本文介绍了CAS AD LDAP 32错误的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

当我尝试使用通过LDAP对AD进行身份验证的CAS登录时,我会看到此消息.

I am seeing this when I try to login with CAS which is authenticating against AD over LDAP.

SEVERE: Servlet.service() for servlet cas threw exception
javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001E5, problem 2001 (NO_OBJECT), data 0, best match of:
    ''
]; remaining name '/'
    at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3092)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820)
    at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1829)
    at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1752)
    at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338)
    at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:257)
    at org.springframework.ldap.core.LdapTemplate$3.executeSearch(LdapTemplate.java:231)
    at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:293)
    at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:237)
    at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:588)
    at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:546)
    at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:401)
    at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:421)
    at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:441)

到目前为止,我已通过BindLdapAuthenticationHandler进行身份验证,已解决,它生成了查询生成器,然后将其扔了.

Up to that point I was authenticated by the BindLdapAuthenticationHandler, resolved, it generated a query builder and then threw this.

我认为尝试获取属性时失败.为什么是remaining name '/'?

I think it is failing when it is trying to get attributes back. Why is the remaining name '/'?

推荐答案

其余名称是DN的一部分,而该名称在DIT的特定级别上实际上并未找到.例如,当您搜索cn=johns,ou=marketing,dc=example,dc=comou=marketing,dc=example,dc=com存在但cn=johnsou=marketing内部不存在时,则剩余名称将为cn=johns.

Remaining name is a part of a DN that wasn't actually found at a certain level of a DIT. For example when you search cn=johns,ou=marketing,dc=example,dc=com and ou=marketing,dc=example,dc=com exists but cn=johns does not exists inside of ou=marketing then the remaning name would be cn=johns.

'/'看起来不是有效的RDN.我建议您验证您通过的搜索基础.很有可能是无效的DN字符串.

'/' does not look like a valid RDN. I would recommend to verify what you pass as a search base. Most likely it's an invalid DN string.

这篇关于CAS AD LDAP 32错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-22 20:14
查看更多