Skip to Content.
Sympa Menu

grouper-dev - [grouper-dev] Encrypted LDAP password doesn't seem to work

Subject: Grouper Developers Forum

List archive

[grouper-dev] Encrypted LDAP password doesn't seem to work


Chronological Thread 
  • From: Gagné Sébastien <>
  • To: <>
  • Cc: <>
  • Subject: [grouper-dev] Encrypted LDAP password doesn't seem to work
  • Date: Thu, 1 Mar 2012 13:55:39 -0500

Hi Tom,

I downloaded the PSP and Grouper this morning to give it a try and it seems there’s still a problem with encrypted AD passwords. When I start the gsh.sh it gives me an exception that it cannot connect to the ldap source. If I put the old password in clear text it works. The LDAP error code seems to indicate invalid credentials.

 

Could it be because previously the password/file path was stored in sources.xml (SECURITY_CREDENTIAL I think)

 

I think my configuration is good, it seems to work for the database, here is what I did for AD :

 

ldap.properties

edu.vt.middleware.ldap.bindCredential=/app/grouper/api/conf/grouperDevAD.pass

 

grouperDevAD.pass

9eTwO1soFyEEnZzjqnrFiw==

 

morphString.properties

encrypt.key = Gt31oiciu42

 

java -jar lib/grouper/morphString.jar

Enter the location of morphString.properties: conf/morphString.properties

Type the string to encrypt (note: pasting might echo it back):

The encrypted string is: 9eTwO1soFyEEnZzjqnrFiw==

 

First exception I get (there’s a long list after that) :

 

2012-03-01 13:27:44,341: [main] ERROR DefaultLdapFactory.create(109) -  - unabled to connect to the ldap

javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1]

        at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3067)

        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013)

        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2815)

        at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2729)

        at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:296)

        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)

        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)

        at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)

        at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)

        at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)

        at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)

        at javax.naming.InitialContext.init(InitialContext.java:223)

        at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)

        at edu.vt.middleware.ldap.handler.DefaultConnectionHandler.connectInternal(DefaultConnectionHandler.java:134)

        at edu.vt.middleware.ldap.handler.AbstractConnectionHandler.connect(AbstractConnectionHandler.java:156)

        at edu.vt.middleware.ldap.AbstractLdap.connect(AbstractLdap.java:1006)

        at edu.vt.middleware.ldap.pool.DefaultLdapFactory.create(DefaultLdapFactory.java:106)

        at edu.vt.middleware.ldap.pool.DefaultLdapFactory.create(DefaultLdapFactory.java:28)

        at edu.vt.middleware.ldap.pool.AbstractLdapPool.createAvailable(AbstractLdapPool.java:212)

        at edu.vt.middleware.ldap.pool.AbstractLdapPool.initializePool(AbstractLdapPool.java:155)

        at edu.vt.middleware.ldap.pool.AbstractLdapPool.initialize(AbstractLdapPool.java:128)

        at edu.internet2.middleware.subject.provider.LdapSourceAdapter.initializeLdap(LdapSourceAdapter.java:237)

        at edu.internet2.middleware.subject.provider.LdapSourceAdapter.init(LdapSourceAdapter.java:120)

        at edu.internet2.middleware.subject.provider.SourceManager.loadSource(SourceManager.java:175)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

        at java.lang.reflect.Method.invoke(Method.java:597)

        at org.apache.commons.beanutils.MethodUtils.invokeMethod(MethodUtils.java:216)

        at org.apache.commons.digester.SetNextRule.end(SetNextRule.java:216)

        at org.apache.commons.digester.Rule.end(Rule.java:230)

        at org.apache.commons.digester.Digester.endElement(Digester.java:1130)

        at org.apache.xerces.parsers.AbstractSAXParser.endElement(Unknown Source)

        at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanEndElement(Unknown Source)

        at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown Source)

        at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)

        at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)

        at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)

        at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)

        at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)

        at org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown Source)

        at org.apache.commons.digester.Digester.parse(Digester.java:1666)

        at edu.internet2.middleware.subject.provider.SourceManager.parseConfig(SourceManager.java:210)

        at edu.internet2.middleware.subject.provider.SourceManager.init(SourceManager.java:147)

        at edu.internet2.middleware.subject.provider.SourceManager.<init>(SourceManager.java:91)

        at edu.internet2.middleware.subject.provider.SourceManager.getInstance(SourceManager.java:101)

        at edu.internet2.middleware.grouper.misc.GrouperStartup.startup(GrouperStartup.java:86)

        at edu.internet2.middleware.grouper.app.gsh.GrouperShell.main(GrouperShell.java:136)

        at edu.internet2.middleware.grouper.app.gsh.GrouperShellWrapper.main(GrouperShellWrapper.java:16)

 

 

Sébastien Gagné,     | Analyste en informatique

514-343-6111 x33844  | Université de Montréal,

                     | Pavillon Roger-Gaudry, local X-100-11

 




Archive powered by MHonArc 2.6.16.

Top of Page