You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@shiro.apache.org by 0xsven <0x...@gmail.com> on 2010/11/03 16:47:23 UTC
Authentication with AD/LDAP problem
Hi guys,
I use my realm, which extends ActiveDirectoryRealm to authenticate my users
via an Active Directory. I did only override the method dogetAuthorizaion()
which provides my roles out of my database.
I didn't touch dogetAthentication() !
So here is the problem:
If I use the right credentials --> It works, and I can enter
If I use the right username, but wrong password --> it works, and doesn't
let me pass
If i use a username, that doesn't exist in the AD in combination with or
without a passwort --> I can enter !!!
That shouldn't happen -.-
Does somebody has an idea? what's my mistake? where could it be?
Thank you for any help :-)
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Authentication-with-AD-LDAP-problem-tp5701874p5701874.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Authentication with AD/LDAP problem
Posted by 0xsven <0x...@gmail.com>.
I tried it, and I git the same problem with Shiro 1.1 and JndiLdapRealm !
Any further suggestions/advices? :-)
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Authentication-with-AD-LDAP-problem-tp5701874p5704762.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Authentication with AD/LDAP problem
Posted by 0xsven <0x...@gmail.com>.
I am using INI and here is my config:
[main]
MyRealm = de.spirit21.studentenportal.common.util.MyRealm
MyRealm.systemUsername = *****
MyRealm.systemPassword = *****
MyRealm.searchBase = *****
MyRealm.url = *****
I masked most parts of the config because of security issues :-)
Next step is: I gonna try the new realm...
--
View this message in context: http://shiro-user.582556.n2.nabble.com/Authentication-with-AD-LDAP-problem-tp5701874p5704333.html
Sent from the Shiro User mailing list archive at Nabble.com.
Re: Authentication with AD/LDAP problem
Posted by Les Hazlewood <lh...@apache.org>.
Hi Sven,
Can we see your active directory realm configuration? Are you using
INI or Spring?
Also, I would try the org.apache.shiro.realm.ldap.JndiLdapRealm for
JNDI/AD-based authentication. This is a new class added in Shiro 1.1.
Les
--
Les Hazlewood
Founder, Katasoft, Inc.
Application Security Products & Professional Apache Shiro Support and Training:
http://www.katasoft.com