Link to home
Create AccountLog in
Avatar of cofactor
cofactor

asked on

LDAP authentication failure

I'm following this LDAP authentication code

LDAP Authentication code

replaced parameters with my own parameters to authenticate  with OpenLDAP 2.4.31


public static void main(String[] args)
	{
		String username = "jsmith";
		String password = "password@123"; 
		String base = "ou=people,dc=nodomain";
		String dn = "uid=" + username + "," + base;
		String ldapURL = "ldap://xx.xx.xx.xx:389";

		// Setup environment for authenticating
		
		Hashtable<String, String> environment = 
			new Hashtable<String, String>();
		environment.put(Context.INITIAL_CONTEXT_FACTORY,
				"com.sun.jndi.ldap.LdapCtxFactory");
		environment.put(Context.PROVIDER_URL, ldapURL);
		environment.put(Context.SECURITY_AUTHENTICATION, "simple");
		environment.put(Context.SECURITY_PRINCIPAL, dn);
		environment.put(Context.SECURITY_CREDENTIALS, password);

		try
		{
			DirContext authContext = 
				new InitialDirContext(environment);
			System.out.println("authentication success!");
			
			// user is authenticated
			
		}
		catch (AuthenticationException ex)
		{
			System.out.println("authentication failed!");   // I'm getting this print
			// Authentication failed

		}
		catch (NamingException ex)
		{
			ex.printStackTrace();
		}
	}
}

Open in new window


I am getting authentication failure message . ..what I'm doing wrong ?  ..unable to find the root cause.
Do I need to send password encrypted  ?
Avatar of cofactor
cofactor

ASKER

comments please
Avatar of Gaurav Singh
What is the error you are getting ? Can you please share the logs?
You might get more useful information with ex.printStackTrace();
directory structure :
User generated image
OpenLDAP admin DN :  cn=admin,dc=nodomain
admin password:  root@123

When I added  this user via ldif file content was like this : ( note the userPassword)

dn: cn=S K Das,ou=people,dc=nodomain
objectclass: inetOrgPerson
cn: S K Das
sn: skda
uid: skdas
userPassword: daSsk
carlicense: ABCD 123
homephone: 123-111-2456
mail: skdas1@nodomain.com
mail: skdas2@nodomain.com
mail: skdas3@nodomain.com
description: swell guy
ou: Human Resources

Open in new window


Here is my LDAP search code in java

public static void main(String[] args)
	{
		 String username = "skdas";
		 String password = "daSsk";
		 String base = "cn=S K Das,ou=people,dc=nodomain";

		String dn = "uid=" + username + "," + base;
		String ldapURL = "ldap://xx.xx.xx.xxx:389";

		// Setup environment for authenticating
		
		Hashtable<String, String> environment = 
			new Hashtable<String, String>();
		environment.put(Context.INITIAL_CONTEXT_FACTORY,
				"com.sun.jndi.ldap.LdapCtxFactory");
		environment.put(Context.PROVIDER_URL, ldapURL);
		environment.put(Context.SECURITY_AUTHENTICATION, "simple");
		environment.put(Context.SECURITY_PRINCIPAL, dn);
		environment.put(Context.SECURITY_CREDENTIALS, password);

		try
		{
			DirContext authContext = 
				new InitialDirContext(environment);
			System.out.println("authentication success!");
			
			// user is authenticated
			
		}
		catch (AuthenticationException ex)
		{
			ex.printStackTrace();
			System.out.println("authentication failed!");
			// Authentication failed

		}
		catch (NamingException ex)
		{
			ex.printStackTrace();
		}
	}
	

Open in new window



Error:
StackTrace :
	
javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]
	at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
	at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)
	at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)
	at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)
	at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)
	at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)
	at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
	at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
	at javax.naming.InitialContext.init(Unknown Source)
	at javax.naming.InitialContext.<init>(Unknown Source)
	at javax.naming.directory.InitialDirContext.<init>(Unknown Source)
	at com.techm.bm.LdapConnect.main(LdapConnect.java:96)
authentication failed!

Open in new window




What I am doing wrong ?
ASKER CERTIFIED SOLUTION
Avatar of CEHJ
CEHJ
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
try

environment.put(Context.SECURITY_PRINCIPAL, base);

Open in new window


okay....verified now.

It prints authentication success!


But  there is no  username in  base ..right ?  

Is not we do authenticate username with its password ?

What is to do now ?
The username is cn is it not? I mean - you tell me - i told you i didn't do LDAP ;)
The username is cn is it not?

as per my understanding username is  uid  which  is  skdas  in this example

correct me if I'm wrong.