具有 ldap 集成的 Cassandra
Cassandra with ldap intergration
使用Datastax 5.1 版Cassandra,尝试将ldap 与其集成。在 dse.yaml 和 cassandra.yaml 中添加了必需的参数,但是当我尝试对 ldap 用户进行身份验证时,它一直失败并出现以下错误。
[root@ip-11.11.11.11 ~]# cqlsh -u 123456
Password:
Connection error: ('Unable to connect to any servers', {'127.0.0.1': AuthenticationFailed('Failed to authenticate to 127.0.0.1: Error from server: code=0100 [Bad credentials] message="Failed to login. Please re-try."',)})
这是来自 debug.log 的消息。
ERROR [Native-Transport-Requests-1] 2019-06-06 05:34:50,842 DefaultLdapConnectionFactory.java:68 - unable to bind connection: PROTOCOL_ERROR: The server will disconnect!
TRACE [Native-Transport-Requests-1] 2019-06-06 05:34:50,843 LdapUtils.java:577 - [ldap-fetch-user] ERROR - failed to fetch username: 123456
org.apache.directory.api.ldap.model.exception.LdapOperationException: PROTOCOL_ERROR: The server will disconnect!
at org.apache.directory.ldap.client.api.LdapNetworkConnection.startTls(LdapNetworkConnection.java:3986)
at org.apache.directory.ldap.client.api.LdapNetworkConnection.bindAsync(LdapNetworkConnection.java:1373)
at org.apache.directory.ldap.client.api.LdapNetworkConnection.bind(LdapNetworkConnection.java:1293)
at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:130)
at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:114)
它似乎无法连接到 ldap,未与其绑定?
我能够使用 ldapsearch 连接到 AD,并从 cassandra 节点获取用户的结果。还将证书导入密钥库并在 dse.yaml 中提及。有什么指点吗?
问题出在证书链上,在使用正确的中间证书与 AD 绑定成功后。
使用Datastax 5.1 版Cassandra,尝试将ldap 与其集成。在 dse.yaml 和 cassandra.yaml 中添加了必需的参数,但是当我尝试对 ldap 用户进行身份验证时,它一直失败并出现以下错误。
[root@ip-11.11.11.11 ~]# cqlsh -u 123456
Password:
Connection error: ('Unable to connect to any servers', {'127.0.0.1': AuthenticationFailed('Failed to authenticate to 127.0.0.1: Error from server: code=0100 [Bad credentials] message="Failed to login. Please re-try."',)})
这是来自 debug.log 的消息。
ERROR [Native-Transport-Requests-1] 2019-06-06 05:34:50,842 DefaultLdapConnectionFactory.java:68 - unable to bind connection: PROTOCOL_ERROR: The server will disconnect!
TRACE [Native-Transport-Requests-1] 2019-06-06 05:34:50,843 LdapUtils.java:577 - [ldap-fetch-user] ERROR - failed to fetch username: 123456
org.apache.directory.api.ldap.model.exception.LdapOperationException: PROTOCOL_ERROR: The server will disconnect!
at org.apache.directory.ldap.client.api.LdapNetworkConnection.startTls(LdapNetworkConnection.java:3986)
at org.apache.directory.ldap.client.api.LdapNetworkConnection.bindAsync(LdapNetworkConnection.java:1373)
at org.apache.directory.ldap.client.api.LdapNetworkConnection.bind(LdapNetworkConnection.java:1293)
at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:130)
at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:114)
它似乎无法连接到 ldap,未与其绑定?
我能够使用 ldapsearch 连接到 AD,并从 cassandra 节点获取用户的结果。还将证书导入密钥库并在 dse.yaml 中提及。有什么指点吗?
问题出在证书链上,在使用正确的中间证书与 AD 绑定成功后。