You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@activemq.apache.org by chinababuilla <ch...@gmail.com> on 2017/07/06 15:35:46 UTC

LDAP: userSearchSubtree=true produces Caused by: javax.naming.PartialResultException: Unprocessed Continuation Reference(s)

Hi All,

I have a requirements for ActiveMQ to authenticate users from LDAP (Active
Directory). Users scattered across many groups and search should be
performed on all groups and userBase specified below. 

Here is the details:

Exception:
*Caused by: javax.naming.PartialResultException: Unprocessed Continuation
Reference(s)*


My Configuration:

LDAPLogin {
  org.apache.activemq.jaas.LDAPLoginModule required
    debug=true
    initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
    connectionURL="ldap://{myldaphost}:389"
    connectionUsername="CN=myuser,OU=Prod,OU=Accts,DC=abc,DC=com"
    connectionPassword="mypassword"
    authentication=simple
    userBase="DC=abc,DC=com"
    userSearchMatching="(cn={0})"
    *userSearchSubtree=true
*    connectionProtocol=s
    roleBase="OU=Groups,DC=abc,DC=com"
    roleName=cn
    roleSearchMatching="(member=cn={1})"
    roleSearchSubtree=false
    ;
};

After reading few threads, I tried these things:
1. Provided an environment variable Constants.REFERRAL=follow by overriding
the open() method from LDAPAuthorizationMap. No use. Looks like my custom
class is not been used anywhere. 

2. I added jvm parameter -Djava.naming.referral=follow to activemq.bat file
and ran. Still no use.

What am I missing?

Thanks,
Chinna




--
View this message in context: http://activemq.2283324.n4.nabble.com/LDAP-userSearchSubtree-true-produces-Caused-by-javax-naming-PartialResultException-Unprocessed-Conti-tp4728274.html
Sent from the ActiveMQ - User mailing list archive at Nabble.com.