[Users] LDAP SimpleAuthentication issue.

Sharad Mishra snmishra at linux.vnet.ibm.com
Fri Feb 24 19:19:09 UTC 2012 

Hi,
	I am new to ovirt and LDAP. Looking at adding support for Tivoli
Directory Server. Here is a small java/jndi program (not using Spring
LDAP) that takes IBM  intranet Id and searches the directory to return
IBM serial number. 

*********
                Hashtable env = new Hashtable();
                env.put("java.naming.factory.initial",
                                "com.sun.jndi.ldap.LdapCtxFactory");
                env.put("java.naming.factory.url.pkgs", "com.ibm.jndi");
                env.put("java.naming.provider.url",
"ldap://<ldap-server>:389");

                String dn = null;
                try{
                        InitialDirContext dirContext = new
InitialDirContext(env);

                        SearchControls constraints = new
SearchControls();
                        String[] attr = new String[] {"uid"};

constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
                        constraints.setReturningAttributes(attr);

                        NamingEnumeration ne =
dirContext.search("ou=<ldpap-server-name>,o=ibm.com",
                                "(mail=" + intranetID + ")",
constraints);

**************

	But when I try to use
org.ovirt.engine.core.utils.ipa.SimpleAuthenticationCheck.java, I get a
"javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid
Credentials]"

I am issuing - ldapTemplate.search("", "", contextMapper);

Where contextMapper is RHDSUserContextMapper and
screenshots of ldapTemplate are attached.

There may be issues with the way I have setup filter and baseDN; but
that should not give AuthEx. At this time I am looking for ways to get
rid of authentication exception. Also, when using simple authentication,
why do I need to give password? I can run "ldapsearch -LLL
"(mail=<intranetID>)" -h <ldap-server>:389 -x" without password to give
me expected results.

Thanks
Sharad Mishra
IBM




-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot1.jpg
Type: image/jpeg
Size: 58228 bytes
Desc: not available
URL: <http://lists.ovirt.org/pipermail/users/attachments/20120224/9971d56e/attachment-0002.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screenshot2.jpg
Type: image/jpeg
Size: 51786 bytes
Desc: not available
URL: <http://lists.ovirt.org/pipermail/users/attachments/20120224/9971d56e/attachment-0003.jpg>

More information about the Users mailing list