Announcement Announcement Module
Collapse
No announcement yet.
LDAP authentication failed error messages translation Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • LDAP authentication failed error messages translation

    Hi,
    I have a requirement to show an error message specific to the nature of authentication failure ( using Spring Security 3 namespace configuration) i.e., if an account is locked after a certain number of failed attempts, the message should read "Your account has been locked...blah blah". The configuration I am using is given below:

    Code:
    <beans:beans xmlns="http://www.springframework.org/schema/security"
    	xmlns:beans="http://www.springframework.org/schema/beans" 
    	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    	xsi:schemaLocation="http://www.springframework.org/schema/beans
               http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
               http://www.springframework.org/schema/security
               http://www.springframework.org/schema/security/spring-security-3.0.3.xsd">
               
               
               ....................
               
               
               <ldap-server url="ldap://HOST:389"/>
               
               <authentication-manager alias="ldapAuthenticatonManager">
    	       	<ldap-authentication-provider group-search-filter="uniqueMember={0}"
    					  group-role-attribute="cn"
    					  group-search-base="ou=org,ou=com"
    					  user-search-base="ou=org,ou=com"
    					  user-search-filter="cn={0}"
    					  user-context-mapper-ref="contextMapper"/>
    	       </authentication-manager>
    	   	
    	   	<beans:bean id="contextMapper" class="com.acompany.ldap.security.UserContextMapper"/>
    </beans:beans>
    After a searching a bit, I found that by default Spring translates all LDAP error codes to "Bad Credential" exception.
    For LDAP error code specific translation , a property (something like subErrorCodeConversion) needs to be set to "true".
    Can this be done using the namespace configuration ( on the lines of code posted above ) ?
    Any help would be greatly appreciated.

  • #2
    See if the FAQ helps

    Comment


    • #3
      Originally posted by rwinch View Post
      See if the FAQ helps
      Thanks for the response!!
      But unfortunately, I could not a property on any of the bean equivalents of the namespace tags which would enable this translation.

      Please help!!

      Comment


      • #4
        In the past I created my own AuthenticationProvider which talks to LDAP instead of using the namespace. I used the Spring LDAP project for the "plumbing" between Spring Security and the LDAP server so there was actually very little code to write, but it gave me more control over things like error messages. I'd recommend you take a look ...

        Comment

        Working...
        X