Re: [xwiki-users] Xwiki and OpenLDAP not working

Hello XWiki users, I have a problem getting OpenLDAP to work with XWiki 1.5.11446. For some strange reason i cannot login into xwiki from an account located in OpenLDAP and no error messages are produced. The login page just refreshes itself and nothing else happens. This problem started when I migrated Xwiki 1.4 to 1.5. As solution, I downgraded back to 1.4 and everything seems to work again. Is the LDAP plugin broken in 1.5? I have copy-pasted a sample ldif of my OpenLDAP as well as the xwiki.cfg settings so that someone can give me a hint on where the problem could be. Many thanks in advanced. Richard ------------------------------------------------------ BEGIN ldif------------------------------------------------------------------- dn: dc=mydomain objectClass: organization objectClass: dcObject dc: mydomain o: mydomain dn: ou=Users,dc=mydomain objectClass: organizationalUnit ou: Users dn: ou=People,ou=Users,dc=mydomain objectClass: organizationalUnit ou: People dn: ou=Groups,dc=mydomain objectClass: organizationalUnit ou: Groups dn: ou=Machines,ou=Users,dc=mydomain objectClass: organizationalUnit ou: Machines dn: ou=Domains,dc=mydomain objectClass: organizationalUnit ou: Domains dn: sambaDomainName=SCRAPPY,ou=Domains,dc=mydomain objectClass: sambaDomain sambaAlgorithmicRidBase: 1000 sambaSID: S-1-5-21-4074884656-2525905897-914379862 sambaDomainName: SCRAPPY sambaMinPwdLength: 8 dn: cn=domainUsers,ou=Groups,dc=mydomain objectClass: sambaGroupMapping objectClass: posixGroup displayName: Domain Users sambaGroupType: 2 sambaSID: S-1-5-21-4074884656-2525905897-914379862-513 description: Domain Users gidNumber: 2001 cn: domainUsers memberUid: richi dn: cn=domainGuests,ou=Groups,dc=mydomain objectClass: sambaGroupMapping objectClass: posixGroobjectClass: posixGroup displayName: Domain Guests sambaGroupType: 2 sambaSID: S-1-5-21-4074884656-2525905897-914379862-514 description: Domain Guests gidNumber: 2002 cn: domainGuests dn: cn=domainComputers,ou=Groups,dc=mydomain objectClass: sambaGroupMapping objectClass: posixGroup displayName: Domain Computers sambaGroupType: 2 sambaSID: S-1-5-21-4074884656-2525905897-914379862-515 description: Domain Computers gidNumber: 2003 cn: domainComputers dn: uid=richi,ou=People,ou=Users,dc=mydomain objectClass: sambaSamAccount objectClass: shadowAccount objectClass: posixAccount objectClass: inetOrgPerson sambaHomeDrive: U: sambaDomainName: SCRAPPY sambaAcctFlags: [XU ] displayName: Richi sambaPrimaryGroupSID: S-1-5-21-4074884656-2525905897-914379862-512 sambaSID: S-1-5-21-4074884656-2525905897-914379862-5000 sambaLMPassword: <hidden> sambaNTPassword: <hidden> sambaPwdLastSet: 1218502167 shadowWarning: 10 shadowInactive: 10 shadowMin: 1 shadowMax: 365 homeDirectory: /home/richi loginShell: /bin/bash uid: richi cn: Richi uidNumber: 2000 gidNumber: 2000 sn: Smith givenName: Richi shadowLastChange: 14105 userPassword: secret dn: cn=domainAdmins,ou=Groups,dc=mydomain cn: domainAdmins description: Domain Admins objectClass: sambaGroupMapping objectClass: posixGroup gidNumber: 2000 sambaSID: S-1-5-21-4074884656-2525905897-914379862-512 sambaGroupType: 2 displayName: Domain Admin dn: ou=xwiki,ou=Groups,dc=mydomain ou: xwiki objectClass: top objectClass: organizationalUnit dn: cn=users,ou=xwiki,ou=Groups,dc=mydomain cn: users member: uid=richi,ou=People,ou=Users,dc=mydomain objectClass: groupOfNames objectClass: top ou: xwiki dn: cn=admins,ou=xwiki,ou=Groups,dc=mydomain cn: admins member: uid=richi,ou=People,ou=Users,dc=mydomain ou: xwiki objectClass: groupOfNames objectClass: top ------------------------------------------------- END ldif ------------------------------------------------------------ ------------------------------------------------- BEGIN xwiki.cfg ------------------------------------------------ #-# new LDAP authentication service xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl #-# Turn LDAP authentication on - otherwise only XWiki authentication #-# 0: disable #-# 1: enable xwiki.authentication.ldap=1 #-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.) xwiki.authentication.ldap.server=localhost xwiki.authentication.ldap.port=389 #-# LDAP login, empty = anonymous access, otherwise specify full dn #-# {0} is replaced with the username, {1} with the password xwiki.authentication.ldap.bind_DN=uid={0},ou=People,ou=Users,dc=mydomain xwiki.authentication.ldap.bind_pass={1} #-# Force to check password after LDAP connection #-# 0: disable #-# 1: enable xwiki.authentication.ldap.validate_password=0 #-# only members of the following group will be verified in the LDAP # otherwise only users that are found after searching starting from the base_DN xwiki.authentication.ldap.user_group=cn=users,ou=xwiki,ou=Groups,dc=mydomain #-# base DN for searches xwiki.authentication.ldap.base_DN=ou=People,ou=Users,dc=mydomain #-# Specifies the LDAP attribute containing the identifier to be used as the XWiki name (default=cn) xwiki.authentication.ldap.UID_attr=uid #-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl] #-# Specifies the LDAP attribute containing the password to be used "when xwiki.authentication.ldap.validate_password" is set to 1 xwiki.authentication.ldap.password_field=userPassword #-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl] #-# The potential LDAP groups classes. Separated by commas. xwiki.authentication.ldap.group_classes=group,groupOfNames,groupOfUniqueNames,dynamicGroup #-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl] #-# The potential names of the LDAP groups fields containings the members. Separated by commas. xwiki.authentication.ldap.group_memberfields=member,uniqueMember #-# retrieve the following fields from LDAP and store them in the XWiki user object (xwiki-attribute=ldap-attribute) #-# ldap_dn=dn -- dn is set by class, caches dn in XWiki.user object for faster access xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,fullname=displayName,email=mail #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] #-# on every login update the mapped attributes from LDAP to XWiki otherwise thi s happens only once when the XWiki account is created. xwiki.authentication.ldap.update_user=1 #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] #-# mapps XWiki groups to LDAP groups, separator is "|" xwiki.authentication.ldap.group_mapping=\ XWiki.XWikiAdminGroup=cn=admins,ou=xwiki,ou=Groups,dc=mydomain|\ XWiki.XWikiAllGroup=cn=users,ou=xwiki,ou=Groups,dc=mydomain #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] #-# time in s after which the list of members in a group is refreshed from LDAP (default=3600*6) #Every half an hour xwiki.authentication.ldap.groupcache_expiration=1800 #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] #-# - create : synchronize group membership only when the user is first created #-# - always: synchronize on every login xwiki.authentication.ldap.mode_group_sync=always #-# if ldap authentication fails for any reason, try XWiki DB authentication with the same credentials xwiki.authentication.ldap.trylocal=0 #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] #-# SSL connection to LDAP server #-# 0: normal #-# 1: SSL # xwiki.authentication.ldap.ssl=0 #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] #-# The keystore file to use in SSL connection # xwiki.authentication.ldap.ssl.keystore= #-# [SINCE 1.5M1, XWikiLDAPAuthServiceImpl] #-# The java secure provider used in SSL connection # xwiki.authentication.ldap.ssl.secure_provider=com.sun.net.ssl.internal.ssl.Provider --------------------------------------------------- END xwiki.cfg --------------------------------------------------------- _________________________________________________________________ Get ideas on sharing photos from people like you. Find new ways to share. http://www.windowslive.com/explore/photogallery/posts?ocid=TXT_TAGLM_WL_Pho… _______________________________________________ users mailing list users(a)xwiki.org http://lists.xwiki.org/mailman/listinfo/users