grouper-dev - [grouper-dev] Encrypted LDAP password doesn't seem to work
Subject: Grouper Developers Forum
List archive
- From: Gagné Sébastien <>
- To: <>
- Cc: <>
- Subject: [grouper-dev] Encrypted LDAP password doesn't seem to work
- Date: Thu, 1 Mar 2012 13:55:39 -0500
Hi Tom, I downloaded the PSP and Grouper this morning to give it a try and it seems there’s still a problem with encrypted AD passwords. When I start the gsh.sh it gives me an exception that it cannot connect to the ldap source. If I put the old password in clear text it works. The LDAP error code seems to indicate invalid credentials. Could it be because previously the password/file path was stored in sources.xml (SECURITY_CREDENTIAL I think) I think my configuration is good, it seems to work for the database, here is what I did for AD : ldap.properties edu.vt.middleware.ldap.bindCredential=/app/grouper/api/conf/grouperDevAD.pass grouperDevAD.pass 9eTwO1soFyEEnZzjqnrFiw== morphString.properties encrypt.key = Gt31oiciu42 java -jar lib/grouper/morphString.jar Enter the location of morphString.properties: conf/morphString.properties Type the string to encrypt (note: pasting might echo it back): The encrypted string is: 9eTwO1soFyEEnZzjqnrFiw== First exception I get (there’s a long list after that) : 2012-03-01 13:27:44,341: [main] ERROR DefaultLdapFactory.create(109) - - unabled to connect to the ldap javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1] at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3067) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2815) at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2729) at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:296) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193) at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136) at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66) at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667) at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288) at javax.naming.InitialContext.init(InitialContext.java:223) at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134) at edu.vt.middleware.ldap.handler.DefaultConnectionHandler.connectInternal(DefaultConnectionHandler.java:134) at edu.vt.middleware.ldap.handler.AbstractConnectionHandler.connect(AbstractConnectionHandler.java:156) at edu.vt.middleware.ldap.AbstractLdap.connect(AbstractLdap.java:1006) at edu.vt.middleware.ldap.pool.DefaultLdapFactory.create(DefaultLdapFactory.java:106) at edu.vt.middleware.ldap.pool.DefaultLdapFactory.create(DefaultLdapFactory.java:28) at edu.vt.middleware.ldap.pool.AbstractLdapPool.createAvailable(AbstractLdapPool.java:212) at edu.vt.middleware.ldap.pool.AbstractLdapPool.initializePool(AbstractLdapPool.java:155) at edu.vt.middleware.ldap.pool.AbstractLdapPool.initialize(AbstractLdapPool.java:128) at edu.internet2.middleware.subject.provider.LdapSourceAdapter.initializeLdap(LdapSourceAdapter.java:237) at edu.internet2.middleware.subject.provider.LdapSourceAdapter.init(LdapSourceAdapter.java:120) at edu.internet2.middleware.subject.provider.SourceManager.loadSource(SourceManager.java:175) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at org.apache.commons.beanutils.MethodUtils.invokeMethod(MethodUtils.java:216) at org.apache.commons.digester.SetNextRule.end(SetNextRule.java:216) at org.apache.commons.digester.Rule.end(Rule.java:230) at org.apache.commons.digester.Digester.endElement(Digester.java:1130) at org.apache.xerces.parsers.AbstractSAXParser.endElement(Unknown Source) at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanEndElement(Unknown Source) at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown Source) at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source) at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source) at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source) at org.apache.xerces.parsers.XMLParser.parse(Unknown Source) at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source) at org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown Source) at org.apache.commons.digester.Digester.parse(Digester.java:1666) at edu.internet2.middleware.subject.provider.SourceManager.parseConfig(SourceManager.java:210) at edu.internet2.middleware.subject.provider.SourceManager.init(SourceManager.java:147) at edu.internet2.middleware.subject.provider.SourceManager.<init>(SourceManager.java:91) at edu.internet2.middleware.subject.provider.SourceManager.getInstance(SourceManager.java:101) at edu.internet2.middleware.grouper.misc.GrouperStartup.startup(GrouperStartup.java:86) at edu.internet2.middleware.grouper.app.gsh.GrouperShell.main(GrouperShell.java:136) at edu.internet2.middleware.grouper.app.gsh.GrouperShellWrapper.main(GrouperShellWrapper.java:16) Sébastien Gagné, | Analyste en informatique 514-343-6111 x33844 | Université de Montréal, | Pavillon Roger-Gaudry, local X-100-11 |
- [grouper-dev] Encrypted LDAP password doesn't seem to work, Gagné Sébastien, 03/01/2012
- Re: [grouper-dev] Encrypted LDAP password doesn't seem to work, Tom Zeller, 03/01/2012
Archive powered by MHonArc 2.6.16.