You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by jayn <ja...@gmail.com> on 2015/02/23 19:19:30 UTC

Shiro AD Authorization causing java.net.ConnectException

Hello,
 Struggling with this one, any help is greatly appreciated.
Here s my ini config
**********
[main]
contextFactory = org.apache.shiro.realm.ldap.JndiLdapContextFactory
contextFactory.url = ldaps://ldap1.us.ad.abc.com:636
#contextFactory.environment[java.naming.security.protocol] = ssl
contextFactory.environment[java.naming.security.authentication] = simple
contextFactory.systemUsername=sysuser
contextFactory.systemPassword=syspass

ldapRealm = org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm
ldapRealm.ldapContextFactory=$contextFactory
ldapRealm.searchBase="DC=abc,DC=com"
ldapRealm.groupRolesMap="cn=grp_DEV,OU=Groups,DC=abc,DC=com":"GP_USER"
ldapRealm.principalSuffix="@us.ad.abc.com"
cacheManager = org.apache.shiro.cache.MemoryConstrainedCacheManager
securityManager.cacheManager = $cacheManager
***********
I am able to successfully authenticate but when it comes to Authorization,
it goes into the search call and gives us this connect exception.
Interestingly, the host here in the exception is only showing abc.com:636
and not the entire host ldap1.us.ad.abc.com . 
Not sure why .
Any help is greatly appreciated.
thanks so much.



*******************
Caused by: javax.naming.CommunicationException: abc.com:636 [Root exception
is java.net.ConnectException: Connection timed out: connect]
at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapReferralContext.java:95)
	at
com.sun.jndi.ldap.LdapReferralException.getReferralContext(LdapReferralException.java:150)
	at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1861)
	at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
	at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1786)
	at
com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418)
	at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396)
	at
com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:378)
	at
javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
	at
org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm.getRoleNamesForUser(ActiveDirectoryRealm.java:174)
	at
org.apache.shiro.realm.activedirectory.ActiveDirectoryRealm.queryForAuthorizationInfo(ActiveDirectoryRealm.java:146)
	at
org.apache.shiro.realm.ldap.AbstractLdapRealm.doGetAuthorizationInfo(AbstractLdapRealm.java:207)

***********************








--
View this message in context: http://shiro-user.582556.n2.nabble.com/Shiro-AD-Authorization-causing-java-net-ConnectException-tp7580463.html
Sent from the Shiro User mailing list archive at Nabble.com.