Announcement Announcement Module
Collapse
No announcement yet.
Grails Ldap/Gldapo Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Grails Ldap/Gldapo

    Hi all,

    I am using STS groovy and grails and ldap plugin to login and perform searches for groups and users in active directory through LDAP.

    For the login I use the spring-security-ldap which works fine, if it gets request I will post the related config.

    For search however it is a different story. I get the following:

    ################################################## ####
    Class
    javax.naming.PartialResultException
    Message
    Unprocessed Continuation Reference(s)


    Line | Method
    ->> 2846 | processReturnCode in com.sun.jndi.ldap.LdapCtx
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    | 2820 | processReturnCode in ''
    | 1829 | searchAux . . . . in ''
    | 1752 | c_search in ''
    | 368 | p_search . . . . in com.sun.jndi.toolkit.ctx.ComponentDirContext
    | 338 | search in com.sun.jndi.toolkit.ctx.PartialCompositeDirContex t
    | 257 | search . . . . . in javax.naming.directory.InitialDirContext
    | 162 | nonPagedSearch in gldapo.GldapoDirectory
    | 144 | search . . . . . in ''
    | 374 | doCall in gldapo.schema.GldapoSchemaClassInjecto$__clinit__c losure35
    | 390 | doCall . . . . . in gldapo.schema.GldapoSchemaClassInjecto$__clinit__c losure38
    | 12 | index in GroupController.groovy
    | 886 | runTask . . . . . in java.util.concurrent.ThreadPoolExecutor$Worker
    | 908 | run in ''
    ^ 662 | run . . . . . . . in java.lang.Thread
    ################################################## ####
    Here is the code

    Config.groovy

    ldap {
    directories {
    group {
    url = "ldap://myserver:389"
    base = "dc=xxx,dc=xxxx,dc=xx,dc=xx"
    userDn = "cn=xxxxxxxxxxxxxxxx, cn=xxxx, dc=xxxxxx,dc=xxxxxxx,dc=xx,dc=xx"
    password = "xxxxxxx"
    searchControls {
    countLimit = 40
    timeLimit = 600
    searchScore = "subtree"
    derefLinkFlag = true
    }
    }
    }

    schemas = [
    my.app.package.Group
    ]
    }

    #######################
    Group.groovy

    @GldapoSchemaFilter("(objectclass=group)")
    class Group {
    @GldapoNamingAttribute
    String cn
    Set members
    @GldapoSynonymFor("mgr")
    String manager
    }

    ########################
    GroupController.groovy

    class GroupController {

    def index() {
    List matches = Group.findAll()
    println matches

    // List matches = Group.findAll(
    // directory: "group",
    // filter: "(sn=searchkeyword*)"
    // )
    }
    }

    #############################
    error.log

    2012-02-06 11:20:06,345 ["http-bio-8080"-exec-8] ERROR errors.GrailsExceptionResolver - PartialResultException occurred when processing request: [GET] /myapp/group/index
    Unprocessed Continuation Reference(s). Stacktrace follows:
    javax.naming.PartialResultException: Unprocessed Continuation Reference(s); remaining name '/'
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCt x.java:2846)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCt x.java:2820)
    at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1 829)
    at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:17 52)
    at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_sea rch(ComponentDirContext.java:368)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContex t.search(PartialCompositeDirContext.java:338)
    at javax.naming.directory.InitialDirContext.search(In itialDirContext.java:257)
    at gldapo.GldapoDirectory.nonPagedSearch(GldapoDirect ory.groovy:162)
    at gldapo.GldapoDirectory.search(GldapoDirectory.groo vy:144)
    at gldapo.schema.GldapoSchemaClassInjecto$__clinit__c losure35.doCall(GldapoSchemaClassInjecto.groovy:37 4)
    at gldapo.schema.GldapoSchemaClassInjecto$__clinit__c losure38.doCall(GldapoSchemaClassInjecto.groovy:39 0)
    at uk.co.newsint.yphoenix.ldap.GroupController.index( GroupController.groovy:12)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run Task(ThreadPoolExecutor.java:886)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:908)
    at java.lang.Thread.run(Thread.java:662)
    ###############################################

    Any ideas how to resolve this? I feel that I am missing something trivial...

    Many thanks,
    --G

  • #2
    Figured out the problem, it was a typo. Instead of 'searchScope' I had 'searchScore'

    Search is working now and returns all groups.

    Comment


    • #3
      I am glad it worked for you. I am new to grails and need to know how to authenticate & authorize using ldap. Any example that you can provide will be helpfull? My ldap configuration is different per environment and are stored in resource entrees on the websphere server. All I have right now is a login page with j_security as the action.
      I need to redirect to login page from any where if users is not logged in and redirect to home page. Ans I need to use ldap for authorize. I see some kind of examples here and there but could not follow.

      Comment


      • #4
        I think you should start by going through this link, it helped me a lot.

        http://blog.springsource.com/2010/08...y-with-grails/

        Comment


        • #5
          Thank you,

          My only requirement is to authenticate using LDAP. From your above example what I understood is Config.groovy params gets loaded into Group class, if so how do override these values with new ones. my ldap configuration is environment dependent and I get form server resources. Which call tells the login is successfull?
          Do we need to change the action attribute of the login form? We have a login form with j_Security_check, this was kind of working but got broken and now we need to authenticate using LDAP.
          So here is what I think are requried to get this working.
          1 - That spring security core plugin + ldap plugin must be installed
          2 - A login page not sure of the action?
          3 - A controller ?
          4 - Define the ldap attributes in Config.groovy - How to override?

          Thank you for your time? again I am new to grails.

          Comment


          • #6
            Scganta,

            If you went through the tutorial on the link I gave you, you will see that the author runs the command s2-quickstart after the installation of spring security core plugin and you get domain class, controllers and views (= login page) out of it.

            Plugins you need,

            Spring Security Core Plugin: http://grails.org/plugin/spring-security-core
            Grails-Spring-Security-LDAP: http://grails.org/plugin/spring-security-ldap
            (read docs, shows you how to configure it in Config.groovy)

            In my case I use the Grails LDAP (GLDAPO) plugin because I perform other operations such as lookups. Plus, LDAP is only a protocol, I authenticate against MS Active Directory, so you will have to sort out any idiosyncrasies of the LDAP enabled directory you are trying to authenticate against.

            --G

            Comment

            Working...
            X