CAS连接微软活动目录的配置方法

原文地址：http://blog.csdn.net/baozhengw/article/details/3857669
在微软活动目录中建立一个用户节点,帐号为wangzhenyu,cn为zhenyu wang,并设置登陆口令,这时候在cas中用wangzhenyu的帐号登陆失败,解决办法是:安装apache directory studio,建立一个到微软活动目录的连接,连接时使用微软活动目录所在的windows2003服务器的超级用户帐号,连接成功后,在LDAP树中找从ou=nsc下找i到CN=zhengyu wang这个节点,给这个节点手工添加一个uid属性，设置uid的值为wangzhenyu,添加成功后，在cas登陆页面中再使用wangzhenyu帐号及ad中设置的口令就可以成功登录了．

<?xml version="1.0" encoding="utf-8"?>

<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.0.xsd">  
  <bean id="authenticationManager" class="org.jasig.cas.authentication.AuthenticationManagerImpl"> 
    <property name="credentialsToPrincipalResolvers"> 
      <list> 
        <bean class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver"/>  
        <bean class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver"/> 
      </list> 
    </property>  
    <property name="authenticationHandlers"> 
      <list> 
        <bean class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler" p:httpClient-ref="httpClient"/>  
        <!--<bean
     class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler" />-->  
        <bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"> 
          <property name="filter" value="uid=%u"/>  
          <!--seem must have ou node-->  
          <!--<property name="searchBase" value="ou=nsc,dc=nhncdev,dc=com" />  -->  
          <property name="searchBase" value="ou=nsc,dc=nhncdev,dc=com"/>  
          <property name="contextSource" ref="contextSource"/> 
        </bean> 
      </list> 
    </property> 
  </bean>  
  <bean id="userDetailsService" class="org.springframework.security.userdetails.memory.InMemoryDaoImpl"> 
    <property name="userMap"> 
      <value></value> 
    </property> 
  </bean>  
  <bean id="attributeRepository" class="org.jasig.services.persondir.support.StubPersonAttributeDao"> 
    <property name="backingMap"> 
      <map> 
        <entry key="uid" value="uid"/>  
        <entry key="eduPersonAffiliation" value="eduPersonAffiliation"/>  
        <entry key="groupMembership" value="groupMembership"/> 
      </map> 
    </property> 
  </bean>  
  <bean id="serviceRegistryDao" class="org.jasig.cas.services.InMemoryServiceRegistryDaoImpl"/>  
  <bean id="contextSource" class="org.jasig.cas.adaptors.ldap.util.AuthenticatedLdapContextSource"> 
    <property name="anonymousReadOnly" value="false"/>  
    <property name="userName" value="cn=zhenyu wang,ou=nsc,dc=nhncdev,dc=com"/>  
    <property name="password" value="Hello123"/>  
    <property name="pooled" value="true"/>  
    <property name="urls"> 
      <list> 
        <value>ldap://10.34.114.54:389/</value> 
      </list> 
    </property>  
    <property name="baseEnvironmentProperties"> 
      <map> 
        <entry> 
          <key>
            <value>java.naming.security.authentication</value>
          </key>  
          <value>simple</value> 
        </entry> 
      </map> 
    </property> 
  </bean> 
</beans>