LDAP Integration in AEM6.3 for application login

View profile · 05-06-2018

Hi Team,

We are using LDAP to authenticate the application user (not AEM login authentication). We are in process of migrating from AEM 6.0 to AEM 6.3 and LDAP integration is not working and seeing below issue. Could you please help us on this.

Code:

@Override

public void createUser(String inUserName, String inPassword, String inFirstName) throws NamingException {

	String userDN = getUserDn(inUserName);

	// User attributes to add to user when created in LDAP
	Attributes userAttributes = new BasicAttributes(true);


	setupDirectoryContext().bind(userDN, null, userAttributes);

}

/**

* Get a reference to the directory context

* @return boolean - true if validated, false otherwise

* @throws NamingException

*/

private DirContext setupDirectoryContext() throws NamingException {

	DirContext returnValue = null;
	Hashtable<String, String> environment;
	environment = new Hashtable<String, String>();
	environment.put(Context.INITIAL_CONTEXT_FACTORY, LdapCtxFactory.class.getName());
	environment.put(Context.PROVIDER_URL, this.providerUrl);
	environment.put(Context.SECURITY_PRINCIPAL, this.principal);
	environment.put(Context.SECURITY_CREDENTIALS, this.password);
	environment.put(Context.SECURITY_AUTHENTICATION, "simple");

	// Initialize the directory context with the environment variables
	returnValue = new InitialDirContext(environment);

	return returnValue;

}

Error in logs:

javax.naming.NotContextException: Not an instance of DirContext

at javax.naming.directory.InitialDirContext.getURLOrDefaultInitDirCtx(InitialDirContext.java:111)

at javax.naming.directory.InitialDirContext.bind(InitialDirContext.java:177)

at com.uhg.caregiver.repository.impl.LdapRepositoryImpl.createUser(LdapRepositoryImpl.java:143)

at com.uhg.caregiver.service.impl.CaregiverUserServiceImpl.createUser(CaregiverUserServiceImpl.java:247)

at com.uhg.caregiver.servlet.UserAccountCreateServlet.createCaregiverUser(UserAccountCreateServlet.java:126)

at com.uhg.caregiver.servlet.UserAccountCreateServlet.process(UserAccountCreateServlet.java:139)

at com.uhg.caregiver.servlet.FormProcessingServlet.doPost(FormProcessingServlet.java:91)

at org.apache.sling.api.servlets.SlingAllMethodsServlet.mayService(SlingAllMethodsServlet.java:149)

at org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:346)

at org.apache.sling.api.servlets.SlingSafeMethodsServlet.service(SlingSafeMethodsServlet.java:378)

at org.apache.sling.engine.impl.request.RequestData.service(RequestData.java:552)

at org.apache.sling.engine.impl.filter.SlingComponentFilterChain.render(SlingComponentFilterChain.java:44)

at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:77)

at com.day.cq.wcm.core.impl.WCMDebugFilter.doFilter(WCMDebugFilter.java:138)

at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)

at com.day.cq.wcm.core.impl.WCMComponentFilter.filterRootInclude(WCMComponentFilter.java:375)

at com.day.cq.wcm.core.impl.WCMComponentFilter.doFilter(WCMComponentFilter.java:190)

at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)

at com.day.cq.personalization.impl.TargetComponentFilter.doFilter(TargetComponentFilter.java:96)

at org.apache.sling.engine.impl.filter.AbstractSlingFilterChain.doFilter(AbstractSlingFilterChain.java:68)

at org.apache.sling.engine.impl.SlingRequestProcessorImpl.processComponent(SlingRequestProcessorImpl.java:282)

Thanks

Seran

View profile · 05-06-2018

To perform this use case - you need to create a custom OAK authentication handler that uses the org.apache.jackrabbit.oak.spi.security API. We ave an older AEM Community article that will point you in the correct direction -- Adobe Experience Manager Help | Creating an Adobe Experience Manager Custom Oak Login Module

View profile · 05-06-2018

Hi,

is this your custom code? Then, pls refer the article which @scott has mentioned

View profile · 05-06-2018

When working with AEM and LDAP - you can sync the users to essentially pull them into AEM - as discussed here - .Adobe Experience Manager Help | Configuring Adobe Experience Manager 6.4 to use Apache Directory Ser...

View profile · 06-06-2018

Hi,

We are using LDAP JNDI api to integrate with LDAP,the same thing is working in AEM6.0 and not working on AEM6.3.

Some sample Implementation found it:

LDAP and JNDI: Together forever | JavaWorld

Thanks

Seran

View profile · 06-06-2018

Hi,

We are using LDAP JNDI api to integrate with LDAP,the same thing is working in AEM6.0 and not working on AEM6.3.

Some sample Implementation found it:

LDAP and JNDI: Together forever | JavaWorld

Thanks

Seran

View profile · 06-06-2018

You should look at building a custom OAK Authentication Handler as discussed in the article Lokesh provided. Use the org.apache.jackrabbit.oak.spi.security API over a JDNI API.

View profile · 06-06-2018

More infor too -- http://aempodcast.com/2017/aem-resources/week-aem-custom-authentication-handler/#.WxfoxkgvyF4

View profile · 07-06-2018

Hi,

Thanks a lot for your quick responses.Did JNDI API is not supported in latest version of AEM?

Thanks

Seran

Replies