0

I am attempting to use LDAP with Shibboleth. I am nearly there, but I cannot authenticate. I followed these instructions, and my login.config file contains the following:

ShibUserPassAuth {
  edu.vt.middleware.ldap.jaas.LdapLoginModule required
  host="ldap://localhost:10389" base="ou=users,ou=system"
  ssl="false" userField="uid";
};

I have tried several variations of the above.

I can use TestShib to reach my IdP's login page, but always receive "Login failed. Double-check your username and password" when I attempt to authenticate.

This might be easier to debug myself if I could manage to get any authentication log messages, but I can't seem to get those working either.

Note that the following ldapsearch command works perfectly fine:

ldapsearch -h "ldap.example.com:10389" -w testpass -x -D "uid=testuser,ou=users,ou=system" -b "dc=example,dc=com" '(objectclass=*)'

If you could tell me what my problem might be, or at least how to enable logging, that would be very helpful.

IanPudney
  • 5,941
  • 1
  • 24
  • 39

1 Answers1

0

I have this working locally. I have taken my working config and replaced my LDAP host and base path with yours from the question above.

ShibUserPassAuth {
  edu.vt.middleware.ldap.jaas.LdapLoginModule required
    ldapUrl="ldap://localhost:10389"
    baseDn="ou=users,ou=system"
    userFilter="uid={0}";
};
samottenhoff
  • 720
  • 4
  • 14