LDAP: error code 32 - No Such Object

简介: `亲测可用,之前搜索了很多博客,啥样的都有,就是不介绍报错以及配置用处,根本不懂照抄那些配置是干啥的,稀里糊涂的按照博客搭完也跑不起来,因此记录这个。``项目背景`:公司项目当前采用http协议+shiro+mysql的登录认证方式,而现在想支持ldap协议认证登录然后能够访问自己公司的项目网站。`举例说明`:假设我们公司有自己的门户网站,现在我们收购了一家公司,他们数据库采用ldap存储用户数据,那么为了他们账户能登陆我们公司项目所以需要集成,而不是再把他们的账户重新在mysql再创建一遍,万一人家有1W个账户呢,不累死了且也不现实啊。

1.jpeg

背景

亲测可用,之前搜索了很多博客,啥样的都有,就是不介绍报错以及配置用处,根本不懂照抄那些配置是干啥的,稀里糊涂的按照博客搭完也跑不起来,因此记录这个。

项目背景:公司项目当前采用http协议+shiro+mysql的登录认证方式,而现在想支持ldap协议认证登录然后能够访问自己公司的项目网站。

举例说明:假设我们公司有自己的门户网站,现在我们收购了一家公司,他们数据库采用ldap存储用户数据,那么为了他们账户能登陆我们公司项目所以需要集成,而不是再把他们的账户重新在mysql再创建一遍,万一人家有1W个账户呢,不累死了且也不现实啊。

需要安装openldap+kerberos,且ldap和kerberos安装在同一台服务器上,当前版本如下:

  • centos 7.9
  • openldap 2.4.44
  • phpldapadmin 1.2.5
  • 服务器IP:10.110.38.162
  • Kerberos :Kerberos 5 release 1.15.1

另外介绍下我的Spring各个版本:

  • Spring Security:4.2.3.RELEASE
  • Spring Version:4.3.9.RELEASE
  • SpringBoot Version:1.4.7.RELEASE

注意点1:我之所以选这么旧的版本,是因为我最后要在自己项目集成,我们项目就是上面版本附近的,所以不能选太高版本,这点请注意各版本之间的兼容性问题。
详情可看这篇博客介绍兼容版本:https://zhuanlan.zhihu.com/p/652895555

注意点2:如果里面的某些配置不知道在哪或者不知道干啥的,可以看我的前面的博客,详细介绍了安装配置等,可以大致了解参数。

报错

image.png

完整错误

org.springframework.ldap.NameNotFoundException: [LDAP: error code 32 - No Such Object]; nested exception is javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'ou=Develop,ou=Hytera,dc=node3,dc=com'

    at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:183)
    at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:380)
    at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:332)
    at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:608)
    at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:598)
    at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:486)
    at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:502)
    at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:518)
    at com.ldap.LdapTest.listUsers(LdapTest.java:31)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:59)
    at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
    at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:56)
    at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
    at org.springframework.test.context.junit4.statements.RunBeforeTestExecutionCallbacks.evaluate(RunBeforeTestExecutionCallbacks.java:74)
    at org.springframework.test.context.junit4.statements.RunAfterTestExecutionCallbacks.evaluate(RunAfterTestExecutionCallbacks.java:84)
    at org.springframework.test.context.junit4.statements.RunBeforeTestMethodCallbacks.evaluate(RunBeforeTestMethodCallbacks.java:75)
    at org.springframework.test.context.junit4.statements.RunAfterTestMethodCallbacks.evaluate(RunAfterTestMethodCallbacks.java:86)
    at org.springframework.test.context.junit4.statements.SpringRepeat.evaluate(SpringRepeat.java:84)
    at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:366)
    at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.runChild(SpringJUnit4ClassRunner.java:251)
    at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.runChild(SpringJUnit4ClassRunner.java:97)
    at org.junit.runners.ParentRunner$4.run(ParentRunner.java:331)
    at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:79)
    at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:329)
    at org.junit.runners.ParentRunner.access$100(ParentRunner.java:66)
    at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:293)
    at org.springframework.test.context.junit4.statements.RunBeforeTestClassCallbacks.evaluate(RunBeforeTestClassCallbacks.java:61)
    at org.springframework.test.context.junit4.statements.RunAfterTestClassCallbacks.evaluate(RunAfterTestClassCallbacks.java:70)
    at org.junit.runners.ParentRunner$3.evaluate(ParentRunner.java:306)
    at org.junit.runners.ParentRunner.run(ParentRunner.java:413)
    at org.springframework.test.context.junit4.SpringJUnit4ClassRunner.run(SpringJUnit4ClassRunner.java:190)
    at org.junit.runner.JUnitCore.run(JUnitCore.java:137)
    at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:69)
    at com.intellij.rt.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:33)
    at com.intellij.rt.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:220)
    at com.intellij.rt.junit.JUnitStarter.main(JUnitStarter.java:53)
Caused by: javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'ou=Develop,ou=Hytera,dc=node3,dc=com'
    at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3179)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3100)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2891)
    at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1846)
    at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
    at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:392)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:358)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:341)
    at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:267)
    at org.springframework.ldap.core.LdapTemplate$4.executeSearch(LdapTemplate.java:326)
    at org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:367)
    ... 38 more

错误代码:

application.properties

spring.ldap.urls=ldap://10.110.38.162:389
spring.ldap.username=cn=admin,dc=node3,dc=com
spring.ldap.password=123456
spring.ldap.base=ou=People,dc=hdp,dc=node3,dc=com

LdapTest

@Test
public void listUsers() throws NoSuchAlgorithmException {
   
    AndFilter filter = new AndFilter();
    filter.and(new EqualsFilter("objectClass", "inetOrgPerson"));

    List<LdapUser> users = ldapTemplate.search("ou=People,dc=hdp", filter.encode(), new LdapUserAttributeMapper());
    for (LdapUser user: users ) {
   
        System.out.println("user: " + user);
        System.out.println("userPassword:" + user.getUserPassword());
        System.out.println(verifySHA(user.getUserPassword(), "123456"));
    }
}

疑惑:32错误码对应dn设置不对,但是我感觉不出来哪里不对啊,感觉spring.ldap.base和ldapTemplate.search都设置了正确的dn 啊,而且"ou=People,dc=hdp,dc=node3,dc=com"这个dn就是我要查询账户所在的完整dn路径啊,不信看图。
image.png

错误原因:spring.ldap.base和ldapTemplate.search是有传递行的(你可以理解为拼接的效果,一因此不能设置一样的否则就乱套了,找不到了)。这易错点特别操蛋,因为根本别人的博客找不到还有这个规则说明,上来就是给你贴配置类文件和代码,然后照抄运行就报错,关键他们也不贴运行结果,我就只能挨个尝试去试错。

解决方案

  • 如果spring.ldap.base设置了spring.ldap.base="ou=People,dc=hdp,dc=node3,dc=com",那么search方法构面跟的就应该是空字符串“”)
spring.ldap.base=ou=Develop,ou=Hytera,dc=node3,dc=com
List<LdapUser> users = ldapTemplate.search("", filter.encode(), new LdapUserAttributeMapper());
  • 如果spring.ldap.base设置了spring.ldap.base=dc=node3,dc=com,那么search方法构面跟的就应该是"ou=People,dc=hdp"
spring.ldap.base=dc=node3,dc=com
List<LdapUser> users = ldapTemplate.search("ou=People,dc=hdp", filter.encode(), new LdapUserAttributeMapper());

本人其他相关文章链接

1.Centos7.9安装openldap
2.Centos7.9安装kerberos
3.Openldap集成Kerberos
4.Centos7.9安装phpldapadmin
5.java连接ldap实现用户查询功能
6.java连接kerberos用户认证
7.javax.security.auth.login.LoginException: Unable to obtain password from user
8.javax.security.auth.login.LoginException: null (68)
9.javax.security.auth.login.LoginException: Message stream modified (41)
10.javax.security.auth.login.LoginException: Checksum failed
11.javax.security.auth.login.LoginException: No CallbackHandler available to garner authentication info
12.javax.security.auth.login.LoginException: Cannot locate KDC
13.javax.security.auth.login.LoginException: Receive timed out
14.java: 无法访问org.springframework.context.ConfigurableApplicationContext
15.LDAP: error code 34 - invalid DN
16.LDAP: error code 32 - No Such Object
17.java: 无法访问org.springframework.ldap.core.LdapTemplate

目录
相关文章
|
7月前
|
关系型数据库 MySQL
mysql: error while loading shared libraries: libncurses.so.5: cannot open shared object file
mysql: error while loading shared libraries: libncurses.so.5: cannot open shared object file
325 0
|
6月前
|
Python
【Error】DeprecationWarning: executable_path has been deprecated, please pass in a Service object
【Error】DeprecationWarning: executable_path has been deprecated, please pass in a Service object
93 2
|
XML 关系型数据库 MySQL
【MySQL异常】ExecutorException: Error getting generated key or setting result to parameter object
【MySQL异常】ExecutorException: Error getting generated key or setting result to parameter object
445 0
|
5月前
|
关系型数据库 MySQL
mysql: error while loading shared libraries: libncurses.so.5: cannot open shared object file
mysql: error while loading shared libraries: libncurses.so.5: cannot open shared object file
364 2
|
7月前
|
缓存 Ubuntu Linux
error while loading shared libraries: libxcb-icccm.so.4: cannot open shared object file: No such file or directory 问题如何处理
【5月更文挑战第16天】error while loading shared libraries: libxcb-icccm.so.4: cannot open shared object file: No such file or directory 问题如何处理
879 0
|
关系型数据库 MySQL
mysql: error while loading shared libraries: libtinfo.so.5: cannot open shared object file: No such
mysql: error while loading shared libraries: libtinfo.so.5: cannot open shared object file: No such
273 33
|
NoSQL MongoDB
mongod: error while loading shared libraries: libcrypto.so.1.1: cannot open shared object file: No s
mongod: error while loading shared libraries: libcrypto.so.1.1: cannot open shared object file: No s
583 0
gdalinfo: error while loading shared libraries: libgdal.so.30: cannot open shared object file: No su
gdalinfo: error while loading shared libraries: libgdal.so.30: cannot open shared object file: No su
198 0
|
人工智能 自然语言处理 JavaScript
vue.runtime.esm.js?2b0e:619 [Vue warn]: Error in created hook: “TypeError: Object(...) is not a func
vue.runtime.esm.js?2b0e:619 [Vue warn]: Error in created hook: “TypeError: Object(...) is not a func
125 0