Setup Cortex and modify the application.conf to use the ad provider.
provider = [local,ad]
ad {
domainName="ACME"
domainFQDN="acme.local"
useSSL=true
hosts=[DC1.acme.local]
defaultUserDomain: "acme.com"
}
Try to login and fail miserably
Complementary information
(add anything that can help identifying the problem such as log excerpts, screenshots, configuration dumps etc.)
The error is as follows:
[error] o.e.s.a.ADAuthSrv - AD authentication failure
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090447, comment: AcceptSecurityContext error, data 52e, v3839]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3261)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3207)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2993)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2907)
at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:347)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:225)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:189)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:243)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)
AD authentication failure / Clarification on AD Authentication
Request Type
Bug
Work Environment
Problem Description
Describe the problem/bug as clearly as possible.
We are failing to authenticate to Active Directory with the format of user@acme.com.
The same configuration works for thehive, but not for cortex.
https://github.com/TheHive-Project/TheHive/issues/1453 this one may be related
Steps to Reproduce
Complementary information
(add anything that can help identifying the problem such as log excerpts, screenshots, configuration dumps etc.)
The error is as follows: [error] o.e.s.a.ADAuthSrv - AD authentication failure javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090447, comment: AcceptSecurityContext error, data 52e, v3839] at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3261) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3207) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2993) at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2907) at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:347)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:225)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:189)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:243)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:154)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:84)