- SAP Community
- Products and Technology
- Additional Q&A
- CUP 5.3 SP8 - LDAP as authentication source for re...
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
CUP 5.3 SP8 - LDAP as authentication source for requestors
- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
on 07-07-2009 3:39 PM
Hello,
We have created an LDAP connector in CUP and would like to use it as our source to authenticate requestors. We feel like have the connector setup correctly and configuration for Requestor Authentication is setup to be this connector...but requestors are unable to login (Invalid User Credentials).
I am missing a step? Is there additional configuration we need to do?
Let me know if I need to elaborate further.
Thanks!
--
Jes
Accepted Solutions (0)
Answers (2)
Answers (2)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Jes,
Any update on this? I am having the same problem. Did you need to put any authorisations in to the LDAP active directory?
Simon
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
All,
I've managed to get my solution working by amending the domain of the LDAP to a more generic name. It was restricted to filter out only users from a certain domain and therefore those not within that area were excluded.
Just making the domain more generic tyhe other users were found.
Simon
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
koehntopp
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Hi All,
Regarding my post on the domain, the starting point was to use a domain such as europe.<Client name>.com whereas the fix that worked was to remove the initial part - <client name>.com
Frnak is also correct in that you need to have the LDAP mapping complete so that it finds the correct fields to authenticate against.
Have you also configured SPNegro to do the single sign on side of things as we still haven't managed to get that sorted yet without having it deployed within a portal! (data source for the UME is "ABAP" so that is prohibitive.)
Simon
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
Updated:
We have configured LDAP mapping for our LDAP connector and feel everything looks good.
I have defined this LDAP connector as the authentication source.
I do have an issue:
In config, when we have End User Verification un-checked, requestors are able to login OK and are authenticated correctly against LDAP.
However, when I have End User Verification turned on, requestors are unable to login. Their username and password isn't getting them in. We know we are entering correct passwords.
Am I missing something in config? Anyone have any ideas?
Edited by: Jes Behrens on Jul 7, 2009 11:26 AM
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
This is the error from the log:
2009-07-07 11:01:28,688 [SAPEngine_Application_Thread[impl:3]_9] ERROR javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=phidev,DC=com'
]; remaining name 'dc=phidev,dc=com'
javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=phidev,DC=com'
]; remaining name 'dc=phidev,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3030)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2757)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1828)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1751)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1768)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:412)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:381)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:365)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:267)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:267)
at com.virsa.ae.service.umi.ldap.LDAPAuthenticator.authenticate(LDAPAuthenticator.java:199)
at com.virsa.ae.actions.LoginAction.requestorLoginHandler(LoginAction.java:1123)
at com.virsa.ae.actions.LoginAction.execute(LoginAction.java:93)
at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(AccessController.java:219)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
2009-07-07 11:01:28,690 [SAPEngine_Application_Thread[impl:3]_9] ERROR Failed to log in test_cupuser
com.virsa.ae.service.umi.AuthenticationFailureException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=phidev,DC=com'
]
at com.virsa.ae.service.umi.ldap.LDAPAuthenticator.authenticate(LDAPAuthenticator.java:318)
at com.virsa.ae.actions.LoginAction.requestorLoginHandler(LoginAction.java:1123)
at com.virsa.ae.actions.LoginAction.execute(LoginAction.java:93)
at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(AccessController.java:219)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Report Inappropriate Content
>
> Jes,
>
> It seems CUP is not able to find this id in the LDAP.
But it does when End User Verification is turned off. From my understand, it doesn't matter if Verification is turned on or off; either way it's checking for that User ID in LDAP. The problem is, when a password is required, then and only then is it not finding the record. Seems odd to me.
- App to automatically configure a new ABAP Developer System in Technology Blogs by Members
- Onboarding Users in SAP Quality Issue Resolution in Technology Blogs by SAP
- Services not visible in BAS S/4 Hana Public Cloud. in Technology Q&A
- Configure Custom SAP IAS tenant with SAP BTP Kyma runtime environment in Technology Blogs by SAP
- SAP Successfactors Implementation and Maintenance in Projects in 2024 in Technology Blogs by Members
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.