Hi, FWIW : I had a similar problem and the issue whas opendlap side (i suppose that you are using openldap), where the bind was OK but the search of the entry that followed returned no value. Could you verify that self has read permission on "entry" attribute in your tree (ou=personnel,ou=people,dc=unice,dc=fr) ?
Le 17/07/2014 14:06, daniel.char...@unice.fr a écrit : > Hi, > > I have a problem with cas 4 and the connector LDAP. > I think that i can pass the ldap authentication but the > PolicyAuthentication Manager don’t let me pass. > I have seen a post here > (https://groups.google.com/forum/#!msg/jasig-cas-dev/3CyO92Vk8XA/V2RrUs3m4e8J > <https://groups.google.com/forum/#%21msg/jasig-cas-dev/3CyO92Vk8XA/V2RrUs3m4e8J>) > > which say that to resolved my problem i have to edit > ldapAuthenticationHandler and > change by this code : > if (response.getResult()) { > return doPostAuthentication(response); > } > > But the code has changed even if my problem is exactly the same. > > > here my log : > > *----------------------------------------* > *----------------------------------------* > 014-07-17 13:48:40,402 INFO [org.ldaptive.auth.Authenticator] - > Authentication succeeded for dn: > uid=myuser,ou=personnel,ou=people,dc=unice,dc=fr > 2014-07-17 13:48:40,403 DEBUG [org.ldaptive.auth.Authenticator] - > authenticate > response=[org.ldaptive.auth.AuthenticationHandlerResponse@1361780777::connection=[org.ldaptive.DefaultConnectionFactory$DefaultConnection@426627437::config=[org.ldaptive.ConnectionConfig@46831809::ldapUrl=ldap://myldapserveur:389/, > > connectTimeout=3000, responseTimeout=-1, sslConfig=null, useSSL=false, > useStartTLS=false, connectionInitializer=null], > providerConnectionFactory=[org.ldaptive.provider.jndi.JndiConnectionFactory@887911370::connectionCount=1, > > environment={java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, > com.sun.jndi.ldap.connect.timeout=3000, java.naming.ldap.version=3}, > providerConfig=[org.ldaptive.provider.jndi.JndiProviderConfig@844938458::operationExceptionResultCodes=[PROTOCOL_ERROR, > > SERVER_DOWN], properties={}, connectionStrategy=DEFAULT, > environment=null, tracePackets=null, removeDnUrls=true, > searchIgnoreResultCodes=[TIME_LIMIT_EXCEEDED, SIZE_LIMIT_EXCEEDED, > PARTIAL_RESULTS], sslSocketFactory=null, hostnameVerifier=null, > controlProcessor=org.ldaptive.provider.ControlProcessor@6672a60a]], > providerConnection=org.ldaptive.provider.jndi.JndiConnection@fa5edeb], > result=true, resultCode=SUCCESS, message=null, controls=null] for > dn=uid=myuser,ou=personnel,ou=people,dc=unice,dc=fr with > request=[org.ldaptive.auth.AuthenticationRequest@1438545291::user=myuser, > retAttrs=[]] > 2014-07-17 13:48:40,403 DEBUG > [org.jasig.cas.authentication.LdapAuthenticationHandler] - LDAP > response: > [org.ldaptive.auth.AuthenticationResponse@306513608::authenticationResultCode=AUTHENTICATION_HANDLER_SUCCESS, > > ldapEntry=[dn=uid=myuser,ou=personnel,ou=people,dc=unice,dc=fr[]], > accountState=null, result=true, resultCode=SUCCESS, message=null, > controls=null] > 2014-07-17 13:48:40,404 INFO > [org.jasig.cas.authentication.PolicyBasedAuthenticationManager] - > LdapAuthenticationHandler failed authenticating myuser+password > 2014-07-17 13:48:40,412 INFO > [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - > Audit trail record BEGIN > ============================================================= > WHO: audit:unknown > WHAT: supplied credentials: [myuser+password] > ACTION: AUTHENTICATION_FAILED > APPLICATION: CAS > WHEN: Thu Jul 17 13:48:40 CEST 2014 > CLIENT IP ADDRESS: xxxx > SERVER IP ADDRESS: xxx.unice.fr <http://xxx.unice.fr> > ============================================================= > > > 2014-07-17 13:48:40,413 INFO > [com.github.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - > Audit trail record BEGIN > ============================================================= > WHO: audit:unknown > WHAT: 1 errors, 0 successes > ACTION: TICKET_GRANTING_TICKET_NOT_CREATED > APPLICATION: CAS > WHEN: Thu Jul 17 13:48:40 CEST 2014 > CLIENT IP ADDRESS: xxx > SERVER IP ADDRESS: xxx.unice.fr <http://xxx.unice.fr> > *----------------------------------------* > *----------------------------------------* > > > > > > and my deployerConfigContext. (attach file) > > > Someone got an idea ? > Thanks a lot for your responses. > > > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > vincent.rep...@insa-rennes.fr > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > > ----------------------------------------------------------------- > Daniel CHARLOT > D.S.I. Université de Nice Sophia-Antipolis > Administrateur Systèmes et Réseaux > 28, avenue de Valrose - BP 2135 - 06103 NICE > Tél : 04-92-07-67-07 > > > > > > > > > > > -- Vincent Repain INSA de Rennes Centre de ressources informatiques 02.23.23.83.31 -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
