Announcement Announcement Module
Collapse
No announcement yet.
Acegi Plugin Exception: No such property: domainClass for LdapUserDetailsImpl Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Acegi Plugin Exception: No such property: domainClass for LdapUserDetailsImpl

    I have the Acegi plugin installed in an example web app and when I visit the User, Role or Requestmap, I get the following exception:

    SecurityConfig.groovy: Loading LDAP Config...
    SecurityConfig.groovy: Setting up request map...
    2010-04-22 15:19:20,377 [http-8080-1] ERROR errors.GrailsExceptionResolver - No such property: domainClass for class: org.springframework.security.userdetails.ldap.Ldap UserDetailsImpl
    groovy.lang.MissingPropertyException: No such property: domainClass for class: org.springframework.security.userdetails.ldap.Ldap UserDetailsImpl
    at AcegiGrailsPlugin$_addControllerMethods_closure23. doCall(AcegiGrailsPlugin.groovy:926)
    at AcegiGrailsPlugin$_addControllerMethods_closure23. doCall(AcegiGrailsPlugin.groovy)
    at RoleController$_closure1.doCall(RoleController.gro ovy:15)
    at RoleController$_closure1.doCall(RoleController.gro ovy)
    at java.lang.Thread.run(Thread.java:619)
    Searching through the code, I see plenty of domainClass fields but not one for LdapUserDetailsImpl.

    My resources.config has:

    import org.springframework.security.ldap.DefaultSpringSec urityContextSource;
    import org.springframework.security.userdetails.ldap.Ldap UserDetailsMapper;
    import org.codehaus.groovy.grails.plugins.springsecurity. *;

    beans = {

    println "resources.groovy: ..."

    //
    // Acegi configuration:
    //
    println "resources.groovy: Acegi configuration..."
    def conf = AuthorizeTools.securityConfig.security
    // Initialize Acegi LDAP Context to support referral.
    contextSource(DefaultSpringSecurityContextSource, conf.ldapServer) {
    userDn = conf.ldapManagerDn
    password = conf.ldapManagerPassword
    baseEnvironmentProperties = ['java.naming.referral': 'follow']
    }
    // The Acegi plugin assumes that there's a user in the database with the same username as the LDAP user.
    // If you don't have user data in the database we'll get exceptions.
    // This workaround will allow us to keep everything in AD.
    ldapUserDetailsMapper(LdapUserDetailsMapper) {
    passwordAttributeName = conf.ldapPasswordAttributeName
    }
    }
    and my SecurityConfig.groovy (configured for AD) is:

    security {

    // see DefaultSecurityConfig.groovy for all settable/overridable properties

    active = true
    loginUserDomainClass = "User"
    authorityDomainClass = "Role"
    requestMapClass = "Requestmap"

    // Use Active Directory to access users but not Roles.
    println "SecurityConfig.groovy: Loading LDAP Config..."
    useLdap = true
    ldapSearchSubtree = true
    ldapServer = 'ldap://amnas.sygen.sygeninternational.com:389'
    ldapManagerDn = 'CN=Portal Admin,OU=Users,OU=IS,OU=Hendersonville,OU=Americas ,DC=Sygen,DC=Sygeninternational,DC=com'
    ldapManagerPassword = 'SeeKret'
    ldapSearchBase = 'dc=sygen,dc=sygeninternational,dc=com'
    ldapSearchFilter = '(sAMAccountName={0})'
    ldapGroupRoleAttribute = 'CN'
    ldapGroupSearchBase = 'dc=sygen,dc=sygeninternational,dc=com'
    ldapGroupSearchFilter = '(member={0})'
    ldapRetrieveGroupRoles = true
    ldapRetrieveDatabaseRoles = true


    println "SecurityConfig.groovy: Setting up request map..."
    useRequestMapDomainClass = true;
    requestMapString = '''
    CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
    PATTERN_TYPE_APACHE_ANT
    '''
    }


    The ROLE_APP-GMS-MP-USERS is stored in Active Directory. The ROLE_ADMIN and ROLE_SUPER is in the database. The requestmap in the
    database is not currently protecting /user, /role, or /requestmap.

    Can anyone give me a hint? Thanks.

  • #2
    You should ask Grails plugin questions on the Grails user mailing list - most people on this forum don't use Grails: http://grails.org/Mailing+lists

    Comment


    • #3
      Good idea. Thanks.

      Comment

      Working...
      X