stackoom
  简体   繁体   中英

Authentication error 49 52e with jndi in a java application- invalid token

 原文  2017-12-15 15:14:05       java/ authentication/ ldap/ jndi

Question

I'd like to be ask an LDAP server if the provided username and password are correct in a Java application.

I ended up using jndi with this function (it is a test function I am using to explore LDAP that returns the exception message): 

public static String checkCredentials(String securityPrincipal,
                               String password,
                               String ldapUrl,
                               String securityAuthentication) 
{
    String userVerify = "";
    Hashtable env = new Hashtable();
    env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
    env.put(Context.PROVIDER_URL, ldapUrl);
    env.put(Context.SECURITY_AUTHENTICATION, securityAuthentication);
    env.put(Context.SECURITY_PRINCIPAL, securityPrincipal);
    env.put(Context.SECURITY_CREDENTIALS, password);

    try {
        DirContext authContext = new InitialDirContext(env);
        userVerify = testDescription + " - Success";
        authContext.close();
    } catch (AuthenticationException authEx) {
        userVerify = "AuthenticationException: " + authEx.getMessage();//"Authentication failed!";
    } catch (NamingException namEx) {
        userVerify = "NamingException: " + namEx.getMessage();//"Something went wrong!";
    } 
    return userVerify;
}

As I call checkCredentials by passing the correct ldapUrl (that in my case it's ldap://192.168.48.60:389 ) i always get as result (the function returns a String ):

AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A8, comment: AcceptSecurityContext error, data 52e, v1db1]

This page says that it is an authentication error (49) and "username is valid but password/credential is invalid" (52e).

I tried all of these for securityPrincipal :

john

john@mycompany

CN=john,conn

CN=john,OU=internal users,DC=mycompany

password and secuirityAuthentication seem ignored.

I tried to install LDAP admin from http://www.ldapadmin.org/ and also from it I get:

LDAP error! Invalid credentials: 80090308: LdapErr: DSID-0C0903A8, comment: AcceptSecurityContext error, data 52e, v1db1.

Invalid token passed to the function.

Somehow this tells me something more "invalid token".

Any pointers? I am stuck.

1 answers

solution1
 0 ACCPTED  2017-12-15 16:41:49

Passing "none" instead of "simple" in securityAuthentication made the job.

At least there are no exceptions, even if UserVerifyT returns success even if the passowrd is wrong, i will handle this as i did in the past by retrieving the mail of the user, if mail is returned password is ok.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question LDAP + Java Aplication Authentication error code 49 - 52e Authentication request failed: Bad credentials [LDAP: error code 49 - data 52e, v1db1] LDAP error code 49 AcceptSecurityContext error data 52e v2580 even with the correct credentials LDAP: error code 49 - 80090308: LdapErr: DSID-0C09044E, comment: AcceptSecurityContext error, data 52e, v2580 (first time using ldap) LDAP: error code 49 - 80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 52e, v2580 LDAP: error code 49 - 80090308: LdapErr: DSID-0C090446, comment: AcceptSecurityContext error, data 52e, v2580 - using Spring tools LDAP Error 49 from Java JNDI Connection Java - Network application- Real-Time Spring boot ldap Authentication Error [LDAP: error code 49 - Invalid Credentials] Java web application- How to send email through the same server?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM