【问题标题】:CAS 4.2.x deployerConfigContext.xml to connect to LDAPCAS 4.2.x deployerConfigContext.xml 连接到 LDAP
【发布时间】:2017-04-17 14:25:32
【问题描述】:

谁能分享 CAS 4.2.x deployerConfigContext.xml 以连接到 LDAP?

我正在使用以下配置,但 LDAP 身份验证失败:

错误 [org.ldaptive.pool.BlockingConnectionPool] -

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:context="http://www.springframework.org/schema/context"
       xmlns:p="http://www.springframework.org/schema/p"
       xmlns:c="http://www.springframework.org/schema/c"
       xmlns:aop="http://www.springframework.org/schema/aop"
       xmlns:tx="http://www.springframework.org/schema/tx"
       xmlns:util="http://www.springframework.org/schema/util"
       xmlns:sec="http://www.springframework.org/schema/security"
       xmlns:ldaptive="http://www.ldaptive.org/schema/spring-ext"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
       http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
       http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
       http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
       http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
       http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
       http://www.ldaptive.org/schema/spring-ext http://www.ldaptive.org/schema/spring-ext.xsd">

    <bean id="ldapAuthenticationHandler"
        class="org.jasig.cas.authentication.LdapAuthenticationHandler"
              p:principalIdAttribute="sAMAccountName"
              c:authenticator-ref="authenticator">
            <property name="principalAttributeMap">
                <map>
                    <entry key="displayName" value="simpleName" />
                    <entry key="mail" value="email" />
                    <entry key="memberOf" value="membership" />
                </map>
            </property>
    </bean>

    <ldaptive:ad-authenticator id="authenticator"
        ldapUrl="xxxx"
        userFilter="uid={user}"
        bindDn="cn=Directory Manager,dc=uss,dc=net"
        bindCredential="xxxx"
        allowMultipleDns="false"
        connectTimeout="3000"
        validateOnCheckOut="false"
        failFastInitialize="true"
        blockWaitTime="3000"
        idleTime="600"
        baseDn="ou=Users,ou=Unsorted,ou=xxxx,dc=uss,dc=net"
        maxPoolSize="10"
        minPoolSize="1"
        validatePeriodically="true"
        validatePeriod="300"
        prunePeriod="300"
        useSSL="false"
        subtreeSearch="true"
        useStartTLS="false" />


    <util:map id="authenticationHandlersResolvers">
        <entry key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" />
        <entry key-ref="ldapAuthenticationHandler" value-ref="primaryPrincipalResolver" />
        <!-- <entry key-ref="primaryAuthenticationHandler" value-ref="primaryPrincipalResolver" /> -->
    </util:map>

    <util:list id="authenticationMetadataPopulators">
        <ref bean="successfulHandlerMetaDataPopulator" />
        <ref bean="rememberMeAuthenticationMetaDataPopulator" />
    </util:list>

    <bean id="attributeRepository" class="org.jasig.services.persondir.support.NamedStubPersonAttributeDao"
          p:backingMap-ref="attrRepoBackingMap" />

    <alias name="acceptUsersAuthenticationHandler" alias="primaryAuthenticationHandler" />
    <alias name="personDirectoryPrincipalResolver" alias="primaryPrincipalResolver" />

    <util:map id="attrRepoBackingMap">
        <entry key="uid" value="uid" />
        <entry key="eduPersonAffiliation" value="eduPersonAffiliation" />
        <entry key="groupMembership" value="groupMembership" />
        <entry>
            <key><value>memberOf</value></key>
            <list>
                <value>faculty</value>
                <value>staff</value>
                <value>org</value>
            </list>
        </entry>
    </util:map>

    <alias name="serviceThemeResolver" alias="themeResolver" />

    <alias name="jsonServiceRegistryDao" alias="serviceRegistryDao" />

    <alias name="defaultTicketRegistry" alias="ticketRegistry" />

    <alias name="ticketGrantingTicketExpirationPolicy" alias="grantingTicketExpirationPolicy" />
    <alias name="multiTimeUseOrTimeoutExpirationPolicy" alias="serviceTicketExpirationPolicy" />

    <alias name="anyAuthenticationPolicy" alias="authenticationPolicy" />
    <alias name="acceptAnyAuthenticationPolicyFactory" alias="authenticationPolicyFactory" />

    <bean id="auditTrailManager"
          class="org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager"
          p:entrySeparator="${cas.audit.singleline.separator:|}"
          p:useSingleLine="${cas.audit.singleline:false}"/>

    <alias name="neverThrottle" alias="authenticationThrottle" />

    <util:list id="monitorsList">
        <ref bean="memoryMonitor" />
        <ref bean="sessionMonitor" />
    </util:list>

    <alias name="defaultPrincipalFactory" alias="principalFactory" />
    <alias name="defaultAuthenticationTransactionManager" alias="authenticationTransactionManager" />
    <alias name="defaultPrincipalElectionStrategy" alias="principalElectionStrategy" />
    <alias name="tgcCipherExecutor" alias="defaultCookieCipherExecutor" />
</beans>

【问题讨论】:

    标签: java spring cas


    【解决方案1】:

    这通常意味着与 ldap 的连接失败。确保您的凭据、URL 和其他设置正确。

    【讨论】:

    • 还更改了 userFilter="sAMAccountName={user}"
    猜你喜欢
    • 1970-01-01
    • 1970-01-01
    • 2012-05-19
    • 2012-12-05
    • 2012-06-01
    • 1970-01-01
    • 1970-01-01
    • 2016-01-09
    • 2014-08-31
    相关资源
    最近更新 更多