Comments (7)
Seems I made it work.
The following worked for me:
auth.ldapServerUrl=ldap://ldapserverurl:3268/dc=domain,dc=com auth.ldapUserSearchFilter=(sAMAccountName={0}) auth.ldapManagerDn=CN=binduser,OU=xxx,OU=yyyy,OU=zzz,DC=domain,DC=com auth.ldapManagerPassword=bindpassword
from api.
Awesome! Thanks @sidbha007 For PR that resolved this!!
from api.
Ok I built latest API and re-ran.
Now I do get the following:
... 49 common frames omitted 2019-07-10 11:16:10,904 [http-nio-8080-exec-6] DEBUG c.c.d.a.ldap.LdapLoginRequestFilter - Authentication request failed: org.springframework.security.authentication.InternalAuthenticationServiceException: invalid attribute description; nested exception is javax.naming.directory.I**nvalidSearchFilterException:** invalid attribute description; remaining name '/' 2019-07-10 11:16:10,904 [http-nio-8080-exec-6] DEBUG c.c.d.a.ldap.LdapLoginRequestFilter - Updated SecurityContextHolder to contain null Authentication 2019-07-10 11:16:10,904 [http-nio-8080-exec-6] DEBUG c.c.d.a.ldap.LdapLoginRequestFilter - Delegating to authentication failure handler org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler@3c28f776
from api.
Removed auth.ldapUserDnPattern & also the double quotes from auth.ldapUserSearchFilter
`# dashboard.properties
dbname=dashboarddb
dbusername=dashboarduser
dbpassword=ENC(xxcxcsdfsfdsdf)
dbhost=127.0.0.1
dbport=27017
dbreplicaset=[false if you are not using MongoDB replicaset]
server.contextPath=/api
server.port=8080
[email protected]@
logging.level.com.capitalone.dashboard=DEBUG
auth.expirationTime=1200000
auth.authenticationProviders=LDAP,STANDARD
#LDAP Server Url, including port of your LDAP server
auth.ldapServerUrl=ldap://ldapserverurl:389/dc=domain,dc=com
If using standard LDAP
LDAP User Dn Pattern, where the username is replaced with '{0}'
auth.ldapUserSearchFilter=(&(objectClass=user)(sAMAccountName={0}))
#Bind DN & Password
auth.ldapBindUser=username
auth.ldapBindPass=password
feature.dynamicPipeline=enabled`
Now I do get the following message:
... 49 common frames omitted 2019-07-10 11:31:04,144 [http-nio-8080-exec-10] DEBUG c.c.d.a.ldap.LdapLoginRequestFilter - Authentication request failed: org.springframework.security.authentication.InternalAuthenticationServiceException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090A4C, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v3839^@]; remaining name '/'
from api.
@sidbha007 do you have any recommendations here?
from api.
we do use bind name + manager password in ldap settings. i'm not too sure, but we could give a try with below config, as something similar is working for us with the exception of additional manager password.
auth.ldapServerUrl=ldap://ldapserverurl:389/
auth.ldapUserSearchFilter=(&(objectClass=user)(sAMAccountName={0}))
auth.ldapManagerDn=DC=domain,DC=com
auth.ldapBindUser=username
auth.ldapBindPass=password
from api.
I do get same issue. Here's how my ldap config looks like:
auth.expirationTime=1200000 auth.authenticationProviders=LDAP,STANDARD auth.ldapServerUrl=ldap://ldapserverurl:389/ auth.ldapUserSearchFilter=(&(objectClass=user)(sAMAccountName={0})) auth.ldapManagerDn=DC=domain,DC=com auth.ldapBindUser=username auth.ldapBindPass=password
Logs:
-07-11 04:31:33,579 [http-nio-8080-exec-10] DEBUG c.c.d.a.ldap.LdapLoginRequestFilter - Authentication request failed: org.springframework.security.authentication.InternalAuthenticationServiceException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090A4C, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v3839]; remaining name '/' 2019-07-11 04:31:33,579 [http-nio-8080-exec-10] DEBUG c.c.d.a.ldap.LdapLoginRequestFilter - Updated SecurityContextHolder to contain null Authentication
from api.
Related Issues (20)
- CVE-2022-38752 (Medium) detected in snakeyaml-1.17.jar - autoclosed HOT 1
- CVE-2022-38751 (Medium) detected in snakeyaml-1.17.jar - autoclosed HOT 1
- CVE-2022-38750 (Medium) detected in snakeyaml-1.17.jar - autoclosed HOT 1
- CVE-2022-38749 (Medium) detected in snakeyaml-1.17.jar - autoclosed HOT 1
- CVE-2021-43980 (Low) detected in tomcat-embed-core-8.5.70.jar - autoclosed HOT 1
- CVE-2022-42004 (High) detected in jackson-databind-2.10.3.jar - autoclosed HOT 1
- CVE-2022-42003 (High) detected in jackson-databind-2.10.3.jar - autoclosed HOT 1
- CVE-2022-40155 (High) detected in woodstox-core-6.1.1.jar - autoclosed HOT 1
- CVE-2022-40154 (High) detected in woodstox-core-6.1.1.jar - autoclosed HOT 1
- CVE-2022-40156 (High) detected in woodstox-core-6.1.1.jar - autoclosed HOT 1
- CVE-2022-40153 (High) detected in woodstox-core-6.2.4.jar - autoclosed HOT 1
- CVE-2022-40152 (High) detected in woodstox-core-6.2.4.jar
- CVE-2022-41854 (Medium) detected in snakeyaml-1.33.jar - autoclosed HOT 1
- CVE-2022-31692 (High) detected in spring-security-web-5.6.4.jar
- CVE-2022-1471 (High) detected in snakeyaml-1.33.jar
- CVE-2022-42252 (High) detected in tomcat-embed-core-9.0.65.jar
- CVE-2023-24998 (High) detected in commons-fileupload-1.4.jar
- CVE-2023-20860 (High) detected in spring-webmvc-5.3.18.jar
- CVE-2023-20861 (Medium) detected in spring-expression-5.3.18.jar
- CVE-2023-20863 (Medium) detected in spring-expression-5.3.18.jar
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from api.