Hello,
I won't explain how it works because I think I will forget a lot of things,
but I can give you a deployerConfigContext.xml that'is working fine for me.
Not sure you will need everything, but you can adapt it, it should work.
Good luck :)
Marc
On 4 February 2013 12:42, Mckenzie J <[email protected]> wrote:
> Dear all,
>
> I am in the process of integrating my CAS server (v3.5.1) with an LDAP
> running in another machine. I am referring the documentation at
> https://wiki.jasig.org/display/CASUM/LDAP
>
> One quick question here - the documentation talks about configuring an
> LDAP context bean. How do i do this?
>
> leaving it apart, I am successfully able to hit the LDAP but i am
> getting authentication error. I am learning and a newbie in this
> aspect. I am following the searchmode (BindLdapAuthenticationHandler)
> for binding users. On providing the credentials i m getting
> AUTHENTICATION_FAILED in CAS log. I have attached the CAS logs and the
> deployerConfigContext.xml for your referece. Any pointers and guidance
> will help me a lot.
>
> The LDAP entry is attached as a screenshot. Please let me know if i
> am missing anything. I am interested in learning this part.
>
> Thanks,
> Mckenzie
>
> --
> You are currently subscribed to [email protected] as:
> [email protected]
> To unsubscribe, change settings or access archives, see
> http://www.ja-sig.org/wiki/display/JSG/cas-dev
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-dev
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:p="http://www.springframework.org/schema/p";
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd";>
<bean id="authenticationManager"
class="org.jasig.cas.authentication.AuthenticationManagerImpl">
<property name="credentialsToPrincipalResolvers">
<list>
<bean
class="org.jasig.cas.authentication.principal.CredentialsToLDAPAttributePrincipalResolver">
<property name="credentialsToPrincipalResolver">
<bean
class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" />
</property>
<property name="filter" value="(cn=%u)" />
<!-- The attribute used to define the new Principal ID -->
<property name="principalAttributeName" value="cn" />
<property name="searchBase" value="ou=OU,dc=DC,dc=com" />
<property name="contextSource" ref="contextSource" />
<property name="attributeRepository" ref="attribRepository" />
</bean>
<bean
class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" />
</list>
</property>
<property name="authenticationHandlers">
<list>
<bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler"
p:httpClient-ref="httpClient" />
<bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler" >
<property name="filter" value="cn=%u" />
<property name="searchBase" value="ou=OU,dc=DC,dc=com" />
<property name="contextSource" ref="contextSource" />
</bean>
</list>
</property>
</bean>
<bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource">
<property name="anonymousReadOnly" value="false"/>
<!--property name="pooled" value="true"/-->
<property name="pooled" value="false"/>
<property name="urls">
<list>
<value>ldap://192.168.1.2/</value>
</list>
</property>
<property name="userDn" value="cn=admin,dc=DC,dc=com"/>
<property name="password" value="ADMIN_PASSWORD"/>
<property name="baseEnvironmentProperties">
<map>
<entry key="java.naming.security.authentication" value="simple" />
<entry key="com.sun.jndi.ldap.connect.pool.initsize" value="10"/> <!-- default 1 minutes -->
<entry key="com.sun.jndi.ldap.connect.pool.maxsize" value="200"/> <!-- default unlimited -->
<entry key="com.sun.jndi.ldap.connect.pool.prefsize" value="10"/> <!-- default -->
<entry key="com.sun.jndi.ldap.connect.pool.timeout" value="10"/> <!-- default none -->
<entry key="com.sun.jndi.ldap.connect.pool.debug" value="fine"/> <!-- default none -->
</map>
</property>
</bean>
<bean id="userDetailsService" class="org.springframework.security.userdetails.memory.InMemoryDaoImpl">
<property name="userMap">
<value>
admin=notused,ROLE_ADMIN
</value>
</property>
</bean>
<bean id="attribRepository" class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao">
<property name="baseDN" value="ou=personnes,dc=DC,dc=com" />
<property name="contextSource" ref="contextSource" />
<property name="requireAllQueryAttributes" value="true" />
<property name="queryAttributeMapping">
<map>
<entry key="username" value="cn" />
</map>
</property>
<property name="resultAttributeMapping">
<map>
<entry key="uid" value="uid" />
<entry key="mail" value="mail" />
[....]
</map>
</property>
</bean>
<bean
id="serviceRegistryDao"
class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl">
<property name="registeredServices">
<list>
<bean
class="org.jasig.cas.services.RegisteredServiceImpl"
p:id="2"
p:evaluationOrder="6"
p:description="Service"
p:serviceId="*://www.service.com**"
p:name="Service"
p:theme="default"
p:allowedToProxy="true"
p:enabled="true"
p:ssoEnabled="true"
p:anonymousAccess="false">
<property name="allowedAttributes" value="uid,displayName,sn,givenName"/>
</bean>
</list>
</property>
</bean>
</beans>
