问题:
原因:组织。springframework。ldap。AuthenticationException:[LDAP:错误代码49-80090308:
咸昀
我尝试使用ldap-server,它是Microsoft Active Directory。这些“tree”具有以下结构:
com/
name/
corp/
ger/
Workers/
(超过1000个条目)和工人以下,有以下条目开始:
CN=Mustermann,\Max
CN=...
CN=....
等等
我使用的框架是cuba studio。我必须申报以下财产:
cuba.web.requirePasswordForNewUsers = false
cuba.web.ldap.enabled = true
cuba.web.ldap.urls = ldap://corpldap.name.com:3268
cuba.web.ldap.base = OU=Workers,DC=ger,DC=corp,DC=name,DC=com
cuba.web.ldap.user = CN=Mustermann Max,OU=Workers,DC=ger,DC=corp,DC=name,DC=com
cuba.web.ldap.password = PASSWORD
cuba.web.standardAuthenticationUsers = admin
cuba.web.ldap.userLoginField = sAMAccountName
但是,当我尝试使用它时,我得到了以下异常:
com.haulmont.cuba.security.global.InternalAuthenticationException: Exception is thrown by login provider
at com.haulmont.cuba.web.security.ConnectionImpl.loginInternal(ConnectionImpl.java:225) ~[cuba-web-6.8.8.jar:6.8.8]
at com.haulmont.cuba.web.security.ConnectionImpl.login(ConnectionImpl.java:89) ~[cuba-web-6.8.8.jar:6.8.8]
at com.haulmont.cuba.web.app.loginwindow.AppLoginWindow.doLogin(AppLoginWindow.java:342) [cuba-web-6.8.8.jar:6.8.8]
at com.haulmont.cuba.web.app.loginwindow.AppLoginWindow.doLogin(AppLoginWindow.java:311) [cuba-web-6.8.8.jar:6.8.8]
at com.haulmont.cuba.web.app.loginwindow.AppLoginWindow.login(AppLoginWindow.java:257) [cuba-web-6.8.8.jar:6.8.8]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_151]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_151]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_151]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_151]
at com.haulmont.cuba.gui.xml.DeclarativeAction.actionPerform(DeclarativeAction.java:92) [cuba-gui-6.8.8.jar:6.8.8]
at com.haulmont.cuba.web.gui.components.WebButton.performAction(WebButton.java:44) [cuba-web-6.8.8.jar:6.8.8]
at com.haulmont.cuba.web.gui.components.WebButton.lambda$new$61446b05$1(WebButton.java:36) [cuba-web-6.8.8.jar:6.8.8]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_151]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_151]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_151]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_151]
at com.vaadin.event.ListenerMethod.receiveEvent(ListenerMethod.java:510) ~[vaadin-server-7.7.13.cuba.9.jar:7.7.13.cuba.9]
at com.vaadin.event.EventRouter.fireEvent(EventRouter.java:200) ~[vaadin-server-7.7.13.cuba.9.jar:7.7.13.cuba.9]
at com.vaadin.event.EventRouter.fireEvent(EventRouter.java:163) ~[vaadin-server-7.7.13.cuba.9.jar:7.7.13.cuba.9]
at com.vaadin.server.AbstractClientConnector.fireEvent(AbstractClientConnector.java:1037) ~[vaadin-server-7.7.13.cuba.9.jar:7.7.13.cuba.9]
at com.vaadin.ui.Button.fireClick(Button.java:377) ~[vaadin-server-7.7.13.cuba.9.jar:7.7.13.cuba.9]
at com.haulmont.cuba.web.toolkit.ui.CubaButton.fireClick(CubaButton.java:54) ~[cuba-web-6.8.8.jar:6.8.8]
at com.vaadin.ui.Button$1.click(Button.java:54) ~[vaadin-server-7.7.13.cuba.9.jar:7.7.13.cuba.9]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_151]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_151]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_151]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_151]
at com.vaadin.server.ServerRpcManager.applyInvocation(ServerRpcManager.java:158) ~[vaadin-server-7.7.13.cuba.9.jar:7.7.13.cuba.9]
at com.vaadin.server.ServerRpcManager.applyInvocation(ServerRpcManager.java:119) ~[vaadin-server-7.7.13.cuba.9.jar:7.7.13.cuba.9]
at com.vaadin.server.communication.ServerRpcHandler.handleInvocation(ServerRpcHandler.java:444) ~[vaadin-server-7.7.13.cuba.9.jar:7.7.13.cuba.9]
at com.vaadin.server.communication.ServerRpcHandler.handleInvocations(ServerRpcHandler.java:409) ~[vaadin-server-7.7.13.cuba.9.jar:7.7.13.cuba.9]
at com.vaadin.server.communication.ServerRpcHandler.handleRpc(ServerRpcHandler.java:274) ~[vaadin-server-7.7.13.cuba.9.jar:7.7.13.cuba.9]
at com.vaadin.server.communication.UidlRequestHandler.synchronizedHandleRequest(UidlRequestHandler.java:90) ~[vaadin-server-7.7.13.cuba.9.jar:7.7.13.cuba.9]
at com.vaadin.server.SynchronizedRequestHandler.handleRequest(SynchronizedRequestHandler.java:41) ~[vaadin-server-7.7.13.cuba.9.jar:7.7.13.cuba.9]
at com.vaadin.server.VaadinService.handleRequest(VaadinService.java:1435) ~[vaadin-server-7.7.13.cuba.9.jar:7.7.13.cuba.9]
at com.vaadin.server.VaadinServlet.service(VaadinServlet.java:361) ~[vaadin-server-7.7.13.cuba.9.jar:7.7.13.cuba.9]
at com.haulmont.cuba.web.sys.CubaApplicationServlet.serviceAppRequest(CubaApplicationServlet.java:300) ~[cuba-web-6.8.8.jar:6.8.8]
at com.haulmont.cuba.web.sys.CubaApplicationServlet.service(CubaApplicationServlet.java:191) ~[cuba-web-6.8.8.jar:6.8.8]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:742) ~[servlet-api.jar:na]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) ~[catalina.jar:8.5.23]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.23]
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) ~[tomcat-websocket.jar:8.5.23]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.23]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.23]
at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:107) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
at org.springframework.web.filter.CompositeFilter.doFilter(CompositeFilter.java:73) ~[spring-web-4.3.12.RELEASE.jar:4.3.12.RELEASE]
at com.haulmont.cuba.web.sys.CubaHttpFilter.doFilter(CubaHttpFilter.java:107) ~[cuba-web-6.8.8.jar:6.8.8]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[catalina.jar:8.5.23]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[catalina.jar:8.5.23]
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) ~[catalina.jar:8.5.23]
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) ~[catalina.jar:8.5.23]
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:478) ~[catalina.jar:8.5.23]
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:140) ~[catalina.jar:8.5.23]
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81) ~[catalina.jar:8.5.23]
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650) ~[catalina.jar:8.5.23]
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87) ~[catalina.jar:8.5.23]
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) ~[catalina.jar:8.5.23]
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:803) ~[tomcat-coyote.jar:8.5.23]
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) ~[tomcat-coyote.jar:8.5.23]
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868) ~[tomcat-coyote.jar:8.5.23]
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1459) ~[tomcat-coyote.jar:8.5.23]
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-coyote.jar:8.5.23]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) ~[na:1.8.0_151]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) ~[na:1.8.0_151]
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-util.jar:8.5.23]
at java.lang.Thread.run(Thread.java:748) ~[na:1.8.0_151]
Caused by: org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 52e, v2580 ]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 52e, v2580 ]
at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:191) ~[spring-ldap-core-2.3.1.RELEASE.jar:2.3.1.RELEASE]
at org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:355) ~[spring-ldap-core-2.3.1.RELEASE.jar:2.3.1.RELEASE]
at org.springframework.ldap.core.support.AbstractContextSource.doGetContext(AbstractContextSource.java:139) ~[spring-ldap-core-2.3.1.RELEASE.jar:2.3.1.RELEASE]
at org.springframework.ldap.core.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:158) ~[spring-ldap-core-2.3.1.RELEASE.jar:2.3.1.RELEASE]
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:357) ~[spring-ldap-core-2.3.1.RELEASE.jar:2.3.1.RELEASE]
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:309) ~[spring-ldap-core-2.3.1.RELEASE.jar:2.3.1.RELEASE]
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:642) ~[spring-ldap-core-2.3.1.RELEASE.jar:2.3.1.RELEASE]
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:578) ~[spring-ldap-core-2.3.1.RELEASE.jar:2.3.1.RELEASE]
at org.springframework.ldap.core.LdapTemplate.authenticate(LdapTemplate.java:1441) ~[spring-ldap-core-2.3.1.RELEASE.jar:2.3.1.RELEASE]
at org.springframework.ldap.core.LdapTemplate.authenticate(LdapTemplate.java:1426) ~[spring-ldap-core-2.3.1.RELEASE.jar:2.3.1.RELEASE]
at org.springframework.ldap.core.LdapTemplate.authenticate(LdapTemplate.java:1359) ~[spring-ldap-core-2.3.1.RELEASE.jar:2.3.1.RELEASE]
at com.haulmont.cuba.web.security.ldap.LdapLoginProvider.authenticateInLdap(LdapLoginProvider.java:131) ~[cuba-web-6.8.8.jar:6.8.8]
at com.haulmont.cuba.web.security.ldap.LdapLoginProvider.login(LdapLoginProvider.java:82) ~[cuba-web-6.8.8.jar:6.8.8]
at com.haulmont.cuba.web.security.ConnectionImpl.loginInternal(ConnectionImpl.java:209) ~[cuba-web-6.8.8.jar:6.8.8]
... 65 common frames omitted
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 52e, v2580 ]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3154) ~[na:1.8.0_151]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3100) ~[na:1.8.0_151]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2886) ~[na:1.8.0_151]
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2800) ~[na:1.8.0_151]
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) ~[na:1.8.0_151]
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) ~[na:1.8.0_151]
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210) ~[na:1.8.0_151]
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153) ~[na:1.8.0_151]
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83) ~[na:1.8.0_151]
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) ~[na:1.8.0_151]
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) ~[na:1.8.0_151]
at javax.naming.InitialContext.init(InitialContext.java:244) ~[na:1.8.0_151]
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) ~[na:1.8.0_151]
at org.springframework.ldap.core.support.LdapContextSource.getDirContextInstance(LdapContextSource.java:42) ~[spring-ldap-core-2.3.1.RELEASE.jar:2.3.1.RELEASE]
at org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:343) ~[spring-ldap-core-2.3.1.RELEASE.jar:2.3.1.RELEASE]
... 77 common frames omitted
我还发现,例外应该是“无效凭据”的东西
https://confluence.atlassian.com/stashkb/ldap-error-code-49-317195698.html
此外,我还开始使用DN=ger\mustermann登录客户端,并且成功了。
有人有办法吗,怎么修?
共有1个答案
秦涵映
您是否在CUBA应用程序中创建了相同的用户?在基本LDAP集成中,LDAP服务器仅用于存储密码。同时,应以某种方式定义用户的访问权限。这就是为什么您必须在CUBA应用程序中创建具有相同登录名的用户。
类似资料:
-
我是ldap新手,我尝试了一个我认为很简单的示例,用一个已经有人为测试设置的ldap实例来测试spring ldap模块。 有关我正在使用的ldap实例的详细信息可以在这里找到:http://blog.stuartlewis.com/2008/07/07/test-ldap-service/comment-page-3/ 我使用了ldap浏览器/管理工具(Softerra ldap Admin),
-
我在网上读了很多类似的问题(堆栈溢出,其他来源),但还找不到解决方案。你看到我的配置有什么问题吗?难道我注定要使用简单的机制,让每个人的密码以明文形式四处移动吗?我不能使用CRAM-MD5和GSSAPI,因为我公司的active directory服务不支持它们。
-
当试图通过Sonarqube连接到LDAP时,我遇到了以下错误: 2016.09.13 09:35:16调试Web[O.S.P.L.LDAPUsersProvider]用户sonartester在2016年找不到。09.13 09:35:16错误Web[O.S.S.A.RealMauthEnticator]身份验证过程中错误org.sonar.api.utils.SonareXception:无法
-
我正试图将我们的应用程序集成到active Directory中。我遵循了以下入门指南:https://grails.org/wiki/acegisecurity%20plugin%20-%20ldap%20tutorial,但我得到了一个错误: [LDAP:错误代码49-无效凭据];嵌套异常是javax.naming.AuthenticationException:[LDAP:错误代码49-无效
-
LDAP:错误代码49-80090308:ldaper:DSID-0C0903A9,注释:AcceptSecurityContext错误,数据52e,v1db1 我知道“52e”代码是用户名有效,但密码无效。我在apache studio中使用了相同的用户名和密码,我成功地建立了到LDAP的连接。 这是我的java代码 我的错误在这一行: 我不知道到底是什么导致了这个错误。
-
我知道“52e”代码是用户名有效,但密码无效。我使用相同的用户名和密码根据Active directory验证用户及其工作状态。 以下是我的java代码: 我不知道为什么会出现这个错误。有人能帮忙吗?