You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cocoon.apache.org by Jrvickers <me...@jamesvickers.com> on 2007/11/05 11:18:44 UTC
Cocoon LDAP Referral=Follows
Hi All,
I have inherited a cocoon based project that uses LDAP for authentication.
When I run an LDAP query on the domain I login to, it is fine. When I run an
LDAP query on another domain, with the credentials of another user, it runs
OK, but returns no attributes. If I ask the user to run the same query, when
they are logged in to their own domain, they still receive nothing.
In both instances, I always get the following error:
512 [LDAPTransformer] Error in LDAP-Query:
javax.naming.PartialResultException: [LDAP: error code 9 - Referral:
ldap.........
Because the users of this system could be in any domain, I need them to
authenticate against their own local domain. i.e. in the ldap-execute
method, I am building the ldap query from values entered by the user. To add
to my troubles, there is no set organisational unit structure, so i cannot
even specify an exact location of the user account in AD.
Here is my code:
<ldap:execute-query >
<xsp:logic>
String domain = null;
String username = null;
domain = <xsp-request:get-parameter name="domain"/>;
domain = (domain == null) ? "" : domain;
username = <xsp-request:get-parameter name="username"/>;
username = (username == null) ? "" : username;
</xsp:logic>
<ldap:initializer>com.sun.jndi.ldap.LdapCtxFactory</ldap:initializer>
<ldap:authentication>simple</ldap:authentication>
<ldap:version>2</ldap:version>
<ldap:serverurl>ldap://<xsp:expr>domain</xsp:expr>.mydomain.net</ldap:serverurl>
<ldap:port>389</ldap:port>
<ldap:searchbase>DC=<xsp:expr>domain</xsp:expr>,DC=mydomain,DC=net</ldap:searchbase>
<ldap:filter>(&(objectClass=*)(cn=<xsp:expr>username</xsp:expr>))</ldap:filter>
<ldap:scope>SUBTREE_SCOPE</ldap:scope>
<ldap:rootdn><xsp:expr>domain</xsp:expr>\<xsp:expr>username</xsp:expr></ldap:rootdn>
<ldap:password><xsp-request:get-parameter
name="password"/></ldap:password>
<ldap:debug>true</ldap:debug>
<ldap:deref-link>true</ldap:deref-link>
<ldap:count-limit>0</ldap:count-limit>
<ldap:time-limit>0</ldap:time-limit>
<ldap:show-attribute>true</ldap:show-attribute>
<ldap:doc-element>ldapsearch</ldap:doc-element>
<ldap:row-element>searchresult</ldap:row-element>
<ldap:error-element>ERROR</ldap:error-element>
<ldap:attribute>*</ldap:attribute>
</ldap:execute-query>
I have looked into this error, and it is suggested that this is thrown, as
no result was returned from the first query. It is suggested that you should
specify Referral as "Follow" - but I do not know how!?
Has anybody else been successful with this?
Thanks,
James.
--
View this message in context: http://www.nabble.com/Cocoon-LDAP-Referral%3DFollows-tf4750667.html#a13584253
Sent from the Cocoon - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org