30 Oct
2008
30 Oct
'08
4:59 p.m.
Hey Hoh,
I have a small (or big) problem...
I wanted to configure my LDAP Authentication on XWS. There I have used the
settings of my XE, but it won't work...
Its strange, because if i disable
xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
i can login with the LDAP User, but then i have no access rights. Also the
User won't be added to the User Database.
Also Admin can't login.
If i enable this authclass, i can't login with a LDAP User but with the
Admin account...
My Settings:
#-------------------------------------------------------------------------------------
# LDAP
#-------------------------------------------------------------------------------------
#-# new LDAP authentication service
xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
#-# Turn LDAP authentication on - otherwise only XWiki authentication
#-# 0: disable
#-# 1: enable
xwiki.authentication.ldap=1
#-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.)
xwiki.authentication.ldap.server=192.168.111.234
xwiki.authentication.ldap.port=389
#-# LDAP login, empty = anonymous access, otherwise specify full dn
#-# {0} is replaced with the username, {1} with the password
xwiki.authentication.ldap.bind_DN=uid={0},ou=people,dc=dalim,dc=fr
xwiki.authentication.ldap.bind_pass={1}
#-# Force to check password after LDAP connection
#-# 0: disable
#-# 1: enable
xwiki.authentication.ldap.validate_password=0
#-# only members of the following group will be verified in the LDAP
# otherwise only users that are found after searching starting from the
base_DN
#
xwiki.authentication.ldap.user_group=cn=developers,ou=groups,o=MegaNova,c=US
#-# base DN for searches
xwiki.authentication.ldap.base_DN=ou=people,dc=dalim,dc=fr
#-# specifies the LDAP attribute containing the identifier to be used as the
XWiki name (default=cn)
xwiki.authentication.ldap.UID_attr=uid
#-# retrieve the following fields from LDAP and store them in the XWiki user
object (xwiki-attribute=ldap-attribute)
#-# ldap_dn=dn -- dn is set by class, caches dn in XWiki.user object for
faster access
xwiki.authentication.ldap.fields_mapping=name=uid,last_name=sn,first_name=givenName,fullname=cn,email=mail,ldap_dn=dn
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# on every login update the mapped attributes from LDAP to XWiki otherwise
this happens only once when the XWiki account is created.
xwiki.authentication.ldap.update_user=1
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# mapps XWiki groups to LDAP groups, separator is "|"
#xwiki.authentication.ldap.group_mapping=XWiki.Service=uid=service,ou=people,dc=dalim,dc=fr
| XWiki.IT=uid=it,ou=people,dc=dalim,dc=fr |
XWiki.Sales=uid=sales,ou=people,dc=dalim,dc=fr |
XWiki.QC=uid=qc,ou=people,dc=dalim,dc=fr |
XWiki.Marketing=uid=marketing,ou=people,dc=dalim,dc=fr |
XWiki.Manufacturing=uid=manufacturing,ou=people,dc=dalim,dc=fr |
XWiki.Finance=uid=finance,ou=people,dc=dalim,dc=fr |
XWiki.Administration=uid=administration,ou=people,dc=dalim,dc=fr
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# time in s after which the list of members in a group is refreshed from
LDAP (default=3600*6)
# xwiki.authentication.ldap.groupcache_expiration=21800
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# - create : synchronize group membership only when the user is first
created
#-# - always: synchronize on every login
# xwiki.authentication.ldap.mode_group_sync=always
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# if ldap authentication fails for any reason, try XWiki DB authentication
with the same credentials
xwiki.authentication.ldap.trylocal=1
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# SSL connection to LDAP server
#-# 0: normal
#-# 1: SSL
# xwiki.authentication.ldap.ssl=0
#-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl]
#-# The keystore file to use in SSL connection
# xwiki.authentication.ldap.ssl.keystore=
The errormessage i get is :
16:48:31,611 [
http://wiki.kehl.dalim.com:8080/work/bin/loginsubmit/XWiki/XWikiLogin]
[P1-19] DEBUG LDAP.XWikiLDAPAuthServiceImpl - Trying authentication
against XWiki DB
16:48:31,614 [
http://wiki.kehl.dalim.com:8080/work/bin/loginsubmit/XWiki/XWikiLogin]
[P1-19] WARN LDAP.XWikiLDAPAuthServiceImpl - LDAP authentication failed.
com.xpn.xwiki.plugin.ldap.XWikiLDAPException: Error number 0 in 5: LDAP bind
failed with LDAPException.
Wrapped Exception: Invalid Credentials
at
com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:178)
at
com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:109)
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:190)
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:104)
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:195)
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:128)
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:113)
at
com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:213)
at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3412)
at
com.xpn.xwiki.user.impl.xwiki.XWikiRightServiceImpl.checkAccess(XWikiRightServiceImpl.java:137)
at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3420)
at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4382)
at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:189)
at
org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:616)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
at
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:428)
at
org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:830)
at
com.xpn.xwiki.web.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:112)
at
org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821)
at
org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:471)
at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
at
org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
at org.mortbay.http.HttpServer.service(HttpServer.java:954)
at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
at
org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
Wrapped Exception:
LDAPException: Invalid Credentials (49) Invalid Credentials
LDAPException: Matched DN:
at com.novell.ldap.LDAPResponse.getResultException(Unknown Source)
at com.novell.ldap.LDAPResponse.chkResultCode(Unknown Source)
at com.novell.ldap.LDAPConnection.chkResultCode(Unknown Source)
at com.novell.ldap.LDAPConnection.bind(Unknown Source)
at com.novell.ldap.LDAPConnection.bind(Unknown Source)
at
com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:170)
at
com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:109)
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:190)
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:104)
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:195)
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:128)
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:113)
at
com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:213)
at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3412)
at
com.xpn.xwiki.user.impl.xwiki.XWikiRightServiceImpl.checkAccess(XWikiRightServiceImpl.java:137)
at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3420)
at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4382)
at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:189)
at
org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431)
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236)
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196)
at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:616)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:689)
at
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:428)
at
org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:830)
at
com.xpn.xwiki.web.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:112)
at
org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821)
at
org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:471)
at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1565)
at
org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1517)
at org.mortbay.http.HttpServer.service(HttpServer.java:954)
at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:983)
at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
at
org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
I hope you can help me!
Greetz
Greg