Problem with LDAP, seemingly issue with commas

Jason_Legate · March 20, 2007, 10:49pm

I’‘m having a problem with authenticating against LDAP, the CN for all our users has a comma, and I’'m getting an exception in my debug.log. Snips are shown below. The first section of debug.log is me logging into the web interface. The second section is trying to log into the jabber interface.

~~-debug.log~~-

2007.03.20 14:51:40 Trying to find a user’'s DN based on their username. sAMAccountName: jlegate, Base DN: dc=visalia,dc=******,dc=tv…

2007.03.20 14:51:40 Creating a DirContext in LdapManager.getContext()…

2007.03.20 14:51:40 Created hashtable with context values, attempting to create context…

2007.03.20 14:51:40 … context created successfully, returning.

2007.03.20 14:51:40 Starting LDAP search…

2007.03.20 14:51:40 … search finished

2007.03.20 14:51:40 In LdapManager.checkAuthentication(userDN, password), userDN is: CN=“Legate, Jason”,OU=“San Francisco”…

2007.03.20 14:51:40 Created context values, attempting to create context…

2007.03.20 14:51:40 … context created successfully, returning.

2007.03.20 14:51:40 Ignoring extra content {}

2007.03.20 14:52:30 Trying to find a user’'s DN based on their username. sAMAccountName: jlegate, Base DN: dc=visalia,dc=******,dc=tv…

2007.03.20 14:52:30 Creating a DirContext in LdapManager.getContext()…

2007.03.20 14:52:30 Created hashtable with context values, attempting to create context…

2007.03.20 14:52:30 … context created successfully, returning.

2007.03.20 14:52:30 Starting LDAP search…

2007.03.20 14:52:30 … search finished

2007.03.20 14:52:30 In LdapManager.checkAuthentication(userDN, password), userDN is: CN=“Legate, Jason”,OU=“San Francisco”…

2007.03.20 14:52:30 Created context values, attempting to create context…

2007.03.20 14:52:31 Created context values, attempting to create context…

2007.03.20 14:52:31 Caught a naming exception when creating InitialContext

javax.naming.AuthenticationException: LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece

at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2985)

at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931)

at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2732)

at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2646)

at com.sun.jndi.ldap.LdapCtx.(InitialDirContext.java:82)

at org.jivesoftware.wildfire.ldap.LdapManager.checkAuthentication(LdapManager.java :456)

at org.jivesoftware.wildfire.ldap.LdapAuthProvider.authenticate(LdapAuthProvider.j ava:98)

at org.jivesoftware.wildfire.auth.AuthFactory.authenticate(AuthFactory.java:149)

at org.jivesoftware.wildfire.net.SASLAuthentication.doPlainAuthentication(SASLAuth entication.java:437)

at org.jivesoftware.wildfire.net.SASLAuthentication.handle(SASLAuthentication.java :195)

at org.jivesoftware.wildfire.net.StanzaHandler.process(StanzaHandler.java:141)

at org.jivesoftware.wildfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:131)

at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:703)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:362)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:54)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:800)

at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:62)

at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:192)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:362)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:54)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:800)

at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :250)

at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:305)

at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java: 650)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:675)

at java.lang.Thread.run(Thread.java:595)

~~-wildfire.xml~~-

…

Anyone have any ideas how to fix this? Or at least seen it before and could maybe provide another point of view?

Thanks,

Jason

Bill1 · March 21, 2007, 6:51pm

Replace the commas with semi-colons

<baseDN>dc=visalia;dc=******;dc=tv</baseDN>

And why do you have an alernate DN setup that points to the same DN? I would remove it, but I cant tell if it is exact because of the masking.

Jason_Legate · March 21, 2007, 7:18pm

I tried semicolons, didn’'t work. BUT… I found out that Pandion version 2.5 is sending the wrong password, and that seems to be the issue. I switched clients to Exodus, and it works fine.

Thanks for the response,

Jason