java - Spring Security + LDAP always returns BadCredentialsException -
i have been trying configure spring security work ldap little success.
i have following configuration beans:
@bean public activedirectoryldapauthenticationprovider activedirectoryldapauthenticationprovider() { activedirectoryldapauthenticationprovider provider = new activedirectoryldapauthenticationprovider("go.com.mt", "ldap://corporate.intra"); provider.setconvertsuberrorcodestoexceptions(true); provider.setuseauthenticationrequestcredentials(true); provider.setuserdetailscontextmapper(userdetailscontextmapper()); return provider; } @bean public userdetailscontextmapper userdetailscontextmapper() { userdetailscontextmapper contextmapper = new attributesldapuserdetailscontextmapper(); return contextmapper; } @override protected void configure(authenticationmanagerbuilder auth) throws exception { auth.authenticationprovider(activedirectoryldapauthenticationprovider()); } i tried creating custom mapper suggested many answers here on stack overflow sets every authority role_user
public class attributesldapuserdetailscontextmapper implements userdetailscontextmapper { @override public userdetails mapuserfromcontext(dircontextoperations dircontextoperations, string username, collection<? extends grantedauthority> authority) { list<grantedauthority> mappedauthorities = new arraylist<grantedauthority>(); (grantedauthority granted : authority) { if (true) { mappedauthorities.add(() -> "role_user"); } else if(granted.getauthority().equalsignorecase("my admin group")) { mappedauthorities.add(() -> "role_admin"); } } return new user(username, "", mappedauthorities); } @override public void mapusertocontext(userdetails userdetails, dircontextadapter dircontextadapter) { } } when try authenticating existing user , incorrect password following message:
[apr-8080-exec-6] ctivedirectoryldapauthenticationprovider : active directory authentication failed: supplied password invalid [apr-8080-exec-6] o.s.b.a.audit.listener.auditlistener : auditevent [timestamp=thu aug 20 07:31:59 cest 2015, principal=samantha.catania, type=authentication_failure, data={type=org.springframework.security.authentication.badcredentialsexception, message=bad credentials}] meaning active directory being working correctly when try authenticate correct credentials following message:
[pr-8080-exec-10] o.s.s.ldap.springsecurityldaptemplate : ignoring partialresultexception [pr-8080-exec-10] o.s.b.a.audit.listener.auditlistener : auditevent [timestamp=thu aug 20 07:32:05 cest 2015, principal=samantha.catania, type=authentication_failure, data={type=org.springframework.security.authentication.badcredentialsexception, message=bad credentials}] any ideas how fix please?
try using setting java environment property "java.naming.referral" "follow" (either in code @ startup, or via argument jvm -djava.naming.referral=follow.
do stack trace, or print badcredentialsexception?
this similar issue having ad, problem how ad handles referrals , generate errors during data retrieval.
from have posted expect exception generated in activedirectoryldapauthenticationprovider.java line 323, point same issue.
Comments
Post a Comment