Announcement Announcement Module
Collapse
No announcement yet.
Authenticating User in Active Directory Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Authenticating User in Active Directory

    I am trying to authenticate a valid user against a Active Directory. I say the user is valid because I can authenticate using this user against AD in different application.

    I have the following so far:
    Code:
    	ActiveDirectoryLdapAuthenticationProvider adlap =
    	        new ActiveDirectoryLdapAuthenticationProvider("domain.com", "ldap://ldap.domain.com/");
    	    adlap.setConvertSubErrorCodesToExceptions(true);
    	    UsernamePasswordAuthenticationToken auth =
    	        new UsernamePasswordAuthenticationToken("[email protected]", "password");
    	    adlap.authenticate(auth);

    I get the following error:
    Code:
    Aug 08, 2012 2:52:05 PM org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider handleBindException
    INFO: Active Directory authentication failed: Supplied password was invalid
    org.springframework.security.authentication.BadCredentialsException: Bad credentials
    	at org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider.badCredentials(ActiveDirectoryLdapAuthenticationProvider.java:244)
    	at org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider.bindAsUser(ActiveDirectoryLdapAuthenticationProvider.java:168)
    	at org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider.doAuthentication(ActiveDirectoryLdapAuthenticationProvider.java:111)
    	at org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider.authenticate(AbstractLdapAuthenticationProvider.java:61)
    	at Main.main(Main.java:12)
    From my understanding, it is saying that the password is incorrect but I am sure that the password is correct.

    If I have the following:
    Code:
    new UsernamePasswordAuthenticationToken("username", "password");
    I get:
    Code:
    Aug 08, 2012 3:03:57 PM org.springframework.security.ldap.SpringSecurityLdapTemplate searchForSingleEntryInternal
    INFO: Ignoring PartialResultException
    org.springframework.dao.IncorrectResultSizeDataAccessException: Incorrect result size: expected 1, actual 0
    	at org.springframework.security.ldap.SpringSecurityLdapTemplate.searchForSingleEntryInternal(SpringSecurityLdapTemplate.java:239)
    	at org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider.searchForUser(ActiveDirectoryLdapAuthenticationProvider.java:258)
    	at org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider.doAuthentication(ActiveDirectoryLdapAuthenticationProvider.java:114)
    	at org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider.authenticate(AbstractLdapAuthenticationProvider.java:61)
    	at Main.main(Main.java:12)
    Any links or any information would be greatly appreciated.

  • #2
    I got a solution without using beans, if you are not familiar. This is by no way a solid solution, something that you can quickly do without having prior knowledge of IoC.

    Code:
    		try {  
    		    LdapContextSource ldapContextSource = new LdapContextSource();
    		    ldapContextSource.setUrl("ldap://ldap.server.com/");
    		    ldapContextSource.setBase("dc=ldap,dc=server,dc=com");
    		    ldapContextSource.setUserDn(username + "@domain.com");
    		    ldapContextSource.setPassword(password);
    		    try {
    		    	// initialize the context
    		    	ldapContextSource.afterPropertiesSet();
    		    } catch (Exception e) {
    		    	e.printStackTrace();	
    		    }
    		    
    		    LdapTemplate ldapTemplate = new LdapTemplate(ldapContextSource);
    		   
    			ldapTemplate.setIgnorePartialResultException(true); // Active Directory doesn’t transparently handle referrals. This fixes that.
    			AndFilter filter = new AndFilter();
    			filter.and(new EqualsFilter("sAMAccountName", username));
    
    		    try {
    		    	ldapTemplate.authenticate(DistinguishedName.EMPTY_PATH, filter.toString(), password);
    		    
    			    // SpringPerson extension of Person class from Spring
                                SpringPerson person = (SpringPerson) ldapTemplate.lookup("cn="+ username +", ou=Users,ou=group", new PersonAttributesMapper());
    			    
    			    System.out.println("Full Name:" +person.fullName);
    			    System.out.println("Username: "+ person.username);
    			    System.out.println("Groups:" + person.memberOf);
    				    userDisplay.setText(person.toString());
    		    }
    		    catch(org.springframework.ldap.AuthenticationException ee)
    		    {
    		    	userDisplay.setText("Invalid Username/Password");
    		    }
    			} catch (Exception e) {			
    				e.printStackTrace();
    			}
    Last edited by TakashiKun; Aug 13th, 2012, 01:58 PM.

    Comment

    Working...
    X