I am getting errors in grails while trying to use LDAP authentication to find a user using AD authentication is. This code is from the grails I:
@Override throws Public UserDetails loadUserByUsername (String Username) UsernameNotFoundException, DataAccessException {ArrayList & LT; String & gt; Roles = New Array List & lt; String & gt; (2); Roles.add ("ROLE_USER"); Try {GldapoSchemaClassForUser.findAll (directory: "user", filter: "(userPrincipalName = $ {username})") .each {user - & gt; Def User Name = user.cn User Memberoff.ch {groupListing -> String groupname = group aliting. Substring (3, group listing. Indexoff (',')); If (groupName.equals ("Admin")) {roles.add ("ROLE_ADMIN"); } Else if (groupName.equals ("user")) {// nothing}} (throttle e) {System.err.println (e.getMessage ())} new user (username)} When it tries to use this line above it hits the block:
GldapoSchemaClassForUser.findAll (directory: "user", filter: "(userPrincipalName = $ {Username}) ")
Show this error message:
org.springframework.ldap.AuthenticationException: [LDAP: Error code 49 - 80090308 : LdapErr: DSID-0C090334, Comment: AcceptSecurityContext Error, Data 525, vece
Documentation According to the deployment, this error indicates that a 525 error means an invalid user, but I have tested using an LDAP Explorer tool and this user is ok with the same details.
In the app-config file I have the following ldap settings:
- ldap.directories.user.url = ldap: // sbs.testsbs.local
- ldap.directories.user.base = OU = Staff, DC = Skill, DC = Local
- ldap.directories.user.userDn = OU = Staff, DC = Skill, DC = Local
- ldap.directories.user.password = Pa55w0rd
Do anyone have any ideas that I am doing wrong?
Your error is in the appconfig LDAP settings.
ldap.directories.user.userDn after the setting is filled with a container, the same ldap.directories.user.base .
However this should be DN the user object that the search is performing, on some of the ldap.directories.user.userDn = CN = myAppUser , OU = employee, DC = skill, DC = local
525 error means user not found but in this case The related user is in logging, and not for the user you are looking for
Comments
Post a Comment