LDAP Spring Security Authentication Error: code 32 - 0000208D: NameErr: DSID-0310021B, problem 2001 (NO_OBJECT), data 0, best match of #24623
Description
I am trying to authenticate a user (in Active Directory) from a user login web page. Authentication code below failed with error code code 32 - 0000208D
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
@Override
public void configure(AuthenticationManagerBuilder auth) throws Exception
{
String bUrl="ldaps://ldaps.bell.corp.bce.ca:666";
String bManagerDn="CN=mgr-id,OU=Bell Users,OU=Bell,OU=Business Units,DC=bell,DC=corp,DC=bce,DC=ca";
String bManagerPassword="MgrPassword";
String bSerSearchBase="OU=Bell Users,OU=Bell,OU=Business Units,DC=bell,DC=corp,DC=bce,DC=ca";
try {
auth
.ldapAuthentication()
.contextSource()
.url(bUrl)
.managerDn(bManagerDn)
.managerPassword(bManagerPassword)
.and()
.userSearchBase(bSerSearchBase)
.userSearchFilter("(sAMAccountName={0})");
} catch (Exception e) {
logger.info("********* AuthenticationManagerBuilder EXCEPTION !!!!!!! ********* " );
throw new BeanInitializationException("Security configuration failed", e);
}
''''''
}
Errors:
09:27:11.051 [http-nio-8079-exec-1] DEBUG org.springframework.security.ldap.SpringSecurityLdapTemplate - Using filter: (uniqueMember=cn=tu.john,ou=Bell Users,ou=Bell,ou=Business Units,dc=bell,dc=corp,dc=bce,dc=ca)
09:27:11.298 [http-nio-8079-exec-1] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - Did not store empty SecurityContext
09:27:11.298 [http-nio-8079-exec-1] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - Cleared SecurityContextHolder to complete request
09:27:11.299 [http-nio-8079-exec-1] ERROR org.apache.catalina.core.ContainerBase.[Tomcat].[localhost].[/].[dispatcherServlet] - Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception
org.springframework.ldap.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-0310021B, problem 2001 (NO_OBJECT), data 0, best match of: '' ]; nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-0310021B, problem 2001 (NO_OBJECT), data 0, best match of: '' ]; remaining name ''
at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:183) ~[spring-ldap-core-2.3.3.RELEASE.jar:2.3.3.RELEASE]
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:376) ~[spring-ldap-core-2.3.3.RELEASE.jar:2.3.3.RELEASE]
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:328) ~[spring-ldap-core-2.3.3.RELEASE.jar:2.3.3.RELEASE]
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:629) ~[spring-ldap-core-2.3.3.RELEASE.jar:2.3.3.RELEASE]
at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:570) ~[spring-ldap-core-2.3.3.RELEASE.jar:2.3.3.RELEASE]
at org.springframework.security.ldap.SpringSecurityLdapTemplate.searchForMultipleAttributeValues(SpringSecurityLdapTemplate.java:197) ~[spring-security-ldap-5.4.2.jar:5.4.2]
at org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator.getGroupMembershipRoles(DefaultLdapAuthoritiesPopulator.java:223) ~[spring-security-ldap-5.4.2.jar:5.4.2]
at org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator.getGrantedAuthorities(DefaultLdapAuthoritiesPopulator.java:203) ~[spring-security-ldap-5.4.2.jar:5.4.2]
at org.springframework.security.ldap.authentication.LdapAuthenticationProvider.loadUserAuthorities(LdapAuthenticationProvider.java:197) ~[spring-security-ldap-5.4.2.jar:5.4.2]
at org.springframework.security.ldap.authentication.AbstractLdapAuthenticationProvider.authenticate(AbstractLdapAuthenticationProvider.java:83) ~[spring-security-ldap-5.4.2.jar:5.4.2]
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182) ~[spring-security-core-5.4.2.jar:5.4.2]