directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <kayyag...@apache.org>
Subject Re: sasl authentication problem.
Date Tue, 03 Feb 2015 15:28:57 GMT
On Tue, Feb 3, 2015 at 7:26 PM, 최규우 <apple@paio.co.kr> wrote:

> Hello apacheds users.
>
> I'm getting "INVALID_CREDENTIALS : DIGEST-MD5: cannot acquire password for
> uid=admin in realm : example.com" error when I try to authenticate by
> DIGEST-MD5 (SASL).
>
> steps I've done is here.
>
> * ON SERVER
> SASL Host : (server ip address)
> SASL Principal : ldap/(server ip address)@EXAMPLE.COM
> Search Base Dn : ou=users,dc=example,dc=com
>
> AND
>
>
> ads-enabled=FALSE,ads-pwdId=default,ou=passwordPolicies,ads-interceptorId=authenticationInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
>
>
> ads-enabled=FALSE,ads-interceptorId=passwordHashingInterceptor,ou=interceptors,ads-directoryServiceId=default,ou=config
>
>
> THEN ON CLIENT
>
> Authentication Method
> DIGEST-MD5 (SASL)
>
> Bind DN or user : uid=admin
> Bind password ****
>
> SASL Setting
> SASL Realm : example.com
> Quality of protection : authentication only
> protection strength : high
>
>
> for sure there is the user  "uid=admin,ou=users,dc=exmaple,dc=com".
>
> what did I wrong? I have no problem logging in by simple authentication.
> any suggestion?
>
make sure the password is stored in plain text and make sure the IP address
/ hostname
used in the client is same as the one in SAML principal

>
>
> --
>
>
> KyuWoo Choi
> PAIO co.,ltd.
> www.paio.co.kr
> apple@paio.co.kr
> TEL : 070-8621-0707
> MO : 010-2834-2335
> FAX : 02-6919-9010
> SNS : www.facebook.com/paiofarm
>



-- 
Kiran Ayyagari
http://keydap.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message