active directory

yassine yassine kamal_sadik1 at yahoo.fr
Tue Apr 10 09:34:49 EDT 2007 


yassine yassine <kamal_sadik1 at yahoo.fr> a écrit : 

yassine yassine <kamal_sadik1 at yahoo.fr> a écrit :
i want to use active directory to authenticate users,  my domain controller has the name of:Directory.maec.gov.ma

i configured the deployerConfigContext.xml like below, when i try to authenticate with correct user and passsowrd i have  the following message :    The credentials you provided cannot be determined to be authentic:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC  "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<!--
    | deployerConfigContext.xml centralizes into one file some of the declarative configuration that
    | all CAS deployers will need to modify.
    |
    | This file declares  some of the Spring-managed JavaBeans that make up a CAS  deployment.  
    | The beans declared in this file are instantiated at context initialization time by the Spring 
    | ContextLoaderListener declared in web.xml.  It finds this file because this
    | file is among those declared in the context parameter "contextConfigLocation".
    |
    | By far the most common change you will need to make in this file is to change the last bean
    | declaration to replace the default SimpleTestUsernamePasswordAuthenticationHandler with
    | one implementing your approach for authenticating usernames and passwords.
    +-->
<beans>
    <!--
        | This bean declares our AuthenticationManager.  The CentralAuthenticationService service  bean
        | declared in  applicationContext.xml picks up this AuthenticationManager by reference to its id, 
        | "authenticationManager".  Most deployers will be able to use the default AuthenticationManager
        | implementation and so do not need to change the class of this bean.  We include the whole
        | AuthenticationManager here in the userConfigContext.xml so that you can see the things you will
        | need to change in context.
        +-->
    <bean id="authenticationManager"
        class="org.jasig.cas.authentication.AuthenticationManagerImpl">
        <!--
            | This is the List of  CredentialToPrincipalResolvers that identify what Principal is  trying to authenticate.
            | The AuthenticationManagerImpl considers them in order, finding a CredentialToPrincipalResolver which 
            | supports the presented credentials.
            |
            | AuthenticationManagerImpl uses these resolvers for two purposes.  First, it uses them to identify the Principal
            | attempting to authenticate to CAS /login .  In the default configuration, it is the DefaultCredentialsToPrincipalResolver
            | that fills this role.  If you are using some other kind of credentials than UsernamePasswordCredentials, you will need to  replace
            |  DefaultCredentialsToPrincipalResolver with a CredentialsToPrincipalResolver that supports the credentials you are
            | using.
            |
            | Second, AuthenticationManagerImpl uses these resolvers to identify a service requesting a proxy granting ticket. 
            | In the default configuration, it is the HttpBasedServiceCredentialsToPrincipalResolver that serves this purpose. 
            | You will need to change this list if you are identifying services by something more or other than their callback URL.
            +-->
        <property  name="credentialsToPrincipalResolvers">
             <list>
                <!--
                    | UsernamePasswordCredentialsToPrincipalResolver supports the UsernamePasswordCredentials that we use for /login 
                    | by default and produces SimplePrincipal instances conveying the username from the credentials.
                    | 
                    | If you've changed your LoginFormAction to use credentials other than UsernamePasswordCredentials then you will also
                     | need to change this bean declaration (or add  additional declarations) to declare a CredentialsToPrincipalResolver that supports the
                    | Credentials you are using.
                    +-->
                <bean
                    class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" />
                <!--
                    | HttpBasedServiceCredentialsToPrincipalResolver supports HttpBasedCredentials.  It supports the CAS 2.0  approach of
                     | authenticating services by SSL callback, extracting the callback URL from the Credentials and representing it as a
                    | SimpleService identified by that callback URL.
                    |
                    | If you are representing services by something more or other than an HTTPS URL whereat they are able to
                    | receive a proxy callback, you will need to change this bean declaration (or add additional declarations).
                     +-->
                 <bean
                    class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" />
            </list>
        </property>

        <!--
            | Whereas CredentialsToPrincipalResolvers identify who it is some Credentials might authenticate, 
            | AuthenticationHandlers actually authenticate credentials.  Here we declare the AuthenticationHandlers that
            | authenticate the Principals that the CredentialsToPrincipalResolvers identified.  CAS will try these  handlers in turn
             | until it finds one that both supports the Credentials presented and succeeds in authenticating.
            +-->
    <property name="authenticationHandlers">
      <list>
        <!--
            | This is the authentication handler that authenticates services by means of callback via SSL, thereby validating
            | a server side SSL certificate.
            +-->

        <bean
          class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"  />

         <!--
            | This is the authentication handler declaration that every CAS deployer will need to change before deploying CAS
            | into production.  
            | With this configuration you’ll be using LDAP FastBind authentication.
            +-->
        <bean
          class="org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler" >
          <property name="filter" value="uid=%u,ou=division_info,dc=Directory,dc=maec,dc=gov,dc=ma" />
           <property name="contextSource" ref="contextSource" />
        </bean>
      </list>
    </property>
    </bean>
  <bean id="contextSource" class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
    <property name="urls">
      <list>
        <value>ldap://Directory.maec.gov.ma</value>
      </list>
    </property>
  </bean>

</beans>


 i think, i has a problem  in  the  blue  lines , can you help me to write correctly the ldap string.

Regards




     

---------------------------------
  Découvrez une nouvelle façon d'obtenir des réponses à toutes vos questions !  Profitez des connaissances, des opinions et des expériences des internautes sur Yahoo! Questions/Réponses.
          

---------------------------------
  Découvrez le blog Yahoo! Mail et ses derniers billets.

       
---------------------------------
 Découvrez une nouvelle façon d'obtenir des réponses à toutes vos questions ! Profitez des connaissances, des opinions et des expériences des internautes sur Yahoo! Questions/Réponses.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070410/50c3a748/attachment.html

More information about the cas mailing list