Hello I am using the following code to authenticate an application in spring tools which is hosted on a Tomcat.
This is the code I am running:
package com.pp.portal;
import java.io.File;
import java.io.InputStream;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.util.FileCopyUtils;
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.anyRequest().fullyAuthenticated()
.and()
.formLogin();
}
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception {
File jks = File.createTempFile("cacerts", "jks");
jks.deleteOnExit();
try (InputStream fromJks = WebSecurityConfig.class.getResource("/cacerts.jks").openStream()) {
FileCopyUtils.copy(FileCopyUtils.copyToByteArray(fromJks), jks);
}
System.setProperty("javax.net.ssl.trustStore", jks.getPath());
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
auth
.ldapAuthentication()
.userSearchFilter("&(sAMAccountName={0})(memberOf=CN=SG_LoginHistoryApp_Operators,OU=Security*Groups*-*NEW,OU=Secured*Groups,OU=Administration,DC=Domain,DC=uk,DC=dc)")
.contextSource()
.url("ldaps://ldapserver.domain.uk.dc:636")
.managerDn("CN=ldap,OU=Accounts,OU=Users,OU=Adapt,DC=Domain,DC=uk,DC=dc")
.managerPassword("mangerPassword");
}
}
This is the error I am getting back:
[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090446, comment: AcceptSecurityContext error, data 52e, v2580]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090446, comment: AcceptSecurityContext error, data 52e, v2580]
I am looking for suggestions on how to remedy this, credentials used are correct for both, user I am using to log in and account being used.
I had the same problem and error code.
In my case the password for the user was no more valid. There is an option that the passwords invalidate after x days. Did you check that?
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.