| |
unable to get sub error code with DIGEST-MD5 |
|
|
Subject: unable to get sub error code with DIGEST-MD5
Author: nirmaldasb
In response to: Authentication issue to ActiveDirectory
Posted on: 07/14/2009 05:33:00 AM
Hi all,
When an authenitication gets failed with DIGEST-MD-5 mechanisum for any reason like user not eixst/wrong password/account disabled iam not able to get exact sub-error code. always i am getting same like given below.
[LDAP: error code 49 - 8009030C: LdapErr: DSID-0C09043E, comment: AcceptSecurityContext error, data 0, vece
Can any one help, how to get sub-error code here.
Hashtable env = new Hashtable();
//env.put(Context.SECURITY_PROTOCOL, "GSSAPI");
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION, "DIGEST-MD5");
env.put(Context.PROVIDER_URL, "ldap://xxxx.domain.com:389/"); // SET YOUR SERVER AND STARTING CONTEXT HERE
env.put(Context.SECURITY_PRINCIPAL, "testuser1"); // SET USER THAT CAN SEARCH AND MODIFY FULL NAME HERE
env.put(Context.SECURITY_CREDENTIALS, "xxxxxx"); // SET PASSWORD HERE
env.put("com.sun.jndi.ldap.trace.ber", System.err); //debug trace
// env.put("java.naming.ldap.version", "3");
// env.put(LdapContext.CONTROL_FACTORIES, "com.sun.jndi.ldap.ControlFactory");
DirContext ctx = new InitialLdapContext(env,null);
>
> On 09/29/2008 10:09:48 AM bill_comer wrote:
Hi there,
I am struggling to authenticate to an AD 2003 LDAP. I am using acegi 1.0.3 and spring 1.2.7
I have various tests that allow me to perform things like userSearch but authentication fails. Any clues please.
My simplest test fails at the line:
LdapUserDetailsImpl.Essence userEssence = (LdapUserDetailsImpl.Essence) template.retrieveEntry(userDn,
userDetailsMapper, null);
with the Exception:
org.acegisecurity.BadCredentialsException: Bad credentials; nested exception is
javax.naming.AuthenticationException: [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C09043E, comment: AcceptSecurityContext error, data 0, vece
public void testFromJava() throws NamingException
{
String user = "user1";
String password = "secret";
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL,
"ldap://ut-ad-01:389/DC=Testusers,DC=foo,DC=co,DC=uk");
env.put(Context.SECURITY_AUTHENTICATION,
"DIGEST-MD5");
env.put(Context.SECURITY_PRINCIPAL, user);
env.put(Context.SECURITY_CREDENTIALS, password);
env.put("com.sun.jndi.ldap.trace.ber", System.err);
DirContext ctx = new InitialDirContext(env);
String userDn = "DC=" + user + ",DC=Testusers,DC=foo,DC=co,DC=uk";
LdapUserDetailsMapper userDetailsMapper = new LdapUserDetailsMapper();
LdapTemplate template = new LdapTemplate(initialDirContextFactory, userDn, password);
LdapUserDetailsImpl.Essence userEssence = (LdapUserDetailsImpl.Essence) template.retrieveEntry(userDn,
userDetailsMapper, null);
ctx.close();
}
the bean for my initialDirContextFactory is:
<bean id="initialDirContextFactory"
parent="utilisoftActiveDirectoryDirContextFactory">
</bean>
<bean id="utilisoftActiveDirectoryDirContextFactory"
class="org.acegisecurity.ldap.DefaultInitialDirContextFactory">
<constructor-arg
value="ldap://ut-ad-01:389/DC=formfill,DC=co,DC=uk" />
<property name="managerDn">
<value>admin</value>
</property>
<property name="managerPassword">
<value>g0ldf1sh</value>
</property>
<property name="authenticationType">
<value>DIGEST-MD5</value>
</property>
</bean>
References:
|
|
|
|
