Highlighted

LDAP Integration in AEM6.3 for application login

Naga_Seran

05-06-2018

Hi Team,

We are using LDAP to authenticate the application user (not AEM login authentication). We are in process of migrating from AEM 6.0 to AEM 6.3 and LDAP integration is not working and seeing below issue. Could you please help us on this.

Code:

@Override

    public void createUser(String inUserName, String inPassword, String inFirstName) throws NamingException {

    String userDN = getUserDn(inUserName);
  
    // User attributes to add to user when created in LDAP
    Attributes userAttributes = new BasicAttributes(true);

          
    setupDirectoryContext().bind(userDN, null, userAttributes);

    }

   

    /**

     * Get a reference to the directory context

     * @return boolean - true if validated, false otherwise

     * @throws NamingException

     */

     private DirContext setupDirectoryContext() throws NamingException {

   DirContext returnValue = null;
   Hashtable<String, String> environment;
   environment = new Hashtable<String, String>();
   environment.put(Context.INITIAL_CONTEXT_FACTORY, LdapCtxFactory.class.getName());
   environment.put(Context.PROVIDER_URL, this.providerUrl);
   environment.put(Context.SECURITY_PRINCIPAL, this.principal);
   environment.put(Context.SECURITY_CREDENTIALS, this.password);
   environment.put(Context.SECURITY_AUTHENTICATION, "simple");

   // Initialize the directory context with the environment variables
   returnValue = new InitialDirContext(environment);
  
    return returnValue;

    }

Error in logs:

javax.naming.NotContextException: Not an instance of DirContext

    at javax.naming.directory.InitialDirContext.getURLOrDefaultInitDirCtx(InitialDirContext.java:111)

    at javax.naming.directory.InitialDirContext.bind(InitialDirContext.java:177)

    at com.uhg.caregiver.repository.impl.LdapRepositoryImpl.createUser(LdapRepositoryImpl.java:143)

    at com.uhg.caregiver.service.impl.CaregiverUserServiceImpl.createUser(CaregiverUserServiceImpl.java:247)

    at com.uhg.caregiver.servlet.UserAccountCreateServlet.createCaregiverUser(UserAccountCreateServlet.java:126)

    at com.uhg.caregiver.servlet.UserAccountCreateServlet.process(UserAccountCreateServlet.java:139)

    at com.uhg.caregiver.servlet.FormProcessingServlet.doPost(FormProcessingServlet.java:91)

    at org.apache.sling.api.servlets.SlingAllMethodsServlet.mayService(SlingAllMethodsServlet.java:149)

    at org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:346)

    at org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:378)

    at org.apache.sling.engine.impl.request.RequestData.service(RequestData.java:552)

    at org.apache.sling.engine.impl.filter.SlingComponentFilterChain.render(SlingComponentFilterChain.java:44)

    at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:77)

    at com.day.cq.wcm.core.impl.WCMDebugFilter.doFilter(WCMDebugFilter.java:138)

    at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)

    at com.day.cq.wcm.core.impl.WCMComponentFilter.filterRootInclude(WCMComponentFilter.java:375)

    at com.day.cq.wcm.core.impl.WCMComponentFilter.doFilter(WCMComponentFilter.java:190)

    at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)

    at com.day.cq.personalization.impl.TargetComponentFilter.doFilter(TargetComponentFilter.java:96)

    at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)

    at org.apache.sling.engine.impl.SlingRequestProcessorImpl.processComponent(SlingRequestProcessorImpl.java:282)

Thanks

Seran

Replies

Highlighted

smacdonald2008

05-06-2018

To perform this use case - you need to create a custom OAK authentication handler that uses the org.apache.jackrabbit.oak.spi.security API. We ave an older AEM Community article that will point you in the correct direction -- Adobe Experience Manager Help | Creating an Adobe Experience Manager Custom Oak Login Module

Highlighted

Naga_Seran

06-06-2018

Hi,

We are using LDAP JNDI api to integrate with LDAP,the same thing is working in AEM6.0 and not working on AEM6.3.

Some sample Implementation found it:

LDAP and JNDI: Together forever | JavaWorld

Thanks

Seran

Highlighted

Naga_Seran

06-06-2018

Hi,

We are using LDAP JNDI api to integrate with LDAP,the same thing is working in AEM6.0 and not working on AEM6.3.

Some sample Implementation found it:

LDAP and JNDI: Together forever | JavaWorld

Thanks

Seran

Highlighted

smacdonald2008

06-06-2018

You should look at building a custom OAK Authentication Handler as discussed in the article Lokesh provided. Use the org.apache.jackrabbit.oak.spi.security API over a JDNI API.

Highlighted