- What is your product version?: API: v10.4.0 | Client: v10.5.0 [20211006]
- What is your product type (Angular or MVC)?: Angular
- What is product framework type (.net framework or .net core)?: .net core
- What is ABP Framework version? 6.4.0
Hi, I tried configuring the app to authenticate agains openLDAP, for that I followed the guid: https://docs.aspnetzero.com/en/aspnet-core-angular/latest/Features-Angular-Active-Directory
When I tested it I was getting following error:
"ERROR 2021-10-26 18:35:01,333 [107 ] Mvc.ExceptionHandling.AbpExceptionFilter - Object reference not set to an instance of an object.",
"System.NullReferenceException: Object reference not set to an instance of an object.",
" at System.DirectoryServices.AccountManagement.PrincipalContext.ReadServerConfig(String serverName, ServerProperties& properties)",
" at System.DirectoryServices.AccountManagement.PrincipalContext.DoServerVerifyAndPropRetrieval()",
" at System.DirectoryServices.AccountManagement.PrincipalContext..ctor(ContextType contextType, String name, String container, ContextOptions options, String userName, String password)",
" at Abp.Zero.Ldap.Authentication.LdapAuthenticationSource`2.CreatePrincipalContext(TTenant tenant)",
" at Abp.Zero.Ldap.Authentication.LdapAuthenticationSource`2.TryAuthenticateAsync(String userNameOrEmailAddress, String plainPassword, TTenant tenant)",
" at Abp.Authorization.AbpLogInManager`3.TryLoginFromExternalAuthenticationSourcesAsync(String userNameOrEmailAddress, String plainPassword, TTenant tenant)",
" at Abp.Authorization.AbpLogInManager`3.LoginAsyncInternal(String userNameOrEmailAddress, String plainPassword, String tenancyName, Boolean shouldLockout)",
" at Abp.Authorization.AbpLogInManager`3.<>c__DisplayClass36_0.<<LoginAsync>b__0>d.MoveNext()",
"--- End of stack trace from previous location ---",
I searched up other similar issues, and did make sure that Username and email are populated in LDAP, as this was issue few users encountered. However, this seems to be a bit different, as exception is thrown from .LdapAuthenticationSource.CreatePrincipalContext()
One issue which I found and seems related is this: https://github.com/dotnet/runtime/issues/27160
and from it looks like that PrincipalContext cannot work with OpenLDAP (which we use internally). Is that correct? What option do we have?
Regards, Predrag
5 Answer(s)
-
0
Hi,
We haven't tried this with an OpenLDAP server. You can override
TryAuthenticateAsync
method of AppLdapAuthenticationSource, copy the original code from https://github.com/aspnetboilerplate/aspnetboilerplate/blob/dev/src/Abp.Zero.Ldap/Ldap/Authentication/LdapAuthenticationSource.cs#L39 and see ifCreatePrincipalContext
works or not by debugging your application. -
0
Hi, I did try your suggestion and I did debug it but ended up with the same exception and pretty much same conclusion that openLDAP is not supported.
I tried initializing PrincipalContext with different parameters and using various ContextOptions, but that didn't help me resolving the issue.
One thing I noticed for PrincipalContext class is that it seems it is supported on Windows platform only:
Would you guys have any suggestion on alternative way of authenticating against openLDAP (e.g using some other .net classes instead of PrincipalContext)? Is there any plan on your side to look into this and provide some solution?
Thanks, Predrag
-
0
Hi Predrag,
I haven't tried but there are some libraries such as https://github.com/flamencist/ldap4net. You can give it a try.
-
0
Thanks. We were able to get users authenticated by using LdapConnection instead of PrincipalContext in TryAuthenticateAsync(). We still need to work on overriding other methods from LdapAuthenticationSource, like UpdateUserAsync(). in any case, it would be nice to have implementation provided by the framework. Regards, Predrag
-
0
I guess we can close this issue for now