jasig cas服务器

noj0wjuj  于 2021-06-30  发布在  Java
关注(0)|答案(0)|浏览(203)

我配置了jasig CAS 具有多个 ldap 服务器和数据库身份验证。
我的认证顺序是 ldap1-->ldap2-->DataBase . 意外地 ldap1 服务器因某种原因关闭。因此,没有一个用户能够登录到应用程序。
请告知如何处理这种情况。cas服务器版本3.6.0
这是deployerconfigcontext.xml的配置

<bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"
                p:filter="sAMAccountName=%u"
                p:searchBase="*.*"
                p:contextSource-ref="contextSource"
                p:ignorePartialResultException="true" >
                <property name="ldapErrorDefinitions">
                    <list>
                        <bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
                            p:ldapPattern="data 530"
                            p:type="badHours" />
                        <bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
                            p:ldapPattern="data 533"
                            p:type="accountDisabled" />
                        <bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
                            p:ldapPattern="data 773"
                            p:type="mustChangePassword" />
                        <bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
                            p:ldapPattern="data 775"
                            p:type="accountLocked" />
                        <bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
                            p:ldapPattern="data 531"
                            p:type="badWorkstation" />
                        <bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
                            p:ldapPattern="data (701|532)"
                            p:type="passwordExpired" />
                    </list>
                </property>
            </bean>

            <bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"
                p:filter="sAMAccountName=%u"
                p:searchBase="*.*"
                p:contextSource-ref="contextSource1"
                p:ignorePartialResultException="true" >
                <property name="ldapErrorDefinitions">
                    <list>
                        <bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
                            p:ldapPattern="data 530"
                            p:type="badHours" />
                        <bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
                            p:ldapPattern="data 533"
                            p:type="accountDisabled" />
                        <bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
                            p:ldapPattern="data 773"
                            p:type="mustChangePassword" />
                        <bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
                            p:ldapPattern="data 775"
                            p:type="accountLocked" />
                        <bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
                            p:ldapPattern="data 531"
                            p:type="badWorkstation" />
                        <bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
                            p:ldapPattern="data (701|532)"
                            p:type="passwordExpired" />
                    </list>
                </property>
            </bean>
            <!-- This AuthenticationHandlers for Database  -->

            <bean class="com.ls.authentication.DBAuthenticationHandler">
                <property name="dataSource" ref="dataSource" />
                <property name="sql" value="${dbCredentialSql}" />
            </bean>
    <bean id="contextSource1" class="org.springframework.ldap.core.support.LdapContextSource">
    <!-- DO NOT enable JNDI pooling for context sources that perform LDAP bind operations. -->
    <property name="pooled" value="false"/>

    <property name="url" value="ldap://x.x.x.x" />      <!-- AD ip address or url -->
    <property name="userDn" value="*.*"/>       <!-- username exist in AD  -->
    <property name="password" value="*.*"/>         <!-- password of user in AD -->

    <!-- Place JNDI environment properties here. -->
    <property name="baseEnvironmentProperties">
        <map>
            <!-- Three seconds is an eternity to users. -->
            <entry key="com.sun.jndi.ldap.connect.timeout" value="30000" />
            <entry key="com.sun.jndi.ldap.read.timeout" value="30000" />

            <!-- Explained at http://docs.oracle.com/javase/jndi/tutorial/ldap/security/auth.html -->
            <entry key="java.naming.security.authentication" value="simple" />
        </map>
    </property>
</bean>

<bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource">
    <!-- DO NOT enable JNDI pooling for context sources that perform LDAP bind operations. -->
    <property name="pooled" value="false"/>
    <property name="url" value="ldap://x.x.x." />       <!-- AD ip address or url -->
    <property name="userDn" value="*******"/>       <!-- username exist in AD  -->
    <property name="password" value="******"/>          <!-- password of user in AD -->
    <property name="baseEnvironmentProperties">
        <map>
            <!-- Three seconds is an eternity to users. -->
            <entry key="com.sun.jndi.ldap.connect.timeout" value="30000" />
            <entry key="com.sun.jndi.ldap.read.timeout" value="30000" />

            <!-- Explained at http://docs.oracle.com/javase/jndi/tutorial/ldap/security/auth.html -->
            <entry key="java.naming.security.authentication" value="simple" />
        </map>
    </property>
</bean>

暂无答案!

目前还没有任何答案,快来回答吧!

相关问题