aspose file tools*
The moose likes Spring and the fly likes Spring 3.1 LDAP Authentication Just Hangs:  Where To Look? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "Spring 3.1 LDAP Authentication Just Hangs:  Where To Look?" Watch "Spring 3.1 LDAP Authentication Just Hangs:  Where To Look?" New topic
Author

Spring 3.1 LDAP Authentication Just Hangs: Where To Look?

George Impagliazo
Ranch Hand

Joined: Sep 25, 2010
Posts: 41
Spring 3.1
Tomcat 6.*

I'm working on making a Spring 3.1 webapp, authenticating with LDAP. When I hit submit on my login page, it just hangs and after a very, very long time returns with this error message:

Reason: ldap-itc.sam.acme.com:636/o=acme.com
socket closed;
nested exception is javax.naming.ServiceUnavailableException:
ldap-itc.sam.acme.com:636/o=acme.com; socket closed



I was able to connect to my organizations LDAP server by using Softerra's LDAP browser using a real user's password and plugging in the "principal" ( with the username swapped out for "uid={0}" ), which I use in my *-security.xml file:

uid={0},ou=People,o=acme.com


I was also able to connect with a JNDI styled Java program I wrote (quoted below ). That program dumped all of the users attributes, including the password, which seems to be encrypted on the LDAP server. Do I need to tell Spring 3.1 this or encrypt the password that is collected on the login screen?

I noticed that Java program I wrote/copied/adapted specified "ssl" in the context. When I commented that out, the client program also hanged for a long time and returned with the same error message as Spring 3.1. I uncommented that out, changed "ldap://" to "ldaps://" in the client program and that worked fine.

I tried the same thing in my *-security.xml. I changed "ldap://" to "ldaps://" in the ldap url. This time the webapp did not hang, but returned very quickly with a message of

"Bad Credentials"

I tested my username and password out. They are legitimate.

I also tried typing in the encrypted version of my password, but that didn't make a difference.

I'm guessing something with SSL and/or password encryption is now my problem.

Any ideas of things I could check out?

My *-security.xml and the java LDAP demo I wrote are quoted below

Thanks.

My *-security.xml file:




Here is the JNDI style LDAP Java program that WORKS with the same credentials:




Again, I'm only getting that one message and I am new to this so I would like some ideas of where to look for the problem. Thanks.


George Impagliazo
Ranch Hand

Joined: Sep 25, 2010
Posts: 41
Admins, plese delete this post, thanks
George Impagliazo
Ranch Hand

Joined: Sep 25, 2010
Posts: 41
I got it working. The final version of my *-security.xml is quoted below.

I took the "o=acme.com" out of the DN pattern and the LDAP worked.

I had originally put the "o=acme.com" in both the LDAP URL and the DN pattern because I am new to Spring 3.1 and LDAP, and that is similar to how it is/was done in the Java JNDI version of the LDAP demo I wrote based on the legacy code I am replacing. That demo program is quoted in the original post above.


 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Spring 3.1 LDAP Authentication Just Hangs: Where To Look?
 
Similar Threads
LDAP - How to get fully qualified "dn" from Dircontext.search()
applicationContext.xml - Can not find definition for element 'beans'
Spring LDAP/Active Directory Security: Authenticate User w/out Using an Admin/Mgr Account
LDAP error
No AuthenticationEntryPoint could be established