Authentication issue..
407 views
Skip to first unread message
venkata reddy
Dec 28, 2011, 2:49:00 AM12/28/11
to Ruby LDAP
Hi all,
Anybody tried net/ldap gem to authenticate your rails app with
active directory under windows server?
I have been trying it but something is missing and i am not able to
figure it out...
here is my code in the console to establish a connection and
authenticate.
1.9.2p290 :001 > require 'net/ldap'
=> true
1.9.2p290 :002 > ldap = Net::LDAP.new
=> #<Net::LDAP:0x000000019bd650 @host="127.0.0.1", @port=389,
@verbose=false, @auth={:method=>:anonymous}, @base="dc=com",
@encryption=nil, @open_connection=nil>
1.9.2p290 :003 > ldap.host = "myserveripcomeshere"
=> "myserveripcomeshere"
1.9.2p290 :004 > ldap.port = 389
=> 389
1.9.2p290 :005 > ldap.auth "my_user_name_here","my_password_here"
=>
{:method=>:simple, :username=>"my_user_name_here", :password=>"my_password_here"}
1.9.2p290 :006 > if ldap.bind
1.9.2p290 :007?> puts "Authentication successful"
1.9.2p290 :008?> else
1.9.2p290 :009 > puts "Authentication failed"
1.9.2p290 :010?> end
Authentication failed
=> nil
and when i tried to see what's the operation result. below is what
happened..
1.9.2p290 :011 > unless ldap.bind
1.9.2p290 :012?> puts "Result: #{ldap.get_operation_result.code}"
1.9.2p290 :013?> puts "Message:
#{ldap.get_operation_result.message}"
1.9.2p290 :014?> end
Result: 49
Message: Invalid Credentials
=> nil
con't figure out why is happening like that, though i given the
correct credentials.
Any ideas?
Anybody tried net/ldap gem to authenticate your rails app with
active directory under windows server?
I have been trying it but something is missing and i am not able to
figure it out...
here is my code in the console to establish a connection and
authenticate.
1.9.2p290 :001 > require 'net/ldap'
=> true
1.9.2p290 :002 > ldap = Net::LDAP.new
=> #<Net::LDAP:0x000000019bd650 @host="127.0.0.1", @port=389,
@verbose=false, @auth={:method=>:anonymous}, @base="dc=com",
@encryption=nil, @open_connection=nil>
1.9.2p290 :003 > ldap.host = "myserveripcomeshere"
=> "myserveripcomeshere"
1.9.2p290 :004 > ldap.port = 389
=> 389
1.9.2p290 :005 > ldap.auth "my_user_name_here","my_password_here"
=>
{:method=>:simple, :username=>"my_user_name_here", :password=>"my_password_here"}
1.9.2p290 :006 > if ldap.bind
1.9.2p290 :007?> puts "Authentication successful"
1.9.2p290 :008?> else
1.9.2p290 :009 > puts "Authentication failed"
1.9.2p290 :010?> end
Authentication failed
=> nil
and when i tried to see what's the operation result. below is what
happened..
1.9.2p290 :011 > unless ldap.bind
1.9.2p290 :012?> puts "Result: #{ldap.get_operation_result.code}"
1.9.2p290 :013?> puts "Message:
#{ldap.get_operation_result.message}"
1.9.2p290 :014?> end
Result: 49
Message: Invalid Credentials
=> nil
con't figure out why is happening like that, though i given the
correct credentials.
Any ideas?
R. O'Connell
Dec 28, 2011, 3:16:57 AM12/28/11
to ruby...@googlegroups.com
You cannot bind to AD without TLS security, you must use encryption: :simple_tls
You must also pass the username as domain\cn, with the slash escaped. This is a connection string for AD that I pulled out from an old project that worked.
Net::LDAP.new :host => 'hostname', :port => 636, :encryption => :simple_tls, :auth => {:method => :simple, :username => "domain\\#{params[:username]}", :password => params[:password]}
venkata reddy
Dec 28, 2011, 5:12:37 AM12/28/11
to Ruby LDAP
Hi Connell,
Thanks for the reply!
I am getting the following error while trying the above.
OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0
state=SSLv2/v3 read server hello A
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1126:in `connect'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1126:in `wrap_with_ssl'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1163:in `setup_encryption'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1110:in `initialize'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:710:in `new'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:710:in `bind'
from (irb):19
from /usr/local/rvm/rubies/ruby-1.9.2-p290/bin/irb:16:in `<main>'
Thanks for the reply!
I am getting the following error while trying the above.
OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0
state=SSLv2/v3 read server hello A
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1126:in `connect'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1126:in `wrap_with_ssl'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1163:in `setup_encryption'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1110:in `initialize'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:710:in `new'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:710:in `bind'
from (irb):19
from /usr/local/rvm/rubies/ruby-1.9.2-p290/bin/irb:16:in `<main>'
venkata reddy
Dec 28, 2011, 4:15:05 AM12/28/11
to Ruby LDAP
Hi O'Connell,
Thanks for the reply!
When i do what you told, i am getting the following error.
OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0
state=SSLv2/v3 read server hello A
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1126:in `connect'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1126:in `wrap_with_ssl'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1163:in `setup_encryption'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1110:in `initialize'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:710:in `new'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:710:in `bind'
from (irb):19
from /usr/local/rvm/rubies/ruby-1.9.2-p290/bin/irb:16:in `<main>'
any idea about this?
Thanks for the reply!
When i do what you told, i am getting the following error.
OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0
state=SSLv2/v3 read server hello A
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1126:in `connect'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1126:in `wrap_with_ssl'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1163:in `setup_encryption'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1110:in `initialize'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:710:in `new'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:710:in `bind'
from (irb):19
from /usr/local/rvm/rubies/ruby-1.9.2-p290/bin/irb:16:in `<main>'
venkata reddy
Dec 28, 2011, 5:29:59 AM12/28/11
to Ruby LDAP
1.9.2p290 :004 > ldap = Net::LDAP.new :host => 'serveriphere, :port
=> 389, :encryption => :simple_tls, :auth => {:method
=> :simple, :username => "pennywise\xxxxx", :password => "secret"}
=> #<Net::LDAP:0x00000002249af8 @host="serveriphere", @port=389,
@verbose=false, @auth={:method=>:simple, :username=>"pennywise
\xxxxx", :password=>"secret"}, @base="dc=com",
@encryption={:method=>:simple_tls}, @open_connection=nil>
1.9.2p290 :005 > if ldap.bind
1.9.2p290 :006?> puts "yes"
1.9.2p290 :007?> else
1.9.2p290 :008 > puts "no"
1.9.2p290 :009?> end
=> 389, :encryption => :simple_tls, :auth => {:method
=> :simple, :username => "pennywise\xxxxx", :password => "secret"}
=> #<Net::LDAP:0x00000002249af8 @host="serveriphere", @port=389,
@verbose=false, @auth={:method=>:simple, :username=>"pennywise
\xxxxx", :password=>"secret"}, @base="dc=com",
@encryption={:method=>:simple_tls}, @open_connection=nil>
1.9.2p290 :005 > if ldap.bind
1.9.2p290 :006?> puts "yes"
1.9.2p290 :007?> else
1.9.2p290 :008 > puts "no"
1.9.2p290 :009?> end
OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0
state=SSLv2/v3 read server hello A
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1126:in `connect'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1126:in `wrap_with_ssl'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1163:in `setup_encryption'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1110:in `initialize'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:710:in `new'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:710:in `bind'
from (irb):5
state=SSLv2/v3 read server hello A
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1126:in `connect'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1126:in `wrap_with_ssl'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1163:in `setup_encryption'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:1110:in `initialize'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:710:in `new'
from /usr/local/rvm/gems/ruby-1.9.2-p290/gems/net-ldap-0.2.2/lib/net/
ldap.rb:710:in `bind'
R. O'Connell
Dec 28, 2011, 11:11:08 AM12/28/11
to ruby...@googlegroups.com
TLS port is 636.
venkata reddy
Dec 29, 2011, 1:59:53 AM12/29/11
to Ruby LDAP
But i think the server is using port 389
On Dec 28, 9:11 pm, "R. O'Connell" <rory.o...@gmail.com> wrote:
> TLS port is 636.
On Dec 28, 9:11 pm, "R. O'Connell" <rory.o...@gmail.com> wrote:
> TLS port is 636.
venkata reddy
Dec 29, 2011, 2:09:42 AM12/29/11
to Ruby LDAP
I wonder ldap.bind returning true when i left password blank. but when
i am giving password anything whether it is correct or not the method
ldap.bind returning false. where is it going wrong?
i am giving password anything whether it is correct or not the method
ldap.bind returning false. where is it going wrong?
Reply all
Reply to author
Forward
0 new messages