Issue | - When logging in to the Self-Service Portal (SSP) GUI with an AD password, the following error displays:
Unexpected error: occurred while authenticating with LDAP. 'Authentication station status was 9'
- The following error will be in the SSP daily log, located in ..\rsa\ssp\logs:
org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1e 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1 STACK_TRACE[$org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1AP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1 org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:182) org.springframework.ldap.core.support.AbstractContextSource.createContext(AbstractContextSource.java:266) org.springframework.ldap.core.support.AbstractContextSource.getContext(AbstractContextSource.java:106) org.springframework.ldap.core.support.AbstractContextSource.getReadOnlyContext(AbstractContextSource.java:125) org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:287) org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:237) org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:624) org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:535) org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:462) org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:483) org.springframework.ldap.core.LdapTemplate.search(LdapTemplate.java:503) org.springframework.ldap.core.LdapTemplate.authenticate(LdapTemplate.java:1482) org.springframework.ldap.core.LdapTemplate.authenticate(LdapTemplate.java:1440) com.rsa.pso.services.ADAuthenticationService.authenticate(Unknown Source) com.rsa.pso.selfservice.web.LoginActionBean.login(Unknown Source) sun.reflect.GeneratedMethodAccessor89.invoke(Unknown Source)
|
Resolution | Update the ssp.properties file located in ..\rsa\ssp\config with the correct credentials following the examples below: For the property which holds the bind user DN to connect to the domain:
alm.ldap.binduserDn=CN=<user_name>,CN=<CN_container>,DC=<domain_component_1>,DC=<domain_component_2>,DC=com
For example,
alm.ldap.binduserDn=CN=Administrator,CN=Users,DC=devdomain,DC=pso,DC=com
For the property which holds the encrypted password of the user specified in property:
alm.ldap.binduserpassword=<password_value>
For example,
alm.ldap.binduserpassword=P4ssw0rd |