Announcement Announcement Module
Collapse
No announcement yet.
1.3.0 Authentication issue Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • 1.3.0 Authentication issue

    Hi, I am trying to use the authentication method from 1.3

    I tried the same sample posted from the blog "http://blog.jayway.com/2008/10/27/whats-new-in-spring-ldap-13/"

    Here is my code.
    Code:
    public boolean authenticate(String userName, String password)  {
    		
    		boolean result = false;		
    		
    		
    		EqualsFilter filter = new EqualsFilter("uid", userName);
    		
    		// Actual filter will differ depending on LDAP Server and schema
    		List<String> results = ldapTemplate.search("", filter.toString(),
    		new DnContextMapper());
    		
    		if (results.size() != 1) {
    			throw new IncorrectResultSizeDataAccessException(1, results.size());
    		}
    
    		DirContext ctx = null;
    		try {				
    			String uid = results.get(0);
    			logger.debug("Getting context source with principal :"+uid);
    			ctx = contextSource.getContext(uid, password);			
    			result=  true;
    			
    		}catch (Exception e) {
    			logger.error("Exception occured :"+e.getMessage());
    			logger.trace(e);
    		} finally {
    			LdapUtils.closeContext(ctx);
    		}
    		
    		return result;
    	}
    Here is the log output.

    Code:
    [11-11-08:15:51:25- (DEBUG)] com.edu.dao.SpringAuthenticationDAO  : Getting context source with principal :cn=maven_proxy_account,o=The XXX Companies
    [11-11-08:15:51:25- (ERROR)] com.edu.dao.SpringAuthenticationDAO  : Exception occured :[LDAP: error code 32 - No Such Object]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 32 - No Such Object]
    I have verified the credentials for the user [maven_proxy_account] externally and that seems to work fine.

    I notice that DN formation happens properly hence when i supply uid to this function it gets resolved to [cn=maven_proxy_account,o=The XXX Companies]

    Any help appreciated.

    Thanks
    Vignesh

  • #2
    Well, the code works for me. One possible error source would be the DnContextMapper. It should look like this:
    Code:
    private final static class DnContextMapper extends AbstractParameterizedContextMapper<String> {
    	@Override
    	protected String doMapFromContext(DirContextOperations ctx) {
    		return ctx.getNameInNamespace();
    	}
    }
    It's imperative that you use ctx.getNameInNamespace() here as we need to get the absolute DN of the entry - ctx.getDn() will return the relative DN (relative to the ContextSource base path that is).

    Comment


    • #3
      Hi,
      I use it as intended. Here is the complete code.

      " cn=maven_proxy_account,o=The XXX Companies" is the "ABSOLUTE DN" .


      Here is the complete class i use for authentication.

      Code:
      import java.util.List;
      
      import javax.naming.Name;
      import javax.naming.directory.DirContext;
      
      import org.apache.commons.logging.Log;
      import org.apache.commons.logging.LogFactory;
      import org.springframework.dao.IncorrectResultSizeDataAccessException;
      import org.springframework.ldap.core.ContextSource;
      import org.springframework.ldap.core.DirContextOperations;
      import org.springframework.ldap.core.DistinguishedName;
      import org.springframework.ldap.core.simple.AbstractParameterizedContextMapper;
      import org.springframework.ldap.core.simple.SimpleLdapTemplate;
      import org.springframework.ldap.filter.EqualsFilter;
      import org.springframework.ldap.support.LdapUtils;
      
      public class SpringAuthenticationDAO {
      	
      	private Log logger = LogFactory.getLog(this.getClass());
      	
      	private static final Name BASE = DistinguishedName.EMPTY_PATH;
      
      	private SimpleLdapTemplate ldapTemplate;
      	private ContextSource contextSource;
      
      	public void setLdapTemplate(SimpleLdapTemplate ldapTemplate) {
      		this.ldapTemplate = ldapTemplate;
      	}
      
      	public void setContextSource(ContextSource contextSource) {
      		this.contextSource = contextSource;
      	}
      
      	public boolean authenticate(String userName, String password)  {
      		
      		boolean result = false;		
      		
      		
      		EqualsFilter filter = new EqualsFilter("uid", userName);
      		
      		// Actual filter will differ depending on LDAP Server and schema
      		List<String> results = ldapTemplate.search("", filter.toString(),
      		new DnContextMapper());
      		
      		if (results.size() != 1) {
      			throw new IncorrectResultSizeDataAccessException(1, results.size());
      		}
      
      		DirContext ctx = null;
      		try {				
      			String uid = results.get(0);
      			logger.debug("Getting context source with principal :"+uid);
      			ctx = contextSource.getContext(uid, password);			
      			result=  true;
      			
      		}catch (Exception e) {
      			logger.error("Exception occured :"+e.getMessage());
      			logger.trace(e);
      		} finally {
      			LdapUtils.closeContext(ctx);
      		}
      		
      		return result;
      	}
      	
      	
      	private final static class DnContextMapper extends AbstractParameterizedContextMapper<String> {
      		@Override
      		protected String doMapFromContext(DirContextOperations ctx) {
      			return ctx.getNameInNamespace();
      		}
      	}
      	
      }
      Here is the output.

      [11-12-08:09:29:01- (DEBUG)] com.edu.dao.SpringAuthenticationDAO : Getting context source with principal :cn=maven_proxy_account,o=The XXX Companies
      [11-12-08:09:29:01- (ERROR)] com.edu.dao.SpringAuthenticationDAO : Exception occured :[LDAP: error code 32 - No Such Object]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 32 - No Such Object]
      Any help is appreciated. I dont want to go towards "security" modules for this purpose.

      Regards
      Vignesh

      Comment


      • #4
        Could this by any chance be related to this Jira issue?

        Comment


        • #5
          Sorry for all the confusion. I was supplying a wrong context source on the spring injection. A carefull reading on the xml file showed light on the defect.

          Thanks for all the help.

          Regards
          Vignesh

          Comment

          Working...
          X