我配置了jasig CAS
具有多个 ldap
服务器和数据库身份验证。
我的认证顺序是 ldap1-->ldap2-->DataBase
. 意外地 ldap1
服务器因某种原因关闭。因此,没有一个用户能够登录到应用程序。
请告知如何处理这种情况。cas服务器版本3.6.0
这是deployerconfigcontext.xml的配置
<bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"
p:filter="sAMAccountName=%u"
p:searchBase="*.*"
p:contextSource-ref="contextSource"
p:ignorePartialResultException="true" >
<property name="ldapErrorDefinitions">
<list>
<bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
p:ldapPattern="data 530"
p:type="badHours" />
<bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
p:ldapPattern="data 533"
p:type="accountDisabled" />
<bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
p:ldapPattern="data 773"
p:type="mustChangePassword" />
<bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
p:ldapPattern="data 775"
p:type="accountLocked" />
<bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
p:ldapPattern="data 531"
p:type="badWorkstation" />
<bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
p:ldapPattern="data (701|532)"
p:type="passwordExpired" />
</list>
</property>
</bean>
<bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"
p:filter="sAMAccountName=%u"
p:searchBase="*.*"
p:contextSource-ref="contextSource1"
p:ignorePartialResultException="true" >
<property name="ldapErrorDefinitions">
<list>
<bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
p:ldapPattern="data 530"
p:type="badHours" />
<bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
p:ldapPattern="data 533"
p:type="accountDisabled" />
<bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
p:ldapPattern="data 773"
p:type="mustChangePassword" />
<bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
p:ldapPattern="data 775"
p:type="accountLocked" />
<bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
p:ldapPattern="data 531"
p:type="badWorkstation" />
<bean class="org.jasig.cas.adaptors.ldap.LdapErrorDefinition"
p:ldapPattern="data (701|532)"
p:type="passwordExpired" />
</list>
</property>
</bean>
<!-- This AuthenticationHandlers for Database -->
<bean class="com.ls.authentication.DBAuthenticationHandler">
<property name="dataSource" ref="dataSource" />
<property name="sql" value="${dbCredentialSql}" />
</bean>
<bean id="contextSource1" class="org.springframework.ldap.core.support.LdapContextSource">
<!-- DO NOT enable JNDI pooling for context sources that perform LDAP bind operations. -->
<property name="pooled" value="false"/>
<property name="url" value="ldap://x.x.x.x" /> <!-- AD ip address or url -->
<property name="userDn" value="*.*"/> <!-- username exist in AD -->
<property name="password" value="*.*"/> <!-- password of user in AD -->
<!-- Place JNDI environment properties here. -->
<property name="baseEnvironmentProperties">
<map>
<!-- Three seconds is an eternity to users. -->
<entry key="com.sun.jndi.ldap.connect.timeout" value="30000" />
<entry key="com.sun.jndi.ldap.read.timeout" value="30000" />
<!-- Explained at http://docs.oracle.com/javase/jndi/tutorial/ldap/security/auth.html -->
<entry key="java.naming.security.authentication" value="simple" />
</map>
</property>
</bean>
<bean id="contextSource" class="org.springframework.ldap.core.support.LdapContextSource">
<!-- DO NOT enable JNDI pooling for context sources that perform LDAP bind operations. -->
<property name="pooled" value="false"/>
<property name="url" value="ldap://x.x.x." /> <!-- AD ip address or url -->
<property name="userDn" value="*******"/> <!-- username exist in AD -->
<property name="password" value="******"/> <!-- password of user in AD -->
<property name="baseEnvironmentProperties">
<map>
<!-- Three seconds is an eternity to users. -->
<entry key="com.sun.jndi.ldap.connect.timeout" value="30000" />
<entry key="com.sun.jndi.ldap.read.timeout" value="30000" />
<!-- Explained at http://docs.oracle.com/javase/jndi/tutorial/ldap/security/auth.html -->
<entry key="java.naming.security.authentication" value="simple" />
</map>
</property>
</bean>
暂无答案!
目前还没有任何答案,快来回答吧!