堆棧內存溢出
  簡體   English   中英

身份驗證請求失敗:憑據錯誤[LDAP:錯誤代碼49-數據52e,v1db1]

[英]Authentication request failed: Bad credentials [LDAP: error code 49 - data 52e, v1db1]

 原文  2014-07-21 13:21:58       java/ spring/ spring-mvc/ authentication/ ldap

問題描述

我正在嘗試使用BindAuthenticator進行身份驗證,但它給了我身份驗證錯誤。 

18:14:32,764 org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter DEBUG http-bio-8080-exec-12 authentication.UsernamePasswordAuthenticationFilter:189 - Request is to process authentication
18:14:32,765 org.springframework.security.authentication.ProviderManager DEBUG http-bio-8080-exec-12 authentication.ProviderManager:152 - Authentication attempt using org.springframework.security.ldap.authentication.LdapAuthenticationProvider
18:14:32,767 org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider DEBUG http-bio-8080-exec-12 authentication.LdapAuthenticationProvider:65 - Processing authentication request for user: admin.manager@XDEV.com
18:14:32,770 org.springframework.security.ldap.authentication.BindAuthenticator DEBUG http-bio-8080-exec-12 authentication.BindAuthenticator:108 - Attempting to bind as uid=admin.manager@XDEV.com,o=X-DEV,dc=Xexternal,dc=com
18:14:32,770 org.springframework.security.ldap.DefaultSpringSecurityContextSource$1 DEBUG http-bio-8080-exec-12 ldap.DefaultSpringSecurityContextSource:76 - Removing pooling flag for user uid=admin.manager@XDEV.com,o=LS360-DEV,dc=Xexternal,dc=com
18:14:33,427 org.springframework.security.ldap.authentication.BindAuthenticator DEBUG http-bio-8080-exec-12 authentication.BindAuthenticator:152 - Failed to bind as uid=admin.manager@XDEV.com: org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1

XML配置: 

   <?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:security="http://www.springframework.org/schema/security"
    xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd 
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">

    <security:global-method-security
        secured-annotations="enabled" />

    <security:http pattern="/theme/**" security="none" />
    <security:http pattern="/javascript/**" security="none" />
    <security:http pattern="/favicon.ico" security="none" />
    <security:http pattern="/login" security="none" />

    <beans:bean id="contextSource"
        class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
        <beans:constructor-arg value="ldap://10.0.X.X:389/DC=Xexternal,DC=com" />
        <beans:property name="base" value="O=X-DEV,DC=Xexternal,DC=com" />
        <beans:property name="userDn" value="CN=X-dev,O=X-DEV,DC=Xexternal,DC=com" />
        <beans:property name="password" value="X!" />
    </beans:bean>

    <beans:bean id="userSearch"
        class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
        <beans:constructor-arg index="0" value="" />
        <beans:constructor-arg index="1" value="uid={0}" />
        <beans:constructor-arg index="2" ref="contextSource" />
        <beans:property name="searchSubtree" value="true" />
    </beans:bean>

    <beans:bean id="passwordEncoder"
        class="org.springframework.security.authentication.encoding.ShaPasswordEncoder">
    </beans:bean>

    <beans:bean id="ldapAuthProvider"
        class="org.springframework.security.ldap.authentication.LdapAuthenticationProvider">
        <beans:constructor-arg>
            <beans:bean
                class="org.springframework.security.ldap.authentication.BindAuthenticator">
                <beans:constructor-arg ref="contextSource"/>
                <beans:property name="userDnPatterns">
                    <beans:list>
                        <beans:value>uid={0}</beans:value>
                    </beans:list>
                </beans:property>
                <beans:property name="userSearch" ref="userSearch" />
                <!-- <beans:property name="passwordEncoder" ref="passwordEncoder" /> -->
            </beans:bean>
        </beans:constructor-arg>
        <beans:constructor-arg>
            <beans:bean
                class="org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator">
                <beans:constructor-arg ref="contextSource" />
                <beans:constructor-arg value="O=X-DEV" />
            </beans:bean>
        </beans:constructor-arg>
    </beans:bean>

    <!-- LDAP server details -->
    <security:authentication-manager>
        <security:authentication-provider
            ref="ldapAuthProvider">
        </security:authentication-provider>
    </security:authentication-manager>


    <security:http>
        <security:form-login login-page="/login"
            login-processing-url="/j_spring_security_check" default-target-url="/search"
            authentication-failure-url="/login?login_error=true" />
        <security:http-basic />
        <security:logout logout-url="/login" />
        <security:session-management
            invalid-session-url="/login" />
        <security:intercept-url pattern="/**"
            access='ROLE_USER,IS_AUTHENTICATED_ANONYMOUSLY, IS_AUTHENTICATED_FULLY, IS_AUTHENTICATED_REMEMBERED' />
    </security:http>



</beans:beans>

1 個解決方案

解決方案1
 0  2014-07-25 11:36:06

我進行了以下更改以使整個過程正常運行。 

<beans:bean id="userSearch"
        class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
        <beans:constructor-arg index="0" value="" />
        <beans:constructor-arg index="1" value="**(userPrincipalName={0})**" />
        <beans:constructor-arg index="2" ref="contextSource" />
        <beans:property name="searchSubtree" value="true" />
    </beans:bean>

再加上我在授權中添加了ROLE_ADMIN。 

<security:http>
    <security:form-login login-page="/login"
        login-processing-url="/j_spring_security_check" default-target-url="/searchcourse"
        authentication-failure-url="/login?login_error=true" />
    <security:http-basic />
    <security:logout logout-url="/login" />
    <security:session-management
        invalid-session-url="/login" />
    <security:intercept-url pattern="/**"
        access='**ROLE_ADMIN,** ROLE_USER,IS_AUTHENTICATED_ANONYMOUSLY, IS_AUTHENTICATED_FULLY, IS_AUTHENTICATED_REMEMBERED' />
</security:http>

我在stackoverflow上的某個地方讀到,必須具有ROLE_ADMIN。

我希望以上對其他人也有幫助。

謝謝,

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 LDAP 錯誤代碼 49 AcceptSecurityContext 錯誤數據 52e v2580 即使憑據正確 LDAP + Java Aplication身份驗證錯誤代碼49-52e LDAP:錯誤代碼 49 - 80090308:LdapErr:DSID-0C09044E,注釋:AcceptSecurityContext 錯誤,數據 52e,v2580(第一次使用 ldap) LDAP:錯誤代碼 49 - 80090308:LdapErr:DSID-0C090446,注釋:AcceptSecurityContext 錯誤,數據 52e,v2580 - 使用 Spring 工具 LDAP:錯誤代碼49 - 80090308:LdapErr:DSID-0C09042F,注釋:AcceptSecurityContext錯誤,數據52e,v2580 Java應用程序中帶有jndi的身份驗證錯誤49 52e-無效令牌 Spring boot ldap 身份驗證錯誤 [LDAP: 錯誤代碼 49 - 憑據無效] javax.naming.AuthenticationException:[LDAP:錯誤代碼49 - 證書無效] LDAP:錯誤代碼49 - 簡單綁定失敗:NT_STATUS_LOGON_FAILURE Salted SHA類型中的Spring LDAP身份驗證錯誤憑據密碼
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM