任何人都可以共享CAS 4.2.x deployerConfigContext.xml连接到LDAP吗?CAS 4.2.x deployerConfigContext.xml连接到LDAP
我使用下面的配置,但它与LDAP身份验证失败:
错误[org.ldaptive.pool.BlockingConnectionPool] - < [[email protected] ::名称=搜索-pool,poolConfig = [[email protected] :: minPoolSize = 1,maxPoolSize = 10,validateOnCheckIn = false,validateOnCheckOut = false,validatePeriodically = true,validatePeriod = 300],activator = null,passivator = null,验证器= [[email protected] :: searchRequest = [[email protected] :: baseDn =,searchFilter = [[email protected] :: filter =(objectClass = *),参数= {}],returnAttributes = [1.1],searchScope = OBJECT,t imeLimit = 0,sizeLimit = 1,derefAliases = null,typesOnly = false,binaryAttributes = null,sortBehavior = UNORDERED,searchEntryHandlers = null,searchReferenceHandlers = null,controls = null,referralHandler = null,intermediateResponseHandlers = null]] pruneStrategy = [org。 [email protected] :: prunePeriod = 300,idleTime = 600],connectOnCreate = true,connectionFactory = [[email protected] :: [email protected],config = [[email protected] :: ldapUrl = xxxx,connectTimeout = 3000,responseTimeout = -1,sslConfig = null,useSSL = false,useStartTLS = false,connectionInitializer = [[email protected] :: bindDn = cn = Directory Manager,dc = uss,dc = net,bindSaslConfig = null,bindControls = null]]],initialized = false,availableCount = 0,activeCount = 0]无法连接到ldap>
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:c="http://www.springframework.org/schema/c"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:util="http://www.springframework.org/schema/util"
xmlns:sec="http://www.springframework.org/schema/security"
xmlns:ldaptive="http://www.ldaptive.org/schema/spring-ext"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd
http://www.ldaptive.org/schema/spring-ext http://www.ldaptive.org/schema/spring-ext.xsd">
<bean id="ldapAuthenticationHandler"
class="org.jasig.cas.authentication.LdapAuthenticationHandler"
p:principalIdAttribute="sAMAccountName"
c:authenticator-ref="authenticator">
<property name="principalAttributeMap">
<map>
<entry key="displayName" value="simpleName" />
<entry key="mail" value="email" />
<entry key="memberOf" value="membership" />
</map>
</property>
</bean>
<ldaptive:ad-authenticator id="authenticator"
ldapUrl="xxxx"
userFilter="uid={user}"
bindDn="cn=Directory Manager,dc=uss,dc=net"
bindCredential="xxxx"
allowMultipleDns="false"
connectTimeout="3000"
validateOnCheckOut="false"
failFastInitialize="true"
blockWaitTime="3000"
idleTime="600"
baseDn="ou=Users,ou=Unsorted,ou=xxxx,dc=uss,dc=net"
maxPoolSize="10"
minPoolSize="1"
validatePeriodically="true"
validatePeriod="300"
prunePeriod="300"
useSSL="false"
subtreeSearch="true"
useStartTLS="false" />
<util:map id="authenticationHandlersResolvers">
<entry key-ref="proxyAuthenticationHandler" value-ref="proxyPrincipalResolver" />
<entry key-ref="ldapAuthenticationHandler" value-ref="primaryPrincipalResolver" />
<!-- <entry key-ref="primaryAuthenticationHandler" value-ref="primaryPrincipalResolver" /> -->
</util:map>
<util:list id="authenticationMetadataPopulators">
<ref bean="successfulHandlerMetaDataPopulator" />
<ref bean="rememberMeAuthenticationMetaDataPopulator" />
</util:list>
<bean id="attributeRepository" class="org.jasig.services.persondir.support.NamedStubPersonAttributeDao"
p:backingMap-ref="attrRepoBackingMap" />
<alias name="acceptUsersAuthenticationHandler" alias="primaryAuthenticationHandler" />
<alias name="personDirectoryPrincipalResolver" alias="primaryPrincipalResolver" />
<util:map id="attrRepoBackingMap">
<entry key="uid" value="uid" />
<entry key="eduPersonAffiliation" value="eduPersonAffiliation" />
<entry key="groupMembership" value="groupMembership" />
<entry>
<key><value>memberOf</value></key>
<list>
<value>faculty</value>
<value>staff</value>
<value>org</value>
</list>
</entry>
</util:map>
<alias name="serviceThemeResolver" alias="themeResolver" />
<alias name="jsonServiceRegistryDao" alias="serviceRegistryDao" />
<alias name="defaultTicketRegistry" alias="ticketRegistry" />
<alias name="ticketGrantingTicketExpirationPolicy" alias="grantingTicketExpirationPolicy" />
<alias name="multiTimeUseOrTimeoutExpirationPolicy" alias="serviceTicketExpirationPolicy" />
<alias name="anyAuthenticationPolicy" alias="authenticationPolicy" />
<alias name="acceptAnyAuthenticationPolicyFactory" alias="authenticationPolicyFactory" />
<bean id="auditTrailManager"
class="org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager"
p:entrySeparator="${cas.audit.singleline.separator:|}"
p:useSingleLine="${cas.audit.singleline:false}"/>
<alias name="neverThrottle" alias="authenticationThrottle" />
<util:list id="monitorsList">
<ref bean="memoryMonitor" />
<ref bean="sessionMonitor" />
</util:list>
<alias name="defaultPrincipalFactory" alias="principalFactory" />
<alias name="defaultAuthenticationTransactionManager" alias="authenticationTransactionManager" />
<alias name="defaultPrincipalElectionStrategy" alias="principalElectionStrategy" />
<alias name="tgcCipherExecutor" alias="defaultCookieCipherExecutor" />
</beans>
还改变了userFilter =“sAMAccountName = {user}” – Ani