I'm using the spring-security-ldap:2.0-RC2 plugin with Grails 2.3.2. I'm trying to connect to an Active Directory server. I've configured the plugin as follows in config.groovy
grails.plugins.springsecurity.ldap.context.server = 'ldap://[ip]:389'
grails.plugins.springsecurity.ldap.context.managerDn = '[DN]'
grails.plugins.springsecurity.ldap.context.managerPassword = '[password]'
grails.plugins.springsecurity.ldap.authorities.ignorePartialResultException = true
grails.plugins.springsecurity.ldap.authorities.retrieveDatabaseRoles = true
grails.plugins.springsecurity.ldap.search.filter = '(sAMAccountName={0})'
grails.plugins.springsecurity.ldap.search.base = [searchbase]
grails.plugins.springsecurity.ldap.search.searchSubtree = true
grails.plugins.springsecurity.ldap.auth.hideUserNotFoundExceptions = false
grails.plugins.springsecurity.ldap.search.attributesToReturn = ['name', 'mail']
I get a connection error. However, the connection is listed as localhost:389, not the AD server I've specified.
Caused by CommunicationException: localhost:389; nested exception is
javax.naming.CommunicationException: localhost:389 [Root exception is java.net.ConnectException:
Connection refused: connect]
->> 76 | attemptAuthentication in
grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 49 | doFilter in ''
| 82 | doFilter . . . . . . in
grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter
| 1145 | runWorker in java.util.concurrent.ThreadPoolExecutor
| 615 | run . . . . . . . . . in java.util.concurrent.ThreadPoolExecutor$Worker
^ 745 | run in java.lang.Thread
Note: I've tried connecting (in a separate Groovy project) with Groovy-Ldap.jar I make a connection with:
ldap = LDAP.newInstance('ldap://[ip]:389', '[DN]', '[password]')
and this works fine. I can connect to the AD. Any idea what can be wrong and why localhost:389 is tried and the AD I specified?
Note: in my Grails project I am using a ProxySettings.groovy file with several entries in http.nonProxyHosts (all servers that need to be accessed in the internal network). I've tried including the AD server in the nonProxyHosts but this makes no difference.
Regards,
Jan-Willem Klomp
You should be getting a warning in the output telling you that you're using grails.plugins.springsecurity
as the property prefix but that it's been changed in 2.0 to grails.plugin.springsecurity
. Your custom properties are being ignored and only the defaults are being used.