我遇到了一个完整的谜团。我有一个基于Spring的Web应用程序,可以针对Active Directory对用户进行身份验证。在一个且只有一个服务器(PROD,其他地方,对吗?)上,它无法提取用户信息:
引起:javax.naming.AuthenticationException:[LDAP:错误代码49 - 80090308:LdapErr:DSID-0C0903A9,评论:AcceptSecurityContext错误,数据775,v1db1 \ x00] at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3087)
这显然不是一个帐户问题,虽然它看起来像一个。我使用自己的凭据,它们适用于桌面登录(SSO)以及在不同环境中运行的此应用程序的所有其他实例。据我所知,Spring AD也已正确配置:
System.FormatException: One of the identified items was in an invalid format.
at Xamarin.Components.Ide.Activation.ActivationService.GetErrorWorkflow(LicenseSyncResult[] results, Boolean ignoreSyncErrors)
at Xamarin.Components.Ide.Activation.ActivationService.<GenerateFullWorkflowSequence>d__100.MoveNext()
at Xamarin.Components.Ide.Activation.ActivationDialog.DisplayWorkflowStep(ActivationWorkflowStep step)
at Xamarin.Components.Ide.Activation.ActivationDialog.<>c__DisplayClass11.<StartSpinnerTaskAndScheduleContinuation>b__12(Task t)
所以对我而言,问题就在于那个单一的盒子。有人过去见过这种行为吗?非常感谢任何帮助。
我甚至最终使用来自PROD的相同ISO映像构建VM,以验证我是否可以重现错误。它像魅力一样工作 - 我能够登录并且没有身份验证异常......看起来就像是一个特定的盒子(PROD),我在那里得到了有效(未锁定)用户的“用户锁定”错误。
如果需要,这是版本信息: RHEL 6.3 雄猫6 Java 1.7.09 Spring Security 4.0.3.RELEASE
答案 0 :(得分:0)
Solution turned out to be very easy. It was not a technical issue, but a people issue. Before the deployment, the spring context in the WAR file was modified to point to the test version of Active Directory by an anonymous well-wisher. The properties file was the same, pointing to the prod AD, but context config XML itself was changed... Someone has a very good sense of humor....