1
votes

I am developing an API using spring boot which will authenticate a user and password against our company's AD. I tired the sample example of embeding the LDAP test server and it works perfectly fine. However, whenever I am trying to connect to our LDAP server I see the below error message .

This is what I am doing.

protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth
            .ldapAuthentication()
            .userDnPatterns("uid={0},ou=people")
            .groupSearchBase("ou=groups")
            .contextSource()
                .url("ldap://<company AD server>/dc=springframework,dc=org")
                .and()
            .passwordCompare()
                .passwordEncoder(new LdapShaPasswordEncoder())
                .passwordAttribute("userPassword");

Error message:-

An internal error occurred while trying to authenticate the user. org.springframework.security.authentication.InternalAuthenticationServiceException: Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1]

I am not sure where I am going wrong . I tried googling around but no luck. I am using eclipse with spring security.

1

1 Answers

0
votes

You need to configure a user that is allowed to read the LDAP server.

In your AuthenticationConfiguration you are just defining the URL of the LDAP server but no user which would be allowed to execute a search and read from there.

.contextSource()
        .url("ldaps://<ap-ldap-server>")
        .port(639)
        .managerDn("cn=binduser,ou=users,dc=ap,dc=domain,dc=com")
        .managerPassword("some pass")

Read this answer What login name to use for Spring LDAP authentication for how to define manager connection