Spring Boot Security call to LDAP

0
votes

trying to implement official tutorial from Spring on how to connect to Active directory

but getting this type of errors all the time

Uncategorized exception occured during LDAP processing; nested exception is javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C09075A, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v1db1]; remaining name 'uid=UserName,OU=users,DC=ad,DC=corpName,DC=com'

my entire web security class looks like this at the moment 

@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .anyRequest().fullyAuthenticated()
                .and()
                .formLogin();
    }

    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth
                .ldapAuthentication()
                .userDnPatterns("uid={0},OU=users,DC=ad,DC=corpName,DC=com")
//                .userSearchFilter("(sAMAccountName={0})")
//                .userSearchBase("DC=ad,DC=corpName,DC=com")
                .groupSearchBase("ou=users")
//                .groupSearchFilter("member={0}")
                .contextSource()
                    .url("ldap://ad.corpName.com")
                    .and()
                .passwordCompare()
                    .passwordEncoder(new LdapShaPasswordEncoder())
                    .passwordAttribute("userPassword");
    }


}

can you help me understand what i'm doing wrong ?

1
javaspringldap

1 Answers

1
votes

LDAP Error: DSID-0C09075A means that your LDAP server requires an authenticated user(binding) to perform a search. To authenticate, your AuthenticationManagerBuilder needs to look like this:

@Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth
                .ldapAuthentication()
                .userDnPatterns("uid={0},OU=users,DC=ad,DC=corpName,DC=com")
                .managerDn(<bindDn>)
                .managerPassword(<bindPassword>
                .groupSearchBase("ou=users")
//                .groupSearchFilter("member={0}")
                .contextSource()
                    .url("ldap://ad.corpName.com")
                    .and()
                .passwordCompare()
                    .passwordEncoder(new LdapShaPasswordEncoder())
                    .passwordAttribute("userPassword");
    }

Notice the .managerDn() and .managerPassword()