LDAP integration

Scott Battaglia scott.battaglia at gmail.com
Fri Apr 27 08:58:30 EDT 2007 

Glad to hear you solved it!   I'm actually surprised that there wasn't a
better error message since the bind would have failed since the username was
wrong.

I think the authenticatedReadOnly property is from the older version of the
LdapTemplate.  I'll update that in our CVS.  Thanks.

-Scott

On 4/27/07, Dmitry Kochelaev <dkochelaev at gmail.com> wrote:
>
> Hello,
>
> Thank you, for your attitude. I've solved the problem just an hour
> ago. It was in incorrect userName property. It should look like:
>        <property name="userName" value="uid=admin" />
> rather then like
>        <property name="userName" value="admin" />
>
> Also I should note, that there is no property authenticatedReadOnly (I
> use spring-ldap-1.1.2.jar), but there is property anonymousReadOnly.
>
> On 4/27/07, Scott Battaglia <scott.battaglia at gmail.com> wrote:
> > You can try turning up the debug level in the log4j properties for
> > org.springframework.ldap. That should give you some information.
> >
> > I'm not especially familiar with LDAP.  All I can do is point you to our
> > sample file:
> >
> http://developer.ja-sig.org/source/browse/jasig/cas3/adaptors/ldap/src/main/resources/deployerConfigContext.xml?r=1.1
> >
> > Someone else may be able to provide more assistance.
> >
> > -Scott
> >
> >
> > On 4/26/07, Dmitry Kochelaev <dkochelaev at gmail.com > wrote:
> > >
> > > Hello,
> > >
> > > I've installed CAS on my Tomcat and tested it with default
> > > Authentication Handler. It worked. Then I tried to configure it to use
> > > my Apache Directory server. A do not get any error messages in log,
> > > however, I'm not able to be authenticated.
> > >
> > > In LDAP I've following tree structure:
> > > com->example->dkochelaev (this node has uid=dkochelaev)
> > >
> > > My CAS config (deployerConfigContext.xml) is created as described in
> > > manual, so the part i've modified is:
> > >         <property name="authenticationHandlers">
> > >             <list>
> > >                 <bean
> > >
> > >
> > class="
> org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler
> "
> > > />
> > >
> > >                 <bean
> > >
> > >
> > class="org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler"
> > > >
> > >                         <property name="filter"
> > value="uid=%u" />
> > >                         <property name="contextSource"
> > ref="contextSource" />
> > >                 </bean>
> > >
> > >             </list>
> > >         </property>
> > >     </bean>
> > >     <bean id="contextSource"
> > >
> > class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource
> > ">
> > >         <property name="anonymousReadOnly" value="false" />
> > >         <property name="userName" value="admin" />
> > >         <property name="password" value="secret" />
> > >         <property name="urls">
> > >             <list>
> > >                 <value>ldaps://localhost:10389</value>
> > >             </list>
> > >         </property>
> > >
> > >         <property name="baseEnvironmentProperties">
> > >             <map>
> > >                 <entry>
> > >
> > >
> > <key><value>java.naming.security.authentication</value></key>
> > >                         <value>simple</value>
> > >                 </entry>
> > >             </map>
> > >         </property>
> > >     </bean>
> > >
> > >
> > > One more thing that disturbs me is that when I change urls to
> > > something like "bla-bla-bla" I also don't get any error messages. What
> > > can be the root of the problem?
> > >
> > > --
> > > Dmitry Kochelaev
> > > _______________________________________________
> > > Yale CAS mailing list
> > > cas at tp.its.yale.edu
> > > http://tp.its.yale.edu/mailman/listinfo/cas
> > >
> >
> >
> >
> > --
> > -Scott Battaglia
> >
> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> > _______________________________________________
> > Yale CAS mailing list
> > cas at tp.its.yale.edu
> > http://tp.its.yale.edu/mailman/listinfo/cas
> >
> >
>
>
> --
> Dmitry Kochelaev
> eVelopers Corporation
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>



-- 
-Scott Battaglia

LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070427/d8af027b/attachment.html

More information about the cas mailing list