Jan 18th, 2011, 09:54 PM
Use PasswordComparisonAuthenticator with Active Directory
Hello Guys, I'm a newbee to Spring, could anyone tell me if he/she had success with using PasswordComparisonAuthenticator with MS-AD with simple configuration ?
I kept getting org.springframework.ldap.NoSuchAttributeException (LDAP Error 16).
Jan 19th, 2011, 08:23 AM
The error you are getting seems to indicate that your ldap schema isn't the same as what you have configured within Spring Security. An example would be the passwordAttributeName defaults to userPassword. If this is not in your ldap schema, it will give an error similar to the one you are getting. My advice is to enable debugging and ensure that the queries that are logged out can be ran in a standard ldap tool. If they cannot be ran in the tool, Spring Security cannot run them either. For any queries that do not run, update your configuration as needed.
Jan 19th, 2011, 09:12 AM
Active directory doesn't store the password in a readable form, so I doubt if it supports an LDAP compare operation on the password attribute.
Therefore I'm pretty sure you can't use PasswordComparisonAuthenticator with AD.