Hi,

I have implemented directory manager for user management and all the modules are working fine except authentication module. We are using LDAP only for authentication and role, department, org chart are pulled from another database.

The LDAP authentication code is working fine as a standalone java program. Find below the program, exceptions will be thrown when the crendetials are wrong. But when the same code is placed in the authenticate method of plugin, it returns "true" for any input. Authentication happens the first time I login after server restart, but even that happens occassionally. Most of the time authentication method returns true inspite of wrong user id. I'm confused as the stand alone program is working fine as expected. Is this related to the spring configuration? Please advice.

try{

InitialLdapContext  ctx=null;
authEnv.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
authEnv.put(Context.PROVIDER_URL, "ldap://servername:389");
authEnv.put(Context.SECURITY_AUTHENTICATION, "simple");
authEnv.put(Context.SECURITY_PRINCIPAL, username+"@corp.bankofamerica.com");
authEnv.put(Context.SECURITY_CREDENTIALS, password);
authEnv.put(Context.REFERRAL,"follow");

//connect to ldap     
ctx = new InitialLdapContext (authEnv,null);

authenticated= false;
}

catch (AuthenticationException authEx) {
System.out.println("authentication failed");
authenticated= false;
}
catch(Exception ex){
System.out.println("unknown exception in authentication");
ex.printStackTrace();
authenticated= false;
}

return authenticated;