Active Directory and FastBind

Scott Battaglia scott.battaglia at gmail.com
Thu Sep 13 10:02:14 EDT 2007 

Your configuration file apparently has some Rutgers URLs in it ;-)

-Scott

On 9/13/07, Juan Francisco Fernández Rodríguez <juanffernandez at faffe.es>
wrote:
>
>  Hi, I need to connect my CAS server with an Active Directory using
> fastbind. When I try to login using my domain username and password, I get
> the message:
>
>
>
> "The credentials you provided cannot be determined to be authentic"
>
>
>
>
>
>
>
> This is my deployerConfigContext.xml, with comments removed to post it ;):
>
>
>
> <?xml version="1.0" encoding="UTF-8"?>
>
> <!DOCTYPE beans PUBLIC  "-//SPRING//DTD BEAN//EN" "
> http://www.springframework.org/dtd/spring-beans.dtd">
>
> <beans>
>
>             <bean id="authenticationManager"
>
>                         class="
> org.jasig.cas.authentication.AuthenticationManagerImpl">
>
>                         <property name="credentialsToPrincipalResolvers">
>
>                                    <list>
>
>                                                <bean
>
>                                                            class="
> org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"
> />
>
>                                                <bean
>
>                                                            class="
> org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver"
> />
>
>                                    </list>
>
>                         </property>
>
>
>
>                         <property name="authenticationHandlers">
>
>                                    <list>
>
>                                                <bean
>
>                                                            class="
> org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler
> ">
>
>                                                            <property
> name="httpClient" ref="httpClient" />
>
>                                                </bean>
>
>                                                            <bean class="
> org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler" >
>
>
> <property name="filter" value="sAMAccountName=%u,CN=Users,DC=mydomain,DC=es"
> />
>
>
> <property name="ignorePartialResultException" value="yes" />
>
>
> <property name="contextSource" ref="contextSource" />
>
>
> </bean>
>
>                                    </list>
>
>                         </property>
>
>             </bean>
>
>
>
>             <bean id="contextSource" class="
> org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
>
>                         <property name="urls">
>
>                                    <list>
>
>
> <value>ldap://192.168.0.5/</value>
>
>                                    </list>
>
>                         </property>
>
>                         <property name="baseEnvironmentProperties">
>
>                                    <map>
>
>                                                <entry>
>
>                                                            <key>
>
>
> <value>java.naming.security.authentication</value>
>
>                                                            </key>
>
>
> <value>none</value>
>
>                                                </entry>
>
>                                    </map>
>
>                         </property>
>
>             </bean>
>
> </beans>
>
>
>
> When Tomcat start, this debug lines are added to cas.log, look at the last
> line, is this ok???? :
>
>
>
> 2007-09-13 14:40:03,562 DEBUG [
> org.springframework.ldap.support.LdapContextSource] - AuthenticationSource
> not set - using default implementation
>
> 2007-09-13 14:40:03,562 DEBUG [
> org.springframework.ldap.support.LdapContextSource] - Using LDAP pooling.
>
> 2007-09-13 14:40:03,562 DEBUG [
> org.springframework.ldap.support.LdapContextSource] - Trying provider
> Urls: ldaps://ldap.rutgers.edu/  <------------------------ ?????????????
>
>
>
>
>
> This other debug lines are some lines of debug output:
>
>
>
> 2007-09-13 14:07:36,187 DEBUG [
> org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
> 'AuthenticationViaFormAction' completed execution; result is 'success'
>
> 2007-09-13 14:07:36,187 DEBUG [
> org.jasig.cas.web.flow.AuthenticationViaFormAction] - Action
> 'AuthenticationViaFormAction' beginning execution
>
> 2007-09-13 14:07:36,187 DEBUG [
> org.jasig.cas.web.flow.AuthenticationViaFormAction] - Found existing form
> object with name 'credentials' of type [class
> org.jasig.cas.authentication.principal.UsernamePasswordCredentials] in
> scope Flow
>
> 2007-09-13 14:07:36,796 INFO [
> org.jasig.cas.authentication.AuthenticationManagerImpl] -
> AuthenticationHandler:
> org.jasig.cas.adaptors.ldap.FastBindLdapAuthenticationHandler failed to
> authenticate the user which provided the following credentials: myusername
>
>
>
>
>
>
>
> Thanks in advance,
>
>
>
> Greets.
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
>


-- 
-Scott Battaglia

LinkedIn: http://www.linkedin.com/in/scottbattaglia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20070913/1152df19/attachment.html

More information about the cas mailing list