LDAP: error code 49 – 80090308: LdapErr: DSID-0C090446, comment: AcceptSecurityContext error, data 52e, v2580 – using Spring tools

huangapple go评论120阅读模式
英文:

LDAP: error code 49 - 80090308: LdapErr: DSID-0C090446, comment: AcceptSecurityContext error, data 52e, v2580 - using Spring tools

问题

你好,我正在使用以下代码来在托管在Tomcat上的Spring工具中对应用程序进行身份验证。

这是我正在运行的代码:

    package com.pp.portal;
    
    import java.io.File;
    import java.io.InputStream;
    import org.springframework.context.annotation.Configuration;
    import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
    import org.springframework.security.config.annotation.web.builders.HttpSecurity;
    import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
    import org.springframework.util.FileCopyUtils;
    
    @Configuration
    public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    	
    	@Override
    	protected void configure(HttpSecurity http) throws Exception {
    	    http
    	      .authorizeRequests()
    	        .anyRequest().fullyAuthenticated()
    	        .and()
    	      .formLogin();
    	}
    
    	@Override
    	public void configure(AuthenticationManagerBuilder auth) throws Exception {
    		File jks = File.createTempFile("cacerts", "jks");
    	    jks.deleteOnExit();
    	        
    	    try (InputStream fromJks = WebSecurityConfig.class.getResource("/cacerts.jks").openStream()) {
    	        FileCopyUtils.copy(FileCopyUtils.copyToByteArray(fromJks), jks);
    	    }
    	 
    	    System.setProperty("javax.net.ssl.trustStore", jks.getPath());
    	    System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
    	      
    		auth
    	        .ldapAuthentication()
    	        .userSearchFilter("(&(sAMAccountName={0})(memberOf=CN=SG_LoginHistoryApp_Operators,OU=Security*Groups*-*NEW,OU=Secured*Groups,OU=Administration,DC=Domain,DC=uk,DC=dc))")
    	        .contextSource()
    	        .url("ldaps://ldapserver.domain.uk.dc:636")
    	        .managerDn("CN=ldap,OU=Accounts,OU=Users,OU=Adapt,DC=Domain,DC=uk,DC=dc")
    	        .managerPassword("mangerPassword"); 
    	}
    }

这是我收到的错误:

    [LDAP: 错误代码 49 - 80090308: LdapErr: DSID-0C090446,注释:AcceptSecurityContext 错误,数据 52e,v2580];嵌套异常为 javax.naming.AuthenticationException: [LDAP: 错误代码 49 - 80090308: LdapErr: DSID-0C090446,注释:AcceptSecurityContext 错误,数据 52e,v2580]

我正在寻求解决此问题的建议,所使用的凭据对于登录的用户和帐户都是正确的。
英文:

Hello I am using the following code to authenticate an application in spring tools which is hosted on a Tomcat.

This is the code I am running:

package com.pp.portal;

import java.io.File;
import java.io.InputStream;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.util.FileCopyUtils;

@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
	
	@Override
	  protected void configure(HttpSecurity http) throws Exception {
	    http
	      .authorizeRequests()
	        .anyRequest().fullyAuthenticated()
	        .and()
	      .formLogin();
	  }

	  @Override
	  public void configure(AuthenticationManagerBuilder auth) throws Exception {
		  File jks = File.createTempFile("cacerts", "jks");
	        jks.deleteOnExit();
	        
	        try (InputStream fromJks = WebSecurityConfig.class.getResource("/cacerts.jks").openStream()) {
	            FileCopyUtils.copy(FileCopyUtils.copyToByteArray(fromJks), jks);
	        }
	 
	        System.setProperty("javax.net.ssl.trustStore", jks.getPath());
	        System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
	      
			auth
	        .ldapAuthentication()
	            .userSearchFilter("&(sAMAccountName={0})(memberOf=CN=SG_LoginHistoryApp_Operators,OU=Security*Groups*-*NEW,OU=Secured*Groups,OU=Administration,DC=Domain,DC=uk,DC=dc)")
	            .contextSource()
	                .url("ldaps://ldapserver.domain.uk.dc:636")
	                .managerDn("CN=ldap,OU=Accounts,OU=Users,OU=Adapt,DC=Domain,DC=uk,DC=dc")
	                .managerPassword("mangerPassword"); 

	  }
	 

}

This is the error I am getting back:

[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090446, comment: AcceptSecurityContext error, data 52e, v2580]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090446, comment: AcceptSecurityContext error, data 52e, v2580]

I am looking for suggestions on how to remedy this, credentials used are correct for both, user I am using to log in and account being used.

答案1

得分: 1

我有同样的问题和错误代码。
在我的情况下,用户的密码不再有效。有一个选项,密码在 x 天后会失效。你有检查过吗?

英文:

I had the same problem and error code.

In my case the password for the user was no more valid. There is an option that the passwords invalidate after x days. Did you check that?

huangapple
  • 本文由 发表于 2020年10月8日 23:23:51
  • 转载请务必保留本文链接:https://go.coder-hub.com/64265735.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定