroups.com
Does it support the secure (ldaps) protocol?
Emmanouil Batsis
Feb 1, 2011, 10:57:59 AM2/1/11
to calips...@googlegroups.com
Quoting Mihalis <milia...@gmail.com>:
> Does it support the secure (ldaps) protocol?
Should require more advanced config see (calipso uses srping and acegi)
http://www.opennms.org/wiki/Acegi_Security_and_LDAP
BTW are you using LDAP orActiveDirectory?
Manos
Mihalis
Feb 2, 2011, 2:54:31 AM2/2/11
to calips...@googlegroups.com
I am using LDAP
Mihalis
Feb 2, 2011, 4:57:20 AM2/2/11
to calips...@googlegroups.com
Now its ok. I contacted out ldap admin an he told me that the ldap query that calypso was sending to ldap was wrong.
I modified the ldap.searchBase to: ou=people,dc=staff,dc=example,dc=com (added ou=people)
Now the logs are ok:
2011-02-02 11:53:27,478 [http-8080-2] DEBUG [gr.abiss.calipso.wicket.LoginPage] - Trying to obtain a user via authenticate()
2011-02-02 11:53:27,478 [http-8080-2] DEBUG [gr.abiss.calipso.acegi.LdapAuthenticationProvider] - attempting authentication via LDAP
2011-02-02 11:53:27,582 [http-8080-2] DEBUG [gr.abiss.calipso.acegi.LdapAuthenticationProvider] - Standard LDAP bind successful
2011-02-02 11:53:27,592 [http-8080-2] DEBUG [gr.abiss.calipso.acegi.LdapAuthenticationProvider] - attributes: {mail=mail: x...@staff.example.com, cn=cn: Firstname Surname}
2011-02-02 11:53:27,592 [http-8080-2] DEBUG [gr.abiss.calipso.acegi.LdapAuthenticationProvider] - user details retrieved from LDAP, now checking local database
I modified the ldap.searchBase to: ou=people,dc=staff,dc=example,dc=com (added ou=people)
Now the logs are ok:
2011-02-02 11:53:27,478 [http-8080-2] DEBUG [gr.abiss.calipso.wicket.LoginPage] - Trying to obtain a user via authenticate()
2011-02-02 11:53:27,478 [http-8080-2] DEBUG [gr.abiss.calipso.acegi.LdapAuthenticationProvider] - attempting authentication via LDAP
2011-02-02 11:53:27,582 [http-8080-2] DEBUG [gr.abiss.calipso.acegi.LdapAuthenticationProvider] - Standard LDAP bind successful
2011-02-02 11:53:27,592 [http-8080-2] DEBUG [gr.abiss.calipso.acegi.LdapAuthenticationProvider] - attributes: {mail=mail: x...@staff.example.com, cn=cn: Firstname Surname}
2011-02-02 11:53:27,592 [http-8080-2] DEBUG [gr.abiss.calipso.acegi.LdapAuthenticationProvider] - user details retrieved from LDAP, now checking local database
Reply all
Reply to author
Forward
0 new messages