Announcement Announcement Module
Collapse
No announcement yet.
LDAP access problem Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • LDAP access problem

    in my application i am implementing authentication using ldap, populating authorities from DB. previously its working fine. from today onwards i am getting user details from LDAP, as well as getting javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece null].
    i am new to spring. Please any one help me to solve problem. Please suggest any configuration issues.

    applicationcontext.xml
    ------------------------
    <?xml version="1.0" encoding="UTF-8"?>
    <beans:beans xmlns:security="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:context="http://www.springframework.org/schema/context"
    xsi:schemaLocation="http://www.springframework.org/schema/beans
    http://www.springframework.org/schem...-beans-3.0.xsd
    http://www.springframework.org/schema/security
    http://www.springframework.org/schem...curity-3.1.xsd
    http://www.springframework.org/schema/context
    http://www.springframework.org/schema/context/spring-context.xsd">


    <beans:bean id="ldapAuthenticationProvider"
    class="org.springframework.security.ldap.authentic ation.LdapAuthenticationProvider">
    <beans:constructor-arg ref="authenticator" />
    <beans:constructor-arg ref="populator" />
    <beansroperty name="userDetailsContextMapper" ref="ldapUserDetailsContextMapper"/>
    </beans:bean>
    <beans:bean class="org.springframework.security.ldap.userdetai ls.InetOrgPersonContextMapper" id="ldapUserDetailsContextMapper"/>
    <beans:bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate" >
    <beans:constructor-arg ref="contextSource" />
    </beans:bean>

    <beans:bean id="authenticator"
    class="org.springframework.security.ldap.authentic ation.BindAuthenticator">
    <beans:constructor-arg ref="contextSource" />
    <beansroperty name="userSearch" ref="ldapUserSearch" />
    </beans:bean>
    <beans:bean id="contextSource"
    class="org.springframework.security.ldap.DefaultSp ringSecurityContextSource">
    <beans:constructor-arg index="0" value="ldap://ip:3268/dc=company,dc=COM" />

    <beansroperty name="userDn" value="username={0}"/>

    </beans:bean>
    <beans:bean id="ldapUserSearch"
    class="org.springframework.security.ldap.search.Fi lterBasedLdapUserSearch">
    <beans:constructor-arg value="ou=ADUSERS" />
    <beans:constructor-arg value="(sAMAccountName={0})" />
    <beans:constructor-arg ref="contextSource" />
    <beansroperty name="searchSubtree" value="true" />
    </beans:bean>
    <beans:bean id="populator"
    class="org.springframework.security.ldap.authentic ation.UserDetailsServiceLdapAuthoritiesPopulator">
    <beans:constructor-arg ref="userDetailsService" />
    </beans:bean>

    <beans:bean id="userDetailsService" class="com.auth.service.UserDetailsServiceImpl">

    </beans:bean>

    <context:component-scan base-package="com.auth" />
    <beans:bean id="daoAuthenticationProvider"
    class="org.springframework.security.authentication .dao.DaoAuthenticationProvider">
    <beansroperty name="userDetailsService" ref="userDetailsService" />
    </beans:bean>
    <security:authentication-manager erase-credentials="true">
    <security:authentication-provider
    ref="ldapAuthenticationProvider" />

    </security:authentication-manager>

    <beans:bean id="springSecurityFilterChain"
    class="org.springframework.security.web.FilterChai nProxy">
    <beans:constructor-arg>
    <beans:list>

    <security:filter-chain pattern="/**"
    filters="
    securityContextPersistenceFilterWithASCTrue,
    formLoginFilter,
    exceptionTranslationFilter,
    filterSecurityInterceptor" />
    </beans:list>
    </beans:constructor-arg>
    </beans:bean>

    <security:http pattern="/login.jsp*" security="none" />
    <security:http pattern="/css/*" security="none" />
    <security:http pattern="/images/*" security="none" />
    <security:http use-expressions="true" auto-config="true"
    create-session="always">
    <security:intercept-url pattern="/**"
    access="isAuthenticated()" />
    <security:form-login default-target-url='/welcome.htm'
    authentication-failure-url="/login.jsp?error=true" />
    <security:logout invalidate-session="true"
    logout-success-url="/login.jsp" delete-cookies="JSESSIONID" />

    <security:session-management
    session-fixation-protection="newSession" invalid-session-url="/login.jsp">
    <security:concurrency-control
    max-sessions="1" error-if-maximum-exceeded="true" />
    </security:session-management>

    </security:http>

    </beans:beans>

  • #2
    A quick google gives that LDAP error code 49 and sub code 52e means "invalid credentials".

    Comment


    • #3
      working fine with same credential using normal java class. using spring its not working. is there any configuration issue.

      Comment


      • #4
        I'll need a full stacktrace to help you any further on this.

        Comment


        • #5
          i found mistake. actually in my company ldap user search parameters are changed. i changed those parameters. now its working fine. thanks for replies.

          Comment


          • #6
            i found mistake. actually in my company ldap user search parameters are changed. i changed those parameters. now its working fine. thanks for replies.

            Comment

            Working...
            X