Hi list!
We are setting up authentication against an LDAP server. When we test the connection we recieve the following error:
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1]
Could the reason be that anonymous binding is required? I’m not sure if this is the case in GeoServer. In our environment anonymous binding is not allowed.
We use Geoserver 2.2-SNAPSHOT/Windows Server 2008/Tomcat 7. The server is not inside the AD.
Thanks in advance.
All best,
Andreas
Hi Andreas
The developer of the ldap plugin is in holidays for 3 weeks. I will try to help here.
If you dont want an anonymous login, remove the "anonymous" filter from all filter chains. This can be done using the "Authentication" panel in the top security menu.
I googled the LDAP error code, 49 seems to be "invalid credentials". Did you test your ldap connection without using Geoserver ?
Christian
Zitat von Andreas Fogelberg <andreas20@anonymised.com>:
Hi list!
We are setting up authentication against an LDAP server. When we test the
connection we recieve the following error:
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308:
LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e,
v1db1]
Could the reason be that anonymous binding is required? I'm not sure if
this is the case in GeoServer. In our environment anonymous binding is not
allowed.
We use Geoserver 2.2-SNAPSHOT/Windows Server 2008/Tomcat 7. The server is
not inside the AD.
Thanks in advance.
All best,
Andreas
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
Thank you Christian!
Removing the “anonymous” filter did help me to solve the problem. I also had to change the settings for User loopkup pattern from uid ={0} to cn={0}.
What I didn’t manage to do is a recursive search in the LDAP database. For those users I still get the same error:
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308:
LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e,
v1db1]
Kind regards,
Andreas
2012/12/12 <christian.mueller@anonymised.com>
Hi Andreas
The developer of the ldap plugin is in holidays for 3 weeks. I will try to help here.
If you dont want an anonymous login, remove the “anonymous” filter from all filter chains. This can be done using the “Authentication” panel in the top security menu.
I googled the LDAP error code, 49 seems to be “invalid credentials”. Did you test your ldap connection without using Geoserver ?
Christian
Zitat von Andreas Fogelberg <andreas20@anonymised.com>:
Hi list!
We are setting up authentication against an LDAP server. When we test the
connection we recieve the following error:
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308:
LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e,
v1db1]
Could the reason be that anonymous binding is required? I’m not sure if
this is the case in GeoServer. In our environment anonymous binding is not
allowed.
We use Geoserver 2.2-SNAPSHOT/Windows Server 2008/Tomcat 7. The server is
not inside the AD.
Thanks in advance.
All best,
Andreas
This message was sent using IMP, the Internet Messaging Program.
Hi Andreas
I am not used to using LDAP, what do you mean with a recursive search ? AFAIK, the LDAP plugin does a simple bind with username/credentials, so I have no idea about your problem.
Christian
Zitat von Andreas Fogelberg <andreas20@anonymised.com>:
Thank you Christian!
Removing the "anonymous" filter did help me to solve the problem. I also
had to change the settings for User loopkup pattern from uid ={0} to cn={0}.
What I didn't manage to do is a recursive search in the LDAP database. For
those users I still get the same error:
javax.naming.**AuthenticationException: [LDAP: error code 49 - 80090308:
LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e,
v1db1]
Kind regards,
Andreas
2012/12/12 <christian.mueller@anonymised.com>
Hi Andreas
The developer of the ldap plugin is in holidays for 3 weeks. I will try to
help here.
If you dont want an anonymous login, remove the "anonymous" filter from
all filter chains. This can be done using the "Authentication" panel in the
top security menu.
I googled the LDAP error code, 49 seems to be "invalid credentials". Did
you test your ldap connection without using Geoserver ?
Christian
Zitat von Andreas Fogelberg <andreas20@anonymised.com>:
Hi list!
We are setting up authentication against an LDAP server. When we test the
connection we recieve the following error:
javax.naming.**AuthenticationException: [LDAP: error code 49 - 80090308:
LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e,
v1db1]
Could the reason be that anonymous binding is required? I'm not sure if
this is the case in GeoServer. In our environment anonymous binding is not
allowed.
We use Geoserver 2.2-SNAPSHOT/Windows Server 2008/Tomcat 7. The server is
not inside the AD.
Thanks in advance.
All best,
Andreas
------------------------------**------------------------------**----
This message was sent using IMP, the Internet Messaging Program.
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
Hi!
By recursive I mean that I would like to do a subtree search. In our case users are defined in subtrees.
Thanks,
Andreas
2012/12/12 <christian.mueller@anonymised.com>
Hi Andreas
I am not used to using LDAP, what do you mean with a recursive search ? AFAIK, the LDAP plugin does a simple bind with username/credentials, so I have no idea about your problem.
Christian
Zitat von Andreas Fogelberg <andreas20@anonymised.com>:
Thank you Christian!
Removing the “anonymous” filter did help me to solve the problem. I also
had to change the settings for User loopkup pattern from uid ={0} to cn={0}.
What I didn’t manage to do is a recursive search in the LDAP database. For
those users I still get the same error:
javax.naming.**AuthenticationException: [LDAP: error code 49 - 80090308:
LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e,
v1db1]
Kind regards,
Andreas
2012/12/12 <christian.mueller@anonymised.com>
Hi Andreas
The developer of the ldap plugin is in holidays for 3 weeks. I will try to
help here.
If you dont want an anonymous login, remove the “anonymous” filter from
all filter chains. This can be done using the “Authentication” panel in the
top security menu.
I googled the LDAP error code, 49 seems to be “invalid credentials”. Did
you test your ldap connection without using Geoserver ?
Christian
Zitat von Andreas Fogelberg <andreas20@anonymised.com>:
Hi list!
We are setting up authentication against an LDAP server. When we test the
connection we recieve the following error:
javax.naming.**AuthenticationException: [LDAP: error code 49 - 80090308:
LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e,
v1db1]
Could the reason be that anonymous binding is required? I’m not sure if
this is the case in GeoServer. In our environment anonymous binding is not
allowed.
We use Geoserver 2.2-SNAPSHOT/Windows Server 2008/Tomcat 7. The server is
not inside the AD.
Thanks in advance.
All best,
Andreas
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
This message was sent using IMP, the Internet Messaging Program.
Hi Andreas
I think I cannot help further and we have to wait for Justin returning from holidays (3 weeks).
I would estimate 10 hours of work which I have not. (Setting up test environment, studying the code, looking at your concrete situation,...).
Christian
Zitat von Andreas Fogelberg <andreas20@anonymised.com>:
Hi!
By recursive I mean that I would like to do a subtree search. In our case
users are defined in subtrees.
Thanks,
Andreas
2012/12/12 <christian.mueller@anonymised.com>
Hi Andreas
I am not used to using LDAP, what do you mean with a recursive search ?
AFAIK, the LDAP plugin does a simple bind with username/credentials, so I
have no idea about your problem.
Christian
Zitat von Andreas Fogelberg <andreas20@anonymised.com>:
Thank you Christian!
Removing the "anonymous" filter did help me to solve the problem. I also
had to change the settings for User loopkup pattern from uid ={0} to
cn={0}.
What I didn't manage to do is a recursive search in the LDAP database. For
those users I still get the same error:
javax.naming.****AuthenticationException: [LDAP: error code 49 -
80090308:
LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e,
v1db1]
Kind regards,
Andreas
2012/12/12 <christian.mueller@anonymised.com>
Hi Andreas
The developer of the ldap plugin is in holidays for 3 weeks. I will try
to
help here.
If you dont want an anonymous login, remove the "anonymous" filter from
all filter chains. This can be done using the "Authentication" panel in
the
top security menu.
I googled the LDAP error code, 49 seems to be "invalid credentials". Did
you test your ldap connection without using Geoserver ?
Christian
Zitat von Andreas Fogelberg <andreas20@anonymised.com>:
Hi list!
We are setting up authentication against an LDAP server. When we test
the
connection we recieve the following error:
javax.naming.****AuthenticationException: [LDAP: error code 49 -
80090308:
LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e,
v1db1]
Could the reason be that anonymous binding is required? I'm not sure if
this is the case in GeoServer. In our environment anonymous binding is
not
allowed.
We use Geoserver 2.2-SNAPSHOT/Windows Server 2008/Tomcat 7. The server
is
not inside the AD.
Thanks in advance.
All best,
Andreas
------------------------------****----------------------------**--**----
This message was sent using IMP, the Internet Messaging Program.
------------------------------**------------------------------**----
This message was sent using IMP, the Internet Messaging Program.
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
Thanks anyway. Meanwhile, if I find a solution I will report back.
Regards,
Andreas
2012/12/13 <christian.mueller@anonymised.com>
Hi Andreas
I think I cannot help further and we have to wait for Justin returning from holidays (3 weeks).
I would estimate 10 hours of work which I have not. (Setting up test environment, studying the code, looking at your concrete situation,…).
Christian
Zitat von Andreas Fogelberg <andreas20@anonymised.com>:
Hi!
By recursive I mean that I would like to do a subtree search. In our case
users are defined in subtrees.
Thanks,
Andreas
2012/12/12 <christian.mueller@anonymised.com>
Hi Andreas
I am not used to using LDAP, what do you mean with a recursive search ?
AFAIK, the LDAP plugin does a simple bind with username/credentials, so I
have no idea about your problem.
Christian
Zitat von Andreas Fogelberg <andreas20@anonymised.com>:
Thank you Christian!
Removing the “anonymous” filter did help me to solve the problem. I also
had to change the settings for User loopkup pattern from uid ={0} to
cn={0}.
What I didn’t manage to do is a recursive search in the LDAP database. For
those users I still get the same error:
javax.naming.****AuthenticationException: [LDAP: error code 49 -
80090308:
LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e,
v1db1]
Kind regards,
Andreas
2012/12/12 <christian.mueller@anonymised.com>
Hi Andreas
The developer of the ldap plugin is in holidays for 3 weeks. I will try
to
help here.
If you dont want an anonymous login, remove the “anonymous” filter from
all filter chains. This can be done using the “Authentication” panel in
the
top security menu.
I googled the LDAP error code, 49 seems to be “invalid credentials”. Did
you test your ldap connection without using Geoserver ?
Christian
Zitat von Andreas Fogelberg <andreas20@anonymised.com>:
Hi list!
We are setting up authentication against an LDAP server. When we test
the
connection we recieve the following error:
javax.naming.****AuthenticationException: [LDAP: error code 49 -
80090308:
LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e,
v1db1]
Could the reason be that anonymous binding is required? I’m not sure if
this is the case in GeoServer. In our environment anonymous binding is
not
allowed.
We use Geoserver 2.2-SNAPSHOT/Windows Server 2008/Tomcat 7. The server
is
not inside the AD.
Thanks in advance.
All best,
Andreas
------------------------------****----------------------------–----
This message was sent using IMP, the Internet Messaging Program.
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
This message was sent using IMP, the Internet Messaging Program.