hello,
I'm trying connect xwiki to the ldap using this manual
http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HGenericLDAPconfiguration
but have problem with auth..
i'm using:
slapd 2.3.30-5+etch2
apache-tomcat-6.0.18
xwiki-enterprise-web-1.7-milestone-1.war
jdk1.6.0_07
xwiki.cfg ldap section:
#-------------------------------------------------------------------------------------
# LDAP
#-------------------------------------------------------------------------------------
#-# new LDAP authentication service
xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
#-# Turn LDAP authentication on - otherwise only XWiki authentication
#-# 0: disable
#-# 1: enable
xwiki.authentication.ldap=1
#-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.)
xwiki.authentication.ldap.server=127.0.0.1
xwiki.authentication.ldap.port=389
#-# LDAP login, empty = anonymous access, otherwise specify full dn
#-# {0} is replaced with the username, {1} with the password
xwiki.authentication.ldap.bind_DN=cn={0},ou=people,dc=xxx,dc=com
xwiki.authentication.ldap.bind_pass={1}
#-# Force to check password after LDAP connection
#-# 0: disable
#-# 1: enable
xwiki.authentication.ldap.validate_password=0
#-# only members of the following group will be verified in the LDAP
#-# otherwise only users that are found after searching starting from
the base_DN
#
xwiki.authentication.ldap.user_group=cn=developers,ou=groups,o=MegaNova,c=US
#-# [Since 1.5RC1, XWikiLDAPAuthServiceImpl]
#-# only users not member of the following group can autheticate
# xwiki.authentication.ldap.exclude_group=cn=admin,ou=groups,o=MegaNova,c=US
#-# base DN for searches
xwiki.authentication.ldap.base_DN=ou=people,dc=xxx,dc=com
#-# Specifies the LDAP attribute containing the identifier to be used as
the XWiki name (default=cn)
xwiki.authentication.ldap.UID_attr=cn
#-# [Since 1.5M1, XWikiLDAPAuthServiceImpl]
#-# Specifies the LDAP attribute containing the password to be used
"when xwiki.authentication.ldap.validate_password" is set to 1
xwiki.authentication.ldap.password_field=userPassword
#-# [Since 1.5M1, XWikiLDAPAuthServiceImpl]
#-# The potential LDAP groups classes. Separated by commas.
#
xwiki.authentication.ldap.group_classes=group,groupOfNames,groupOfUniqueNames,dynamicGroup,dynamicGroupAux,groupWiseDistributionList
#-# [Since 1.5M1, XWikiLDAPAuthServiceImpl]
#-# The potential names of the LDAP groups fields containings the
members. Separated by commas.
# xwiki.authentication.ldap.group_memberfields=member,uniqueMember
#-# retrieve the following fields from LDAP and store them in the XWiki
user object (xwiki-attribute=ldap-attribute)
#-# ldap_dn=dn -- dn is set by class, caches dn in XWiki.user object
for faster access
xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn
#-# [Since 1.3M2, XWikiLDAPAuthServiceImpl]
#-# on every login update the mapped attributes from LDAP to XWiki
otherwise this happens only once when the XWiki account is created.
xwiki.authentication.ldap.update_user=1
#-# [Since 1.3M2, XWikiLDAPAuthServiceImpl]
#-# mapps XWiki groups to LDAP groups, separator is "|"
#
xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=cn=AdminRole,ou=groups,o=MegaNova,c=US|\
#
XWiki.Organisation=cn=testers,ou=groups,o=MegaNova,c=US
#-# [Since 1.3M2, XWikiLDAPAuthServiceImpl]
#-# time in s after which the list of members in a group is refreshed
from LDAP (default=3600*6)
# xwiki.authentication.ldap.groupcache_expiration=21800
#-# [Since 1.3M2, XWikiLDAPAuthServiceImpl]
#-# - create : synchronize group membership only when the user is first
created
#-# - always: synchronize on every login
# xwiki.authentication.ldap.mode_group_sync=always
#-# [Since 1.3M2, XWikiLDAPAuthServiceImpl]
#-# if ldap authentication fails for any reason, try XWiki DB
authentication with the same credentials
xwiki.authentication.ldap.trylocal=1
#-# [Since 1.3M2, XWikiLDAPAuthServiceImpl]
#-# SSL connection to LDAP server
#-# 0: normal
#-# 1: SSL
xwiki.authentication.ldap.ssl=0
#-# [Since 1.3M2, XWikiLDAPAuthServiceImpl]
#-# The keystore file to use in SSL connection
xwiki.authentication.ldap.ssl.keystore=
#-# [Since 1.5M1, XWikiLDAPAuthServiceImpl]
#-# The java secure provider used in SSL connection
#
xwiki.authentication.ldap.ssl.secure_provider=com.sun.net.ssl.internal.ssl.Provider
java LDAP debug module exeption:
/
21:07:39,624 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin]
[http-8080-7] DEBUG LDAP.XWikiLDAPAuthServiceImpl - LDAP
authentication failed: login null
21:07:39,627 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin]
[http-8080-7] DEBUG ldap.XWikiLDAPConnection - Connection to LDAP
server [127.0.0.1:389]
21:07:39,641 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin]
[http-8080-7] DEBUG ldap.XWikiLDAPConnection - Binding to LDAP
server with credentials login=[cn=user1,ou=people,dc=xxx,dc=com ]
password=[user1]
21:07:39,644 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin]
[http-8080-7] DEBUG LDAP.XWikiLDAPAuthServiceImpl - Found user dn with
the user object: cn=user1,ou=people,dc=xxx,dc=com
21:07:39,646 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin]
[http-8080-7] DEBUG LDAP.XWikiLDAPAuthServiceImpl - LDAP attributes
will be used to update XWiki attributes.
21:07:39,646 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin]
[http-8080-7] DEBUG ldap.XWikiLDAPConfig - Ready to create
user from LDAP with fields
last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn
21:07:39,649 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin]
[http-8080-7] DEBUG LDAP.XWikiLDAPAuthServiceImpl - Updating existing
user with LDAP attribues located at cn=user1,ou=people,dc=xxx,dc=com
21:07:39,650 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin]
[http-8080-7] DEBUG ldap.XWikiLDAPConfig - Ready to create
user from LDAP with fields
last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn
21:07:39,651 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin]
[http-8080-7] DEBUG LDAP.XWikiLDAPAuthServiceImpl - Local LDAP
authentication failed.
java.lang.NullPointerException
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.updateUserFromLDAP(XWikiLDAPAuthServiceImpl.java:730)
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.syncUser(XWikiLDAPAuthServiceImpl.java:497)
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticateInContext(XWikiLDAPAuthServiceImpl.java:410)
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:198)
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:149)
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:239)
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:165)
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:148)
at
com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:205)
at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3564)
at
com.xpn.xwiki.user.impl.xwiki.XWikiRightServiceImpl.checkAccess(XWikiRightServiceImpl.java:139)
at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3572)
at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4478)
at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:190)
at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:115)
at
org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
at
org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
com.xpn.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:96)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
com.xpn.xwiki.web.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:287)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
com.xpn.xwiki.web.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:112)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)
21:07:39,653 [http://localhost:8080/bin/loginsubmit/XWiki/XWikiLogin]
[http-8080-7] DEBUG LDAP.XWikiLDAPAuthServiceImpl - Trying
authentication against XWiki DB/
In ldap logs:
/Oct 23 21:07:39 ubot slapd[4919]: conn=216 fd=11 ACCEPT from
IP=127.0.0.1:41337 (IP=0.0.0.0:389)
Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=0 BIND
dn="cn=user1,ou=people,dc=xxx,dc=com" method=128
Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=0 BIND
dn="cn=user1,ou=people,dc=xxx,dc=com" mech=SIMPLE ssf=0
Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=0 RESULT tag=97 err=0 text=
Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=1 EXT oid=0.0.0.0
Oct 23 21:07:39 ubot slapd[4919]: do_extended: unsupported operation
"0.0.0.0"
Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=1 RESULT tag=120 err=2
text=unsupported extended operation
Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=2 BIND anonymous
mech=implicit ssf=0
Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=2 BIND
dn="cn=user1,ou=people,dc=xxx,dc=com" method=128
Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=2 BIND
dn="cn=user1,ou=people,dc=xxx,dc=com" mech=SIMPLE ssf=0
Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=2 RESULT tag=97 err=0 text=
Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=3 SRCH
base="cn=user1,ou=people,dc=xxx,dc=com" scope=0 deref=0
filter="(objectClass=*)"
Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=3 SRCH attr=sn givenName
fullName mail dn
Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=3 SEARCH RESULT tag=101
err=0 nentries=1 text=
Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=4 ABANDON msg=93
Oct 23 21:07:39 ubot slapd[4919]: conn=216 op=5 UNBIND
Oct 23 21:07:39 ubot slapd[4919]: conn=216 fd=11 closed
/Somebody can help me? Thanks and Greetings,
Bart
--
Bartłomiej Radziszewski
mobile: +48 509 561 540
e-mail: [EMAIL PROTECTED]
JID: [EMAIL PROTECTED]
ICQ: #305569725
_______________________________________________
users mailing list
[email protected]
http://lists.xwiki.org/mailman/listinfo/users
