FYI. Resolved the SAMPLE_WAR_GRADLE error. Had to modify build.gradle with apply from: 'sample-war.gradle' instead of apply from: SAMPLE_WAR_GRADLE. Additional modifications to build.gradle are as follows: https://pastebin.com/69W0ziu6
I have a spring mvc application in witch i integrate spring security, in particular now i need to implement the ldap authentication but the problem is that in my basic authentication i have a CustomUserDetails and a CustomUserDetailsService now i want to manage this custom userDetails with spring ldap i try to extends LdapAuthorization provider without success someone have any idea?
Is there any reason the SimpleLdap classes would stop being able to authenticate with an LDAP server after updating from 1.3.1 to 2.3.2? I know it has become deprecated but I do not see anything that leads me to feel like it should give me an error of: "AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1]". Moving to use the LdapTemplate and LdapOperations is a bit much for me to do at the moment and I was curious if anyone else has had the same issue. I have already researched the error and it claims to be a bad authentication issue however I have doubled checked the credentials are right along with ensuring the LDAP user is not locked.
Spring's
LdapTemplate has a setDefaultTimeLimit which "Set the default time limit be used in searches if not explicitly specified."
We tried to set it but it does not seem to work.
We even set this value to
1ms but we are not getting the expected TimeLimitExceededException...
We tried to debug to get more insights and we see Spring is propagating this default time limit to the default
javax.naming.directory.SearchControlsbut it seems not to work
I also found this old post from 2013: http://forum.spring.io/forum/spring-projects/data/ldap/48303-maximum-search-completion-time-limit-using-settimelimit where somebody was facing the same problem.
This seems to work:
final Map<String, Object> baseEnv = new Hashtable<>();
baseEnv.put("com.sun.jndi.ldap.connect.timeout", "5000");
baseEnv.put("com.sun.jndi.ldap.read.timeout", "5000");
final LdapContextSource ldapContextSource = new LdapContextSource();
ldapContextSource.setBaseEnvironmentProperties(baseEnv);if I pass this to the LdapTemplate I get connect/read timeouts eventually. LdapTemplate#setDefaultTimeLimitdoes not seem to do anything.
Hope this might be useful for other users.
I'm getting high numConnectionsClosedDefunct in my ldap logs, any thoughts?
LDAP: error code 53 - 0000052D: SvcErr: DSID-031A120C, problem 5003 (WILL_NOT_PERFORM), data 0
Is there such features? I really like spring-ldap and spring-data-ldap integrations and don't want to switch to unboundid sdk for client side load balancing.
For example , The attribute of an entry is '003001' , Let's assume that the Attr is deId , and this entry's DN is "deId=003001,deId=003,ou=department", I just know deId is '003001' and 'ou=department' , how to use ldaptemplate to deduce dn? I can't find a method in ldaptemplate.
@sadoudiallo_gitlab 003001 is the next level of 003
Hey guys, I don't know if you already have a problem looking on the LDAP server, an attribute called 'memberOf', I can't get any results by doing this type of filter:
(& (objectClass = user) (MemberOf ~ = GS_Customer_Registration_CO))
This user has this specification:
cn = GS_Customer_Registration_CO, OU = Groups, OU = Informatica - ICT, OU = Central Workshop, DC = co, DC = example, DC = com
''
LdapQuery ldapQuery = query()
.searchScope(SearchScope.SUBTREE)
.where("objectClass").is("user")
.and("memberOf").like("GS_Customer_Re*"); ''I'm using the spring criteria above:
But I can't bring any results, does anyone know about it or have you had any problems of this kind?
Hey guys :) i am just getting into ActiveDirectory/LDAP for my company. can anyone help me with ldap queries using the ldap template? the issue is that we have a customer whose active directory forest is spread on several "physical" servers. i wonder how i can query the whole forest. atm we connect to the main domain and query for user groups which works fine for the groups on that main domain. but i just cant manage to get the groups of subdomains.
Hello, did someone use this method with ldap?? or how to use the tree method in spring-ldap project? how to print everything with objectclass person in tree form to consol/? ``` public class TreeNode {
final String name;
final List<TreeNode> children;
public TreeNode(String name, List<TreeNode> children) {
this.name = name;
this.children = children;
}
public String toString() {
StringBuilder buffer = new StringBuilder(50);
print(buffer, "", "");
return buffer.toString();
}
private void print(StringBuilder buffer, String prefix, String childrenPrefix) {
buffer.append(prefix);
buffer.append(name);
buffer.append('\n');
for (Iterator<TreeNode> it = children.iterator(); it.hasNext();) {
TreeNode next = it.next();
if (it.hasNext()) {
next.print(buffer, childrenPrefix + "├── ", childrenPrefix + "│ ");
} else {
next.print(buffer, childrenPrefix + "└── ", childrenPrefix + " ");
}
}
}} ```
Hi - any clues? much appreciated! - PasswordModifyExtendedRequest through dapConnection.processExtendedOperation works. Wrapping that same request in JNDIExtendedRequest(passwordModifyExtendedRequest)) for consumption through ldapTemplate.executeReadWrite produces LDAP: error code 53 - The current password must be provided for self password changes.