9 Apr
2015
9 Apr
'15
3:30 p.m.
Hello,
I am trying to connect to an LDAP server using the LDAP Admin
Application and failing. The settings I have configured are as follows:
- LDAP - enabled
- LDAP SERVER ADDRESS - server IP address
- LDAP SERVER PORT - 389
- LDAP LOGIN MATCHING - cn={0},ou=people,dc=info,dc=uaic,dc=ro
- LDAP PASSWORD MATCHING - {1}
- TRY LOCAL LOGIN - yes
- UPDATE USER FROM LDAP AFTER LOGIN - yes
- LDAP USER FIELDS MAPPING - last_name=sn,first_name=givenName,email=mail
Everything else is left blank, and in the xwiki.cfg file, the only
uncommented line is
xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
Every time I try to log in using LDAP credentials the attempt fails with
the log entry given at the end of the message. I have also tried the
exact same settings in the xwiki.cfg file, with the same error message.
The server I am using is Tomcat, and the xwiki version is 6.4.
Best regards,
Alex Moruz
2015-04-09 16:28:13,172
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
TRACE u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication
2015-04-09 16:28:13,185
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
DEBUG u.i.L.XWikiLDAPAuthServiceImpl - The provided user is null. We
don't try to authenticate, it probably means the user is in non logged
mode.
2015-04-09 16:28:13,185
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
TRACE u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication
2015-04-09 16:28:13,229
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
DEBUG u.i.L.XWikiLDAPAuthServiceImpl - Local LDAP authentication failed.
com.xpn.xwiki.plugin.ldap.XWikiLDAPException: Error number 0 in 5: LDAP
bind failed with LDAPException.
at
com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:197)
~[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:125)
~[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticateInContext(XWikiLDAPAuthServiceImpl.java:305)
[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:182)
[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:129)
[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:272)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:192)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:174)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:239)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3293)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
org.xwiki.security.authorization.internal.XWikiCachingRightService.authenticateUser(XWikiCachingRightService.java:241)
[xwiki-platform-security-bridge-6.4.jar:na]
at
org.xwiki.security.authorization.internal.XWikiCachingRightService.checkAccess(XWikiCachingRightService.java:271)
[xwiki-platform-security-bridge-6.4.jar:na]
at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3306)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4299)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:269)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:146)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:425)
[struts-core-1.3.10.jar:1.3.10]
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:228)
[struts-core-1.3.10.jar:1.3.10]
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
[struts-core-1.3.10.jar:1.3.10]
at
org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:462)
[struts-core-1.3.10.jar:1.3.10]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:643)
[servlet-api.jar:na]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:723)
[servlet-api.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at com.xpn.xwiki.web.ActionFilter.doFilter(ActionFilter.java:115)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
org.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:127)
[xwiki-platform-wysiwyg-server-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63)
[xwiki-platform-container-servlet-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
com.xpn.xwiki.plugin.webdav.XWikiDavFilter.doFilter(XWikiDavFilter.java:66)
[xwiki-platform-webdav-server-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
org.xwiki.container.servlet.filters.internal.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:208)
[xwiki-platform-container-servlet-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
org.xwiki.container.servlet.filters.internal.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:111)
[xwiki-platform-container-servlet-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
[catalina.jar:6.0.43]
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[catalina.jar:6.0.43]
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
[catalina.jar:6.0.43]
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861)
[tomcat-coyote.jar:6.0.43]
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:620)
[tomcat-coyote.jar:6.0.43]
at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
[tomcat-coyote.jar:6.0.43]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_25]
Caused by: com.novell.ldap.LDAPException: Invalid Credentials
at com.novell.ldap.LDAPResponse.getResultException(Unknown Source)
~[jldap-4.3.jar:na]
at com.novell.ldap.LDAPResponse.chkResultCode(Unknown Source)
~[jldap-4.3.jar:na]
at com.novell.ldap.LDAPConnection.chkResultCode(Unknown Source)
~[jldap-4.3.jar:na]
at com.novell.ldap.LDAPConnection.bind(Unknown Source)
~[jldap-4.3.jar:na]
at com.novell.ldap.LDAPConnection.bind(Unknown Source)
~[jldap-4.3.jar:na]
at
com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.bind(XWikiLDAPConnection.java:231)
~[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:193)
~[xwiki-platform-ldap-authenticator-6.4.jar:na]
... 51 common frames omitted
2015-04-09 16:28:13,231
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
DEBUG u.i.L.XWikiLDAPAuthServiceImpl - Trying authentication against
XWiki DB
2015-04-09 16:28:13,237
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
DEBUG u.i.L.XWikiLDAPAuthServiceImpl - LDAP authentication failed for
user [mmoruz]
2015-04-09 16:28:13,558
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/ssx/XWiki/DefaultSkin?la…]
TRACE u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication
2015-04-09 16:28:13,558
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/ssx/XWiki/DefaultSkin?la…]
DEBUG u.i.L.XWikiLDAPAuthServiceImpl - The provided user is null. We
don't try to authenticate, it probably means the user is in non logged
mode.
9 Apr
9 Apr
3:41 p.m.
Hi alex
I think that you use an Active Directory LDAP Server.
For this case, we have created a technical user called "LDAPBrowser" that has
the right to search in the whole AD server
The parameter "xwiki.authentication.ldap.bind_DN" is filled with the full DN,
and " xwiki.authentication.ldap.bind_pass" contains the password of this user.
Then "xwiki.authentication.ldap.base_DN" points to the branch of our LDAP
So the LDAP section of our xwifi.cfg file looks like this :
xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
xwiki.authentication.ldap=1
xwiki.authentication.ldap.server=10.69.1.1
xwiki.authentication.ldap.port=389
xwiki.authentication.ldap.bind_DN=CN=LDAPBrowser,OU=XXX,OU=YYY,DC=ZZZ,DC=lan
xwiki.authentication.ldap.bind_pass=XXXXXXXXX
xwiki.authentication.ldap.base_DN=OU=YYY,DC=ZZZ,DC=lan
xwiki.authentication.ldap.UID_attr=sAMAccountName
xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name=sn,first_name=givenName,fullname=displayName,email=mail,ldap_dn=dn
xwiki.authentication.ldap.update_user=1
Hope it helps,
Laurent
-----Message d'origine-----
De : users [mailto:users-bounces@xwiki.org] De la part de Alex Moruz
Envoyé : jeudi 9 avril 2015 15:31
À : users(a)xwiki.org
Objet : [xwiki-users] xwiki LDAP configuration
Hello,
I am trying to connect to an LDAP server using the LDAP Admin Application and failing. The
settings I have configured are as follows:
- LDAP - enabled
- LDAP SERVER ADDRESS - server IP address
- LDAP SERVER PORT - 389
- LDAP LOGIN MATCHING - cn={0},ou=people,dc=info,dc=uaic,dc=ro
- LDAP PASSWORD MATCHING - {1}
- TRY LOCAL LOGIN - yes
- UPDATE USER FROM LDAP AFTER LOGIN - yes
- LDAP USER FIELDS MAPPING - last_name=sn,first_name=givenName,email=mail
Everything else is left blank, and in the xwiki.cfg file, the only uncommented line is
xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
Every time I try to log in using LDAP credentials the attempt fails with the log entry
given at the end of the message. I have also tried the exact same settings in the
xwiki.cfg file, with the same error message.
The server I am using is Tomcat, and the xwiki version is 6.4.
Best regards,
Alex Moruz
2015-04-09 16:28:13,172
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
TRACE u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication
2015-04-09 16:28:13,185
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
DEBUG u.i.L.XWikiLDAPAuthServiceImpl - The provided user is null. We don't try to
authenticate, it probably means the user is in non logged mode.
2015-04-09 16:28:13,185
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
TRACE u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication
2015-04-09 16:28:13,229
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
DEBUG u.i.L.XWikiLDAPAuthServiceImpl - Local LDAP authentication failed.
com.xpn.xwiki.plugin.ldap.XWikiLDAPException: Error number 0 in 5: LDAP bind failed with
LDAPException.
at
com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:197)
~[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:125)
~[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticateInContext(XWikiLDAPAuthServiceImpl.java:305)
[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:182)
[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:129)
[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:272)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:192)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:174)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:239)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3293)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
org.xwiki.security.authorization.internal.XWikiCachingRightService.authenticateUser(XWikiCachingRightService.java:241)
[xwiki-platform-security-bridge-6.4.jar:na]
at
org.xwiki.security.authorization.internal.XWikiCachingRightService.checkAccess(XWikiCachingRightService.java:271)
[xwiki-platform-security-bridge-6.4.jar:na]
at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3306)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4299)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:269)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:146)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:425)
[struts-core-1.3.10.jar:1.3.10]
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:228)
[struts-core-1.3.10.jar:1.3.10]
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
[struts-core-1.3.10.jar:1.3.10]
at
org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:462)
[struts-core-1.3.10.jar:1.3.10]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:643)
[servlet-api.jar:na]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:723)
[servlet-api.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at com.xpn.xwiki.web.ActionFilter.doFilter(ActionFilter.java:115)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
org.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:127)
[xwiki-platform-wysiwyg-server-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63)
[xwiki-platform-container-servlet-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
com.xpn.xwiki.plugin.webdav.XWikiDavFilter.doFilter(XWikiDavFilter.java:66)
[xwiki-platform-webdav-server-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
org.xwiki.container.servlet.filters.internal.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:208)
[xwiki-platform-container-servlet-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
org.xwiki.container.servlet.filters.internal.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:111)
[xwiki-platform-container-servlet-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
[catalina.jar:6.0.43]
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[catalina.jar:6.0.43]
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
[catalina.jar:6.0.43]
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861)
[tomcat-coyote.jar:6.0.43]
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:620)
[tomcat-coyote.jar:6.0.43]
at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
[tomcat-coyote.jar:6.0.43]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_25] Caused by:
com.novell.ldap.LDAPException: Invalid Credentials
at com.novell.ldap.LDAPResponse.getResultException(Unknown Source)
~[jldap-4.3.jar:na]
at com.novell.ldap.LDAPResponse.chkResultCode(Unknown Source) ~[jldap-4.3.jar:na]
at com.novell.ldap.LDAPConnection.chkResultCode(Unknown Source) ~[jldap-4.3.jar:na]
at com.novell.ldap.LDAPConnection.bind(Unknown Source) ~[jldap-4.3.jar:na]
at com.novell.ldap.LDAPConnection.bind(Unknown Source) ~[jldap-4.3.jar:na]
at
com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.bind(XWikiLDAPConnection.java:231)
~[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:193)
~[xwiki-platform-ldap-authenticator-6.4.jar:na]
... 51 common frames omitted
2015-04-09 16:28:13,231
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
DEBUG u.i.L.XWikiLDAPAuthServiceImpl - Trying authentication against XWiki DB
2015-04-09 16:28:13,237
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
DEBUG u.i.L.XWikiLDAPAuthServiceImpl - LDAP authentication failed for user [mmoruz]
2015-04-09 16:28:13,558
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/ssx/XWiki/DefaultSkin?la…]
TRACE u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication
2015-04-09 16:28:13,558
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/ssx/XWiki/DefaultSkin?la…]
DEBUG u.i.L.XWikiLDAPAuthServiceImpl - The provided user is null. We don't try to
authenticate, it probably means the user is in non logged mode.
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
4:16 p.m.
Looks like you enabled debug log only for XWikiLDAPAuthServiceImpl
class, you should also enable it for com.xpn.xwiki.plugin.ldap package
as indicated on
http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HEnableL…
The root cause is "Invalid Credentials" which means that the user
cn={0},ou=people,dc=info,dc=uaic,dc=ro with {0} being the name you
entered in the login form and the password you gave don't have the
right to authenticate on that server.
You should maybe try some LDAP client (a few are listed on
http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HGeneric…)
to validate the information you entered in the configuration and
especially the bind DN.
On Thu, Apr 9, 2015 at 3:30 PM, Alex Moruz <mmoruz(a)info.uaic.ro> wrote:
Hello,
I am trying to connect to an LDAP server using the LDAP Admin Application
and failing. The settings I have configured are as follows:
- LDAP - enabled
- LDAP SERVER ADDRESS - server IP address
- LDAP SERVER PORT - 389
- LDAP LOGIN MATCHING - cn={0},ou=people,dc=info,dc=uaic,dc=ro
- LDAP PASSWORD MATCHING - {1}
- TRY LOCAL LOGIN - yes
- UPDATE USER FROM LDAP AFTER LOGIN - yes
- LDAP USER FIELDS MAPPING - last_name=sn,first_name=givenName,email=mail
Everything else is left blank, and in the xwiki.cfg file, the only
uncommented line is
xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
Every time I try to log in using LDAP credentials the attempt fails with the
log entry given at the end of the message. I have also tried the exact same
settings in the xwiki.cfg file, with the same error message.
The server I am using is Tomcat, and the xwiki version is 6.4.
Best regards,
Alex Moruz
2015-04-09 16:28:13,172
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
TRACE u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication
2015-04-09 16:28:13,185
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
DEBUG u.i.L.XWikiLDAPAuthServiceImpl - The provided user is null. We don't
try to authenticate, it probably means the user is in non logged mode.
2015-04-09 16:28:13,185
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
TRACE u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication
2015-04-09 16:28:13,229
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
DEBUG u.i.L.XWikiLDAPAuthServiceImpl - Local LDAP authentication failed.
com.xpn.xwiki.plugin.ldap.XWikiLDAPException: Error number 0 in 5: LDAP bind
failed with LDAPException.
at
com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:197)
~[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:125)
~[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticateInContext(XWikiLDAPAuthServiceImpl.java:305)
[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:182)
[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:129)
[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:272)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:192)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:174)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:239)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3293)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
org.xwiki.security.authorization.internal.XWikiCachingRightService.authenticateUser(XWikiCachingRightService.java:241)
[xwiki-platform-security-bridge-6.4.jar:na]
at
org.xwiki.security.authorization.internal.XWikiCachingRightService.checkAccess(XWikiCachingRightService.java:271)
[xwiki-platform-security-bridge-6.4.jar:na]
at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3306)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4299)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:269)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:146)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:425)
[struts-core-1.3.10.jar:1.3.10]
at
org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:228)
[struts-core-1.3.10.jar:1.3.10]
at
org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
[struts-core-1.3.10.jar:1.3.10]
at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:462)
[struts-core-1.3.10.jar:1.3.10]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:643)
[servlet-api.jar:na]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:723)
[servlet-api.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at com.xpn.xwiki.web.ActionFilter.doFilter(ActionFilter.java:115)
[xwiki-platform-legacy-oldcore-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
org.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:127)
[xwiki-platform-wysiwyg-server-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
org.xwiki.container.servlet.filters.internal.SetHTTPHeaderFilter.doFilter(SetHTTPHeaderFilter.java:63)
[xwiki-platform-container-servlet-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
com.xpn.xwiki.plugin.webdav.XWikiDavFilter.doFilter(XWikiDavFilter.java:66)
[xwiki-platform-webdav-server-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
org.xwiki.container.servlet.filters.internal.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:208)
[xwiki-platform-container-servlet-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
org.xwiki.container.servlet.filters.internal.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:111)
[xwiki-platform-container-servlet-6.4.jar:na]
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
[catalina.jar:6.0.43]
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
[catalina.jar:6.0.43]
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
[catalina.jar:6.0.43]
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
[catalina.jar:6.0.43]
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861)
[tomcat-coyote.jar:6.0.43]
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:620)
[tomcat-coyote.jar:6.0.43]
at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
[tomcat-coyote.jar:6.0.43]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_25]
Caused by: com.novell.ldap.LDAPException: Invalid Credentials
at com.novell.ldap.LDAPResponse.getResultException(Unknown Source)
~[jldap-4.3.jar:na]
at com.novell.ldap.LDAPResponse.chkResultCode(Unknown Source)
~[jldap-4.3.jar:na]
at com.novell.ldap.LDAPConnection.chkResultCode(Unknown Source)
~[jldap-4.3.jar:na]
at com.novell.ldap.LDAPConnection.bind(Unknown Source)
~[jldap-4.3.jar:na]
at com.novell.ldap.LDAPConnection.bind(Unknown Source)
~[jldap-4.3.jar:na]
at
com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.bind(XWikiLDAPConnection.java:231)
~[xwiki-platform-ldap-authenticator-6.4.jar:na]
at
com.xpn.xwiki.plugin.ldap.XWikiLDAPConnection.open(XWikiLDAPConnection.java:193)
~[xwiki-platform-ldap-authenticator-6.4.jar:na]
... 51 common frames omitted
2015-04-09 16:28:13,231
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
DEBUG u.i.L.XWikiLDAPAuthServiceImpl - Trying authentication against XWiki
DB
2015-04-09 16:28:13,237
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/loginsubmit/XWiki/XWikiL…]
DEBUG u.i.L.XWikiLDAPAuthServiceImpl - LDAP authentication failed for user
[mmoruz]
2015-04-09 16:28:13,558
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/ssx/XWiki/DefaultSkin?la…]
TRACE u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication
2015-04-09 16:28:13,558
[http://127.0.0.1:8080/xwiki-enterprise-web-6.4/bin/ssx/XWiki/DefaultSkin?la…]
DEBUG u.i.L.XWikiLDAPAuthServiceImpl - The provided user is null. We don't
try to authenticate, it probably means the user is in non logged mode.
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
--
Thomas Mortagne
3505
days inactive
3505
days old
2 comments
3 participants
participants (3)
-
Alex Moruz -
Laurent CARON -
Thomas Mortagne