Error: "An internal error occurred while trying to authenticate the user. org.springframework.security.authentication.InternalAuthenticationServiceException" after configuring JasperSoft with LDAP authentication

Document ID : KB000005332
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

The following error appears in jasperserver.log file after configuring JasperSoft with LDAP authentication:

ERROR EncryptionAuthenticationProcessingFilter,http-bio-8080-exec-3:218 - An internal error occurred while trying to authenticate the user.
org.springframework.security.authentication.InternalAuthenticationServiceException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1 ]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1 ]
at org.springframework.security.ldap.authentication.LdapAuthenticationProvider.doAuthentication(LdapAuthenticationProvider.java:191)
...
Caused by: org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1 ]; nested exception is javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1 ]


Environment:
JasperReports 6.2.0
Cause:

There are invalid credentials set in the js.externalAuth.properties file to connect to the LDAP server

Resolution:

The error code "data 52e" suggests an invalid credential being used to connect to the LDAP server. See the list of codes below:

52e invalid credentials
530 not permitted to logon at this time
531 not permitted to logon at this workstation
532 password expired
533
534 account disabled
The user has not been granted the requested logon type at this machine
701 account expired
773 user must reset password
775 user account locked

 

1) Check if the user dn, base dn and password are correct. To check this please download JXplorer to connect to the LDAP Server using the configuration set in the js.externalAuth.properties file. To download Jxplorer:

http://jxplorer.org/downloads/users.html


Once you download the application connect using the details of the js.externalAuth.properties

Example
LDAP Base URL = ldap://1.2.3.4:389
LDAP Search Base DN = ou=UserAccounts,dc=test,dc=ca,dc=com
LDAP User DN = cn=usertest1,ou=Services,ou=UserAccounts,dc=test,dc=ca,dc=com

If you are able to log into the LDAP Server then it means the credentials are OK. If any errors, please check with the LDAP Administrator the correct details.

2) Update js.externalAuth.properties file with the correct details to log into LDAP Server

3) Restart Apache Tomcat Services

4) Log into JasperReports with the LDAP Server credentials

Additional Information:

Configure CABI JasperReports® Server r6.2.0 to use LDAP

https://docops.ca.com/ca-service-management/14-1/en/integrating/cabi-jasperreports-server-r6-2-0-for-ca-service-management/configure-cabi-jasperreports-server-r6-2-0-for-ca-service-management#ConfigureCABIJasperReports%C2%AEServerr6.2.0forCAServiceManagement-Step7.2(Optional):ConfigureCABIJasperReports%C2%AEServerr6.2.0touseLDAP

 

Where can I get more information on using JXplorer with CA LDAP Server?

https://www.ca.com/us/services-support/ca-support/ca-support-online/knowledge-base-articles.tec473983.html