3

我在尝试提交登录表单时收到以下信息。有谁知道这是什么原因?谢谢。

2012-10-13 13:11:46.300:INFO:oejpjs.LdapLoginModule:Searching for users with filter: '(&(objectClass={0})({1}={2}))' from base dn: ou=people,dc=my-domain,dc=com
2012-10-13 13:11:46.307:INFO:oejpjs.LdapLoginModule:Found user?: true
2012-10-13 13:11:46.311:WARN:oejpj.JAASLoginService:
javax.security.auth.login.LoginException: Login Failure: all modules ignored
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:921)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at org.eclipse.jetty.plus.jaas.JAASLoginService.login(JAASLoginService.java:238)
at org.eclipse.jetty.security.authentication.FormAuthenticator.validateRequest(FormAuthenticator.java:209)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:491)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1072)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:382)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1006)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:255)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:154)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
at org.eclipse.jetty.server.Server.handle(Server.java:365)
at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:485)
at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpConnection.java:937)
at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.content(AbstractHttpConnection.java:998)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:856)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:627)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:51)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
at java.lang.Thread.run(Thread.java:680)

FWIW 这是一些外围配置:

码头.xml:

<?xml version="1.0"?>
<Configure>
    <Call name="addBean">
        <Arg>
            <New class="org.eclipse.jetty.plus.jaas.JAASLoginService">
                <Set name="name">ldap</Set>
                <Set name="loginModuleName">ldaploginmodule</Set>
            </New>
        </Arg>
    </Call>
</Configure>

ldap.conf:

ldaploginmodule {
    org.eclipse.jetty.plus.jaas.spi.LdapLoginModule required
    debug="true"
    contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
    hostname="localhost"
    port="389"
    bindDn="cn=Manager,dc=my-domain,dc=com"
    bindPassword="secret"
    authenticationMethod="simple"
    forceBindingLogin="false"
    userBaseDn="ou=people,dc=my-domain,dc=com"
    userRdnAttribute="uid"
    userIdAttribute="uid"
    userPasswordAttribute="userPassword"
    userObjectClass="inetOrgPerson"
    roleBaseDn="ou=groups,dc=my-domain,dc=com"
    roleNameAttribute="cn"
    roleMemberAttribute="uniqueMember"
    roleObjectClass="groupOfUniqueNames";
};
4

3 回答 3

3

我遇到了完全相同的问题。我在这里找到的解决方法是forceBindingLogin将."true"ldap.conf

我希望我对此有一个明确的解释:-(

于 2015-01-04T07:22:07.613 回答
0

您是否完全按照此处的说明进行操作?

http://wiki.eclipse.org/Jetty/Feature/JAAS

一个快速的区别是:

<Set name="[L]oginModuleName">ldaploginmodule</Set>

另外,您是否使用了指向文件实际位置的正确 cli 选项?

-Djava.security.auth.login.config=ldap.conf

于 2012-10-16T16:40:13.397 回答
0

创建系统用户并为 /content 文件夹分配所有权限后,它工作正常。

于 2021-07-19T04:55:50.027 回答