Multiple LDAP authentication handlers and bad password returns HTTP 500 Error
Scott Battaglia
scott.battaglia at gmail.com
Thu Sep 18 12:01:57 EDT 2008
It looks like when you have multiple LDAP handlers configured one of them
throws an exception if their is a failure. I'm not sure why. Its an
exception coming from the LDAP server not CAS, which is why its making it
through. Is there anything special about those LDAP servers where if you
tried them both with bad user names one would throw an exception.
-Scott
-Scott Battaglia
PGP Public Key Id: 0x383733AA
LinkedIn: http://www.linkedin.com/in/scottbattaglia
On Thu, Sep 18, 2008 at 10:54 AM, Chris <c.naslain at lectra.com> wrote:
> Scott, if this may help, here are the catalina.out content for 1) 1 LDAP
> handler & wrong user 2) 2 LDAPS and wrong user. I can do any tests you
> like :)
>
> 1) 1 LDAP Handler & wrong user/pwd: Tomcat catalina.out content
>
> 18 sept. 2008 16:47:23 org.apache.catalina.core.AprLifecycleListener
> lifecycleEvent
> INFO: The Apache Tomcat Native library which allows optimal performance
> in production environments was not found on the java.library.path:
>
> /usr/java/jdk1.6.0_03/jre/lib/i386/server:/usr/java/jdk1.6.0_03/jre/lib/i386:/usr/java/jdk1.6.0_03/jre/../lib/i386:/usr/java/packages/lib/i386:/lib:/usr/lib
> 18 sept. 2008 16:47:23 org.apache.coyote.http11.Http11BaseProtocol init
> INFO: Initialisation de Coyote HTTP/1.1 sur http-8080
> 18 sept. 2008 16:47:23 org.apache.catalina.startup.Catalina load
> INFO: Initialization processed in 529 ms
> 18 sept. 2008 16:47:23 org.apache.catalina.core.StandardService start
> INFO: Démarrage du service Catalina
> 18 sept. 2008 16:47:23 org.apache.catalina.core.StandardEngine start
> INFO: Starting Servlet Engine: Apache Tomcat/5.5.26
> 18 sept. 2008 16:47:23 org.apache.catalina.core.StandardHost start
> INFO: XML validation disabled
> 18 sept. 2008 16:47:24 org.apache.catalina.startup.HostConfig deployWAR
> INFO: Déploiement de l'archive cas.war de l'application web
> 2008-09-18 16:47:26,052 INFO
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <FormObjectClass
> not set. Using default class of
> org.jasig.cas.authentication.principal.UsernamePasswordCredentials with
> formObjectName credentials and validator
> org.jasig.cas.validation.UsernamePasswordCredentialsValidator.>
> 18 sept. 2008 16:47:26 org.apache.coyote.http11.Http11BaseProtocol start
> INFO: Démarrage de Coyote HTTP/1.1 sur http-8080
> 18 sept. 2008 16:47:26 org.apache.jk.common.ChannelSocket init
> INFO: JK: ajp13 listening on /0.0.0.0:8009
> 18 sept. 2008 16:47:26 org.apache.jk.server.JkMain start
> INFO: Jk running ID=0 time=0/21 config=null
> 18 sept. 2008 16:47:26 org.apache.catalina.storeconfig.StoreLoader load
> INFO: Find registry server-registry.xml at classpath resource
> 18 sept. 2008 16:47:26 org.apache.catalina.startup.Catalina start
> INFO: Server startup in 3076 ms
> 2008-09-18 16:47:45,241 INFO
> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
> <Starting cleaning of expired tickets from ticket registry at [Thu Sep
> 18 16:47:45 CEST 2008]>
> 2008-09-18 16:47:45,242 INFO
> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
> <0 found to be removed. Removing now.>
> 2008-09-18 16:47:45,243 INFO
> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
> <Finished cleaning of expired tickets from ticket registry at [Thu Sep
> 18 16:47:45 CEST 2008]>
> 2008-09-18 16:47:53,252 INFO
> [org.jasig.cas.web.flow.InitialFlowSetupAction] - <Setting ContextPath
> for cookies to: /cas>
> 2008-09-18 16:48:03,825 INFO
> [org.jasig.cas.authentication.AuthenticationManagerImpl] -
> <AuthenticationHandler:
> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler failed to
> authenticate the user which provided the following credentials:
> unknown_user>
>
>
> 2) 3 LDAP Handlers & wrong user/pwd: Tomcat catalina.out content
>
> 18 sept. 2008 16:51:28 org.apache.catalina.core.AprLifecycleListener
> lifecycleEvent
> INFO: The Apache Tomcat Native library which allows optimal performance
> in production environments was not found on the java.library.path:
>
> /usr/java/jdk1.6.0_03/jre/lib/i386/server:/usr/java/jdk1.6.0_03/jre/lib/i386:/usr/java/jdk1.6.0_03/jre/../lib/i386:/usr/java/packages/lib/i386:/lib:/usr/lib
> 18 sept. 2008 16:51:29 org.apache.coyote.http11.Http11BaseProtocol init
> INFO: Initialisation de Coyote HTTP/1.1 sur http-8080
> 18 sept. 2008 16:51:29 org.apache.catalina.startup.Catalina load
> INFO: Initialization processed in 1094 ms
> 18 sept. 2008 16:51:29 org.apache.catalina.core.StandardService start
> INFO: Démarrage du service Catalina
> 18 sept. 2008 16:51:29 org.apache.catalina.core.StandardEngine start
> INFO: Starting Servlet Engine: Apache Tomcat/5.5.26
> 18 sept. 2008 16:51:29 org.apache.catalina.core.StandardHost start
> INFO: XML validation disabled
> 18 sept. 2008 16:51:29 org.apache.catalina.startup.HostConfig deployWAR
> INFO: Déploiement de l'archive cas.war de l'application web
> 2008-09-18 16:51:31,623 INFO
> [org.jasig.cas.web.flow.AuthenticationViaFormAction] - <FormObjectClass
> not set. Using default class of
> org.jasig.cas.authentication.principal.UsernamePasswordCredentials with
> formObjectName credentials and validator
> org.jasig.cas.validation.UsernamePasswordCredentialsValidator.>
> 18 sept. 2008 16:51:32 org.apache.coyote.http11.Http11BaseProtocol start
> INFO: Démarrage de Coyote HTTP/1.1 sur http-8080
> 18 sept. 2008 16:51:32 org.apache.jk.common.ChannelSocket init
> INFO: JK: ajp13 listening on /0.0.0.0:8009
> 18 sept. 2008 16:51:32 org.apache.jk.server.JkMain start
> INFO: Jk running ID=0 time=0/21 config=null
> 18 sept. 2008 16:51:32 org.apache.catalina.storeconfig.StoreLoader load
> INFO: Find registry server-registry.xml at classpath resource
> 18 sept. 2008 16:51:32 org.apache.catalina.startup.Catalina start
> INFO: Server startup in 3141 ms
> 2008-09-18 16:51:40,651 INFO
> [org.jasig.cas.web.flow.InitialFlowSetupAction] - <Setting ContextPath
> for cookies to: /cas>
> 2008-09-18 16:51:50,801 INFO
> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
> <Starting cleaning of expired tickets from ticket registry at [Thu Sep
> 18 16:51:50 CEST 2008]>
> 2008-09-18 16:51:50,804 INFO
> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
> <0 found to be removed. Removing now.>
> 2008-09-18 16:51:50,804 INFO
> [org.jasig.cas.ticket.registry.support.DefaultTicketRegistryCleaner] -
> <Finished cleaning of expired tickets from ticket registry at [Thu Sep
> 18 16:51:50 CEST 2008]>
> 2008-09-18 16:51:51,478 INFO
> [org.jasig.cas.authentication.AuthenticationManagerImpl] -
> <AuthenticationHandler:
> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler failed to
> authenticate the user which provided the following credentials:
> unknown_user>
> 2008-09-18 16:51:51,520 ERROR
>
> [org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/cas].[cas]]
> - <"Servlet.service()" pour la servlet cas a généré une exception>
> javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308:
> LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525,
> vece
>
>
>
>
>
> Scott Battaglia a écrit :
> > That seems rather strange that it wouldn't work (in theory it should
> > ;-)). Does it work okay if you have one LDAP handler and say the test
> > username password handler but both fail?
> >
> > The interesting thing is that LDAP (Active Directory) appears to be
> > throwing an exception which normally it shouldn't do. So either AD is
> > returning an exception we weren't expecting or there's some
> > configuration problem with two ADs and a failed password.
> >
> > I'm not sure which it is. I don't know if you can do any debugging on
> > your end (we don't have an AD here that I can use).
> >
> > -Scott
> >
> > -Scott Battaglia
> > PGP Public Key Id: 0x383733AA
> > LinkedIn: http://www.linkedin.com/in/scottbattaglia
> >
> >
> > On Thu, Sep 18, 2008 at 6:12 AM, Chris <c.naslain at lectra.com
> > <mailto:c.naslain at lectra.com>> wrote:
> >
> > Hi all,
> >
> > I am running a CAS 3.1.1 server on Tomcat 5.5.26. <http://5.5.26.>
> The
> > deployerConfigContext.xml is configured to check user authentication
> on
> > 3 M$ Active Directories thru 3 LDAP authentication handlers.
> >
> > This works fine if the user/password match one of the 3 AD. But if
> the
> > password is mistyped (or a bad username), CAS returns an exception
> (HTTP
> > 500) instead of the default red error message "The credentials you
> > provided cannot be determined to be authentic."
> >
> > I have tested with only 1 LDAP authentication handler and the warning
> > message is returned well (No HTTP 500 exception).
> >
> > As soon as I configure 2 LDAP authentication handlers, the HTTP 500
> > exception occurs.
> >
> > Below is the exception returned when 2 LDAP are configured and when I
> > mistype a password + an example of my deployerConfigContext.xml using
> 2
> > LDAP authentication handlers.
> >
> > Any idea why this HTTP 500 exception occurs? Missing configuration
> > parameters?
> >
> > Best
> >
> > Chris
> >
> > ----------------------------
> >
> > Etat HTTP 500 -
> >
> > type Rapport d'exception
> >
> > message
> >
> > description Le serveur a rencontré une erreur interne () qui l'a
> empêché
> > de satisfaire la requête.
> >
> > exception
> >
> > org.springframework.web.util.NestedServletException: Request
> processing
> > failed; nested exception is
> > org.springframework.webflow.engine.ActionExecutionException:
> Exception
> > thrown executing [AnnotatedAction at 869470 targetAction =
> > org.jasig.cas.web.flow.AuthenticationViaFormAction at 43153c,
> attributes =
> > map['method' -> 'submit']] in state 'submit' of flow 'login-webflow'
> --
> > action execution attributes were 'map['method' -> 'submit']'; nested
> > exception is org.springframework.ldap.UncategorizedLdapException:
> > Operation failed; nested exception is
> > javax.naming.AuthenticationException: [LDAP: error code 49 -
> 80090308:
> > LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data
> 525,
> > vece�]
> >
> >
> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:487)
> >
> >
> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:440)
> > javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
> > javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
> >
> >
> org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
> >
> > cause mère
> >
> > org.springframework.webflow.engine.ActionExecutionException:
> Exception
> > thrown executing [AnnotatedAction at 869470 targetAction =
> > org.jasig.cas.web.flow.AuthenticationViaFormAction at 43153c,
> attributes =
> > map['method' -> 'submit']] in state 'submit' of flow 'login-webflow'
> --
> > action execution attributes were 'map['method' -> 'submit']'; nested
> > exception is org.springframework.ldap.UncategorizedLdapException:
> > Operation failed; nested exception is
> > javax.naming.AuthenticationException: [LDAP: error code 49 -
> 80090308:
> > LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data
> 525,
> > vece�]
> >
> >
> org.springframework.webflow.engine.ActionExecutor.execute(ActionExecutor.java:68)
> >
> >
> org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:180)
> > org.springframework.webflow.engine.State.enter(State.java:200)
> >
> >
> org.springframework.webflow.engine.Transition.execute(Transition.java:229)
> >
> >
> org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112)
> > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572)
> >
> >
> org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208)
> >
> >
> org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:185)
> > org.springframework.webflow.engine.State.enter(State.java:200)
> >
> >
> org.springframework.webflow.engine.Transition.execute(Transition.java:229)
> >
> >
> org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112)
> > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572)
> >
> >
> org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208)
> >
> >
> org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent(FlowExecutionImpl.java:214)
> >
> >
> org.springframework.webflow.executor.FlowExecutorImpl.resume(FlowExecutorImpl.java:245)
> >
> >
> org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:115)
> >
> >
> org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:172)
> >
> >
> org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)
> >
> >
> org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
> >
> >
> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:857)
> >
> >
> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:792)
> >
> >
> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:475)
> >
> >
> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:440)
> > javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
> > javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
> >
> >
> org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
> >
> > cause mère
> >
> > org.springframework.ldap.UncategorizedLdapException: Operation
> failed;
> > nested exception is javax.naming.AuthenticationException: [LDAP:
> error
> > code 49 - 80090308: LdapErr: DSID-0C090334, comment:
> > AcceptSecurityContext error, data 525, vece�]
> >
> >
> org.springframework.ldap.DefaultNamingExceptionTranslator.translate(DefaultNamingExceptionTranslator.java:93)
> >
> >
> org.springframework.ldap.support.AbstractContextSource.createContext(AbstractContextSource.java:204)
> >
> >
> org.springframework.ldap.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:104)
> >
> > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:263)
> >
> > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:314)
> >
> >
> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal(BindLdapAuthenticationHandler.java:67)
> >
> >
> org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.doAuthentication(AbstractUsernamePasswordAuthenticationHandler.java:56)
> >
> >
> org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler.authenticate(AbstractPreAndPostProcessingAuthenticationHandler.java:58)
> >
> >
> org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(AuthenticationManagerImpl.java:84)
> >
> >
> org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket(CentralAuthenticationServiceImpl.java:383)
> >
> >
> org.jasig.cas.web.flow.AuthenticationViaFormAction.submit(AuthenticationViaFormAction.java:107)
> > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> >
> >
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> >
> >
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> > java.lang.reflect.Method.invoke(Method.java:597)
> >
> >
> org.springframework.webflow.util.DispatchMethodInvoker.invoke(DispatchMethodInvoker.java:103)
> >
> >
> org.springframework.webflow.action.MultiAction.doExecute(MultiAction.java:136)
> >
> >
> org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:203)
> >
> >
> org.springframework.webflow.engine.AnnotatedAction.execute(AnnotatedAction.java:142)
> >
> >
> org.springframework.webflow.engine.ActionExecutor.execute(ActionExecutor.java:61)
> >
> >
> org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:180)
> > org.springframework.webflow.engine.State.enter(State.java:200)
> >
> >
> org.springframework.webflow.engine.Transition.execute(Transition.java:229)
> >
> >
> org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112)
> > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572)
> >
> >
> org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208)
> >
> >
> org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:185)
> > org.springframework.webflow.engine.State.enter(State.java:200)
> >
> >
> org.springframework.webflow.engine.Transition.execute(Transition.java:229)
> >
> >
> org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112)
> > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572)
> >
> >
> org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208)
> >
> >
> org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent(FlowExecutionImpl.java:214)
> >
> >
> org.springframework.webflow.executor.FlowExecutorImpl.resume(FlowExecutorImpl.java:245)
> >
> >
> org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:115)
> >
> >
> org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:172)
> >
> >
> org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)
> >
> >
> org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
> >
> >
> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:857)
> >
> >
> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:792)
> >
> >
> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:475)
> >
> >
> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:440)
> > javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
> > javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
> >
> >
> org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
> >
> > cause mère
> >
> > javax.naming.AuthenticationException: [LDAP: error code 49 -
> 80090308:
> > LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data
> 525,
> > vece�]
> > com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3005)
> > com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951)
> > com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2753)
> > com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2667)
> > com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:287)
> >
> >
> com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
> >
> >
> com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
> >
> >
> com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
> >
> >
> com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
> >
> >
> javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
> >
> >
> javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
> > javax.naming.InitialContext.init(InitialContext.java:223)
> >
> >
> javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
> >
> >
> org.springframework.ldap.support.LdapContextSource.getDirContextInstance(LdapContextSource.java:59)
> >
> >
> org.springframework.ldap.support.AbstractContextSource.createContext(AbstractContextSource.java:193)
> >
> >
> org.springframework.ldap.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:104)
> >
> > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:263)
> >
> > org.springframework.ldap.LdapTemplate.search(LdapTemplate.java:314)
> >
> >
> org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler.authenticateUsernamePasswordInternal(BindLdapAuthenticationHandler.java:67)
> >
> >
> org.jasig.cas.authentication.handler.support.AbstractUsernamePasswordAuthenticationHandler.doAuthentication(AbstractUsernamePasswordAuthenticationHandler.java:56)
> >
> >
> org.jasig.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler.authenticate(AbstractPreAndPostProcessingAuthenticationHandler.java:58)
> >
> >
> org.jasig.cas.authentication.AuthenticationManagerImpl.authenticate(AuthenticationManagerImpl.java:84)
> >
> >
> org.jasig.cas.CentralAuthenticationServiceImpl.createTicketGrantingTicket(CentralAuthenticationServiceImpl.java:383)
> >
> >
> org.jasig.cas.web.flow.AuthenticationViaFormAction.submit(AuthenticationViaFormAction.java:107)
> > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> >
> >
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> >
> >
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> > java.lang.reflect.Method.invoke(Method.java:597)
> >
> >
> org.springframework.webflow.util.DispatchMethodInvoker.invoke(DispatchMethodInvoker.java:103)
> >
> >
> org.springframework.webflow.action.MultiAction.doExecute(MultiAction.java:136)
> >
> >
> org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:203)
> >
> >
> org.springframework.webflow.engine.AnnotatedAction.execute(AnnotatedAction.java:142)
> >
> >
> org.springframework.webflow.engine.ActionExecutor.execute(ActionExecutor.java:61)
> >
> >
> org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:180)
> > org.springframework.webflow.engine.State.enter(State.java:200)
> >
> >
> org.springframework.webflow.engine.Transition.execute(Transition.java:229)
> >
> >
> org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112)
> > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572)
> >
> >
> org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208)
> >
> >
> org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:185)
> > org.springframework.webflow.engine.State.enter(State.java:200)
> >
> >
> org.springframework.webflow.engine.Transition.execute(Transition.java:229)
> >
> >
> org.springframework.webflow.engine.TransitionableState.onEvent(TransitionableState.java:112)
> > org.springframework.webflow.engine.Flow.onEvent(Flow.java:572)
> >
> >
> org.springframework.webflow.engine.impl.RequestControlContextImpl.signalEvent(RequestControlContextImpl.java:208)
> >
> >
> org.springframework.webflow.engine.impl.FlowExecutionImpl.signalEvent(FlowExecutionImpl.java:214)
> >
> >
> org.springframework.webflow.executor.FlowExecutorImpl.resume(FlowExecutorImpl.java:245)
> >
> >
> org.springframework.webflow.executor.support.FlowRequestHandler.handleFlowRequest(FlowRequestHandler.java:115)
> >
> >
> org.springframework.webflow.executor.mvc.FlowController.handleRequestInternal(FlowController.java:172)
> >
> >
> org.springframework.web.servlet.mvc.AbstractController.handleRequest(AbstractController.java:153)
> >
> >
> org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
> >
> >
> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:857)
> >
> >
> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:792)
> >
> >
> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:475)
> >
> >
> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:440)
> > javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
> > javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
> >
> >
> org.jasig.cas.web.init.SafeDispatcherServlet.service(SafeDispatcherServlet.java:115)
> >
> > note La trace complète de la cause mère de cette erreur est
> disponible
> > dans les fichiers journaux de Apache Tomcat/5.5.26. <http://5.5.26.>
> > Apache Tomcat/5.5.26
> >
> > ------------------------------
> >
> > <?xml version="1.0" encoding="UTF-8"?>
> > <beans xmlns="http://www.springframework.org/schema/beans"
> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> > xmlns:p="http://www.springframework.org/schema/p"
> > xsi:schemaLocation="
> http://www.springframework.org/schema/beans
> > http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">
> > <bean id="authenticationManager"
> >
> class="org.jasig.cas.authentication.AuthenticationManagerImpl">
> > <property name="credentialsToPrincipalResolvers">
> > <list>
> > <bean
> >
> >
> class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"
> > />
> > <bean
> >
> >
> class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver"
> > />
> > </list>
> > </property>
> >
> > <property name="authenticationHandlers">
> > <list>
> > <bean
> >
> class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
> > p:httpClient-ref="httpClient" />
> > <!-- BEGIN: Company AD EUROPE Handler -->
> > <bean
> > class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler">
> > <property name="filter" value="sAMAccountName=%u" />
> > <property name="searchBase"
> > value="OU=Subsidiaries,DC=eu,DC=company,DC=com" />
> > <property name="contextSource" ref="contextSourceEU" />
> > <property name="ignorePartialResultException" value="yes" />
> > </bean>
> > <!-- END: Company AD EUROPE Handler -->
> >
> > <!-- BEGIN: Company AD AMERICA Handler -->
> > <bean
> > class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler">
> > <property name="filter" value="sAMAccountName=%u" />
> > <property name="searchBase"
> > value="OU=Subsidiaries,DC=am,DC=company,DC=com" />
> > <property name="contextSource" ref="contextSourceAM" />
> > <property name="ignorePartialResultException" value="yes" />
> > </bean>
> > <!-- END: Company AD AMERICA Handler -->
> >
> > </list>
> > </property>
> > </bean>
> >
> > <!-- BEGIN: Company AD EUROPE AuthenticatedLdapContextSource -->
> > <bean id="contextSourceEU"
> >
> class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
> > <property name="urls">
> > <list>
> > <value>ldap://sdceuces01.eu.company.com/
> > <http://sdceuces01.eu.company.com/></value>
> > </list>
> > </property>
> > <property name="userName" value="CN=eu_svc,OU=System
> > Services,OU=Users,OU=Users
> > Groups,OU=FRA,OU=Subsidiaries,DC=eu,DC=company,DC=com"/>
> > <property name="password" value="***********"/>
> > <property name="baseEnvironmentProperties">
> > <map>
> > <entry>
> > <key>
> > <value>java.naming.security.authentication</value>
> > </key>
> > <value>simple</value>
> > </entry>
> > </map>
> > </property>
> > </bean>
> > <!-- END: Company AD EUROPE AuthenticatedLdapContextSource -->
> >
> > <!-- BEGIN: Company AD AMERICA AuthenticatedLdapContextSource -->
> > <bean id="contextSourceAM"
> >
> class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource">
> > <property name="urls">
> > <list>
> > <value>ldap://sdcamces01.am.company.com/
> > <http://sdcamces01.am.company.com/></value>
> > </list>
> > </property>
> > <property name="userName" value="CN=am_svc,OU=System
> > Services,OU=Users,OU=Users
> > Groups,OU=USA,OU=Subsidiaries,DC=am,DC=company,DC=com"/>
> > <property name="password" value="**************"/>
> > <property name="baseEnvironmentProperties">
> > <map>
> > <entry>
> > <key>
> > <value>java.naming.security.authentication</value>
> > </key>
> > <value>simple</value>
> > </entry>
> > </map>
> > </property>
> > </bean>
> > <!-- END: Company AD AMERICA AuthenticatedLdapContextSource -->
> >
> > <bean id="userDetailsService"
> > class="org.acegisecurity.userdetails.memory.InMemoryDaoImpl">
> > <property name="userMap">
> > <value>
> > </value>
> > </property>
> > </bean>
> >
> > <bean id="attributeRepository"
> >
> > class="org.jasig.services.persondir.support.StubPersonAttributeDao">
> > <property name="backingMap">
> > <map>
> > <entry key="uid" value="uid" />
> > <entry key="eduPersonAffiliation" value="eduPersonAffiliation"
> />
> > <entry key="groupMembership" value="groupMembership" />
> > </map>
> > </property>
> > </bean>
> >
> > <bean
> > id="serviceRegistryDao"
> > class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl" />
> > </beans>
> >
> > _______________________________________________
> > Yale CAS mailing list
> > cas at tp.its.yale.edu <mailto:cas at tp.its.yale.edu>
> > http://tp.its.yale.edu/mailman/listinfo/cas
> >
> >
>
> _______________________________________________
> Yale CAS mailing list
> cas at tp.its.yale.edu
> http://tp.its.yale.edu/mailman/listinfo/cas
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://tp.its.yale.edu/pipermail/cas/attachments/20080918/be990636/attachment.html
More information about the cas
mailing list