[xwiki-users] LDAP Logging Problem
Hi Guys, hopefully im doing right sending a mail to this list with my problem. Actually i got 2 Problems but if i can solve one the other will be gone :) One is die LDAP connection and the other is the debugging/logging function. Unfortunately i can't login with the AD users and i don't even know if there is a connection to the server. I wasted a day trying to get the debugging/logging enabled but it seems im to stupid for it :) enabled LDAP Debug Log with the log4j.properties file in WEB-INF/classes without success. log4j.logger.com.xpn.xwiki.plugin.ldap=trace log4j.logger.com.xpn.xwiki.user.impl.LDAP=trace but somehow i cant find a log or information about ldap. do i have to configure something else or add some information to the xwiki.cfg?! any help is appreciated. Systeminformation: CentOS 6.1 in a VM XWiki 3.3 Tomcat 5.5 Java 1.6 thanks and regards, Niko
On Fri, Jan 20, 2012 at 11:18 AM, niko dangl <[email protected]> wrote:
Hi Guys,
hopefully im doing right sending a mail to this list with my problem.
Actually i got 2 Problems but if i can solve one the other will be gone :)
One is die LDAP connection and the other is the debugging/logging function. Unfortunately i can't login with the AD users and i don't even know if there is a connection to the server. I wasted a day trying to get the debugging/logging enabled but it seems im to stupid for it :)
enabled LDAP Debug Log with the log4j.properties file in WEB-INF/classes without success.
log4j.logger.com.xpn.xwiki.plugin.ldap=trace log4j.logger.com.xpn.xwiki.user.impl.LDAP=trace
but somehow i cant find a log or information about ldap.
do i have to configure something else or add some information to the xwiki.cfg?!
What version of XWiki is it ? As indicated on http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HEnableLD... log4j based configuration is for pre 3.1 version of XWiki.
any help is appreciated.
Systeminformation:
CentOS 6.1 in a VM XWiki 3.3 Tomcat 5.5 Java 1.6
thanks and regards, Niko _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
-- Thomas Mortagne
Ok, it's version 3.3 so its obsolete. Is there any other way to get a logfile for this?! here the LDAP part of my xwiki.cfg could you please have a look at this? do i need the FQDN or is name/ip enough for the server config? # LDAP #------------------------------------------------------------------------------------- xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl xwiki.authentication.ldap=1 xwiki.authentication.ldap.server=ewudc01 xwiki.authentication.ldap.port=389 xwiki.authentication.ldap.bind_DN={0} xwiki.authentication.ldap.bind_pass={1} #-# The Base DN used in LDAP searches xwiki.authentication.ldap.base_DN=CN=Users,DC=w2k,DC=rto,DC=dec,DC=com regards, Niko 2012/1/20 Thomas Mortagne <[email protected]>:
On Fri, Jan 20, 2012 at 11:18 AM, niko dangl <[email protected]> wrote:
Hi Guys,
hopefully im doing right sending a mail to this list with my problem.
Actually i got 2 Problems but if i can solve one the other will be gone :)
One is die LDAP connection and the other is the debugging/logging function. Unfortunately i can't login with the AD users and i don't even know if there is a connection to the server. I wasted a day trying to get the debugging/logging enabled but it seems im to stupid for it :)
enabled LDAP Debug Log with the log4j.properties file in WEB-INF/classes without success.
log4j.logger.com.xpn.xwiki.plugin.ldap=trace log4j.logger.com.xpn.xwiki.user.impl.LDAP=trace
but somehow i cant find a log or information about ldap.
do i have to configure something else or add some information to the xwiki.cfg?!
What version of XWiki is it ?
As indicated on http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HEnableLD... log4j based configuration is for pre 3.1 version of XWiki.
any help is appreciated.
Systeminformation:
CentOS 6.1 in a VM XWiki 3.3 Tomcat 5.5 Java 1.6
thanks and regards, Niko _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
-- Thomas Mortagne _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
On Fri, Jan 20, 2012 at 2:15 PM, niko dangl <[email protected]> wrote:
Ok, it's version 3.3 so its obsolete. Is there any other way to get a logfile for this?!
Well if you look at http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HEnableLD... you will seen that you have the documentation for both pre and post 3.1. Amon other thing it redirect to http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Logging which explain in details how logging is working and how to setup it.
here the LDAP part of my xwiki.cfg could you please have a look at this? do i need the FQDN or is name/ip enough for the server config?
# LDAP #------------------------------------------------------------------------------------- xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl xwiki.authentication.ldap=1 xwiki.authentication.ldap.server=ewudc01 xwiki.authentication.ldap.port=389 xwiki.authentication.ldap.bind_DN={0} xwiki.authentication.ldap.bind_pass={1} #-# The Base DN used in LDAP searches xwiki.authentication.ldap.base_DN=CN=Users,DC=w2k,DC=rto,DC=dec,DC=com
regards, Niko
2012/1/20 Thomas Mortagne <[email protected]>:
On Fri, Jan 20, 2012 at 11:18 AM, niko dangl <[email protected]> wrote:
Hi Guys,
hopefully im doing right sending a mail to this list with my problem.
Actually i got 2 Problems but if i can solve one the other will be gone :)
One is die LDAP connection and the other is the debugging/logging function. Unfortunately i can't login with the AD users and i don't even know if there is a connection to the server. I wasted a day trying to get the debugging/logging enabled but it seems im to stupid for it :)
enabled LDAP Debug Log with the log4j.properties file in WEB-INF/classes without success.
log4j.logger.com.xpn.xwiki.plugin.ldap=trace log4j.logger.com.xpn.xwiki.user.impl.LDAP=trace
but somehow i cant find a log or information about ldap.
do i have to configure something else or add some information to the xwiki.cfg?!
What version of XWiki is it ?
As indicated on http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HEnableLD... log4j based configuration is for pre 3.1 version of XWiki.
any help is appreciated.
Systeminformation:
CentOS 6.1 in a VM XWiki 3.3 Tomcat 5.5 Java 1.6
thanks and regards, Niko _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
-- Thomas Mortagne _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
-- Thomas Mortagne
that is what i already did but unfortunately without result. i just started with wiki and linux/unix so i dont know what to do next because i actually still dont know what my problem is and how to fix that. my LDAP part in xwiki.cfg # LDAP #------------------------------------------------------------------------------------- xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl xwiki.authentication.ldap=1 xwiki.authentication.ldap.server=192.168.220.80 xwiki.authentication.ldap.port=389 xwiki.authentication.ldap.bind_DN={0} xwiki.authentication.ldap.bind_pass={1} xwiki.authentication.ldap.base_DN=DC=w2k,DC=rto,DC=dec,DC=com xwiki.authentication.ldap.UID_attr=cn also i cant find any logs..i thought its logged in the tomcat log files but there is nothing about ldap/connection problems. I'm at my wits' end :(
On Mon, Jan 23, 2012 at 11:10 AM, niko dangl <[email protected]> wrote:
that is what i already did but unfortunately without result. i just started with wiki and linux/unix so i dont know what to do next because i actually still dont know what my problem is and how to fix that.
my LDAP part in xwiki.cfg
# LDAP #------------------------------------------------------------------------------------- xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl xwiki.authentication.ldap=1
With theses two lines you should get some LDAP log.
xwiki.authentication.ldap.server=192.168.220.80 xwiki.authentication.ldap.port=389 xwiki.authentication.ldap.bind_DN={0} xwiki.authentication.ldap.bind_pass={1} xwiki.authentication.ldap.base_DN=DC=w2k,DC=rto,DC=dec,DC=com xwiki.authentication.ldap.UID_attr=cn
Seems ok. What kind of LDAP server is it ?
also i cant find any logs..i thought its logged in the tomcat log files but there is nothing about ldap/connection problems.
Do you see any xwiki related logs in there ? Generally it's in the catalina.out file by default. If you have migration enabled in xwiki.cfg you should see some log when you load the first page.
I'm at my wits' end :( _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
-- Thomas Mortagne
This messages shows up all the time I try to login.. 2012-01-23 13:47:49,407 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] WARN o.x.v.i.DefaultVelocityEngine - Deprecated usage of method [com.xpn.xwiki.api.XWiki.parseMessage] in /templates/login.vm@29,33 And the only thing about LDAP is 2012-01-16 14:08:00,565 [http://192.168.220.127:8080/xwiki/bin/admin/XWiki/XWikiPreferences?editor=gl...] ERROR aultExtensionRepositoryManager - Failed to search on repository [org.xwiki.extension.repository.xwiki.internal.XWikiExtensionRepository@7578bbf2] with pattern=[ldap], offset=[0] and nb=[20]. Ignore and got to next repository. But I guess this is something from the LDAP Tools extension I have installed previously and maybe that’s my problem because there is still something left in xwiki and I can’t uninstall it. We are using Active Directory on Windows Server 2003 and trying to authenticate via LDAP. Regards, Niko
On Mon, Jan 23, 2012 at 2:04 PM, niko dangl <[email protected]> wrote:
This messages shows up all the time I try to login..
2012-01-23 13:47:49,407 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] WARN o.x.v.i.DefaultVelocityEngine - Deprecated usage of method [com.xpn.xwiki.api.XWiki.parseMessage] in /templates/login.vm@29,33
And the only thing about LDAP is
2012-01-16 14:08:00,565 [http://192.168.220.127:8080/xwiki/bin/admin/XWiki/XWikiPreferences?editor=gl...] ERROR aultExtensionRepositoryManager - Failed to search on repository [org.xwiki.extension.repository.xwiki.internal.XWikiExtensionRepository@7578bbf2] with pattern=[ldap], offset=[0] and nb=[20]. Ignore and got to next repository.
But I guess this is something from the LDAP Tools extension I have installed previously and maybe that’s my problem because there is still something left in xwiki and I can’t uninstall it.
Yep this has nothing to do with LDAP authenticator log but at least you definitely have XWiki log. Are you sure you modified the WEB-INF/classes/logback.xml file and added <logger name="com.xpn.xwiki.plugin.ldap" level="trace"/> <logger name="com.xpn.xwiki.user.impl.LDAP" level="trace"/> ?
We are using Active Directory on Windows Server 2003 and trying to authenticate via LDAP.
In that case your configuration looks wrong to me, especially the UID_attr: it's generally sAMAccountName for AD. See http://platform.xwiki.org/xwiki/bin/view/AdminGuide/LDAPAuthenticationUseCas....
Regards, Niko _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
-- Thomas Mortagne
thanks for that hint...i had it in the logback.xml on my local pc and just forgot to replace the file on the wiki server.. now i get some messages regarding LDAP :) this is what i get if i just start tomcat 2012-01-23 16:20:29,999 [http://192.168.220.127:8080/xwiki/bin/view/Main/WebHome] TRACE u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication 2012-01-23 16:20:30,002 [http://192.168.220.127:8080/xwiki/bin/view/Main/WebHome] DEBUG u.i.L.XWikiLDAPAuthServiceImpl - The provided user is null. We don't try to authenticate, it probably means the user is in non logged mode. 2012-01-23 16:20:30,895 [http://192.168.220.127:8080/xwiki/bin/view/Main/WebHome] ERROR o.i.ObservationContextListener - Can't find any begin event corresponding to [class org.xwiki.bridge.event.ActionExecutedEvent (view)] 2012-01-23 16:20:30,908 [http://192.168.220.127:8080/xwiki/bin/login/XWiki/XWikiLogin?srid=w2ltzX7K&x...] TRACE u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication 2012-01-23 16:20:30,908 [http://192.168.220.127:8080/xwiki/bin/login/XWiki/XWikiLogin?srid=w2ltzX7K&x...] DEBUG u.i.L.XWikiLDAPAuthServiceImpl - The provided user is null. We don't try to authenticate, it probably means the user is in non logged mode. 2012-01-23 16:20:31,075 [http://192.168.220.127:8080/xwiki/bin/login/XWiki/XWikiLogin?srid=w2ltzX7K&x...] WARN o.x.v.i.DefaultVelocityEngine - Deprecated usage of method [com.xpn.xwiki.api.XWiki.parseMessage] in /templates/login.vm@29,33 and this comes after trying to login with AD user 2012-01-23 16:23:34,440 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] TRACE u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication 2012-01-23 16:23:34,440 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG u.i.L.XWikiLDAPAuthServiceImpl - The provided user is null. We don't try to authenticate, it probably means the user is in non logged mode. 2012-01-23 16:23:34,441 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] TRACE u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication 2012-01-23 16:23:34,449 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG c.x.x.p.l.XWikiLDAPConfig - ldap_group_classes: [groupofnames, groupwisedistributionlist, dynamicgroup, dynamicgroupaux, groupofuniquenames, group] 2012-01-23 16:23:34,450 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG c.x.x.p.l.XWikiLDAPConfig - ldap_group_memberfields: [member, uniquemember] 2012-01-23 16:23:34,450 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG u.i.L.XWikiLDAPAuthServiceImpl - LDAP authentication failed: LDAP not activ 2012-01-23 16:23:34,451 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG u.i.L.XWikiLDAPAuthServiceImpl - Trying authentication against XWiki DB 2012-01-23 16:23:34,462 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG u.i.L.XWikiLDAPAuthServiceImpl - LDAP authentication failed for user [Niko Test] 2012-01-23 16:23:34,656 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] WARN o.x.v.i.DefaultVelocityEngine - Deprecated usage of method [com.xpn.xwiki.api.XWiki.parseMessage] in /templates/login.vm@29,33 i thought the authentication will start if i enter username and password in wiki.. is there a order in the xwiki.cfg LDAP configuration line?
On Mon, Jan 23, 2012 at 3:34 PM, niko dangl <[email protected]> wrote:
thanks for that hint...i had it in the logback.xml on my local pc and just forgot to replace the file on the wiki server.. now i get some messages regarding LDAP :)
this is what i get if i just start tomcat
2012-01-23 16:20:29,999 [http://192.168.220.127:8080/xwiki/bin/view/Main/WebHome] TRACE u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication 2012-01-23 16:20:30,002 [http://192.168.220.127:8080/xwiki/bin/view/Main/WebHome] DEBUG u.i.L.XWikiLDAPAuthServiceImpl - The provided user is null. We don't try to authenticate, it probably means the user is in non logged mode. 2012-01-23 16:20:30,895 [http://192.168.220.127:8080/xwiki/bin/view/Main/WebHome] ERROR o.i.ObservationContextListener - Can't find any begin event corresponding to [class org.xwiki.bridge.event.ActionExecutedEvent (view)] 2012-01-23 16:20:30,908 [http://192.168.220.127:8080/xwiki/bin/login/XWiki/XWikiLogin?srid=w2ltzX7K&x...] TRACE u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication 2012-01-23 16:20:30,908 [http://192.168.220.127:8080/xwiki/bin/login/XWiki/XWikiLogin?srid=w2ltzX7K&x...] DEBUG u.i.L.XWikiLDAPAuthServiceImpl - The provided user is null. We don't try to authenticate, it probably means the user is in non logged mode. 2012-01-23 16:20:31,075 [http://192.168.220.127:8080/xwiki/bin/login/XWiki/XWikiLogin?srid=w2ltzX7K&x...] WARN o.x.v.i.DefaultVelocityEngine - Deprecated usage of method [com.xpn.xwiki.api.XWiki.parseMessage] in /templates/login.vm@29,33
Yep this message is expected: the authenticator is called first without any user/password, this is used for SSO authenticators which get thoses information automatically in the HTTP header or whatever.
and this comes after trying to login with AD user
2012-01-23 16:23:34,440 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] TRACE u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication 2012-01-23 16:23:34,440 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG u.i.L.XWikiLDAPAuthServiceImpl - The provided user is null. We don't try to authenticate, it probably means the user is in non logged mode. 2012-01-23 16:23:34,441 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] TRACE u.i.L.XWikiLDAPAuthServiceImpl - Starting LDAP authentication 2012-01-23 16:23:34,449 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG c.x.x.p.l.XWikiLDAPConfig - ldap_group_classes: [groupofnames, groupwisedistributionlist, dynamicgroup, dynamicgroupaux, groupofuniquenames, group] 2012-01-23 16:23:34,450 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG c.x.x.p.l.XWikiLDAPConfig - ldap_group_memberfields: [member, uniquemember] 2012-01-23 16:23:34,450 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG u.i.L.XWikiLDAPAuthServiceImpl - LDAP authentication failed: LDAP not activ
This mean the LDAP authenticator is disabled. Since it seems to be ok in your xwiki.cfg (xwiki.authentication.ldap=1) it's probably disabled in the XWikiPreference page of your wiki.
2012-01-23 16:23:34,451 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG u.i.L.XWikiLDAPAuthServiceImpl - Trying authentication against XWiki DB 2012-01-23 16:23:34,462 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] DEBUG u.i.L.XWikiLDAPAuthServiceImpl - LDAP authentication failed for user [Niko Test] 2012-01-23 16:23:34,656 [http://192.168.220.127:8080/xwiki/bin/loginsubmit/XWiki/XWikiLogin] WARN o.x.v.i.DefaultVelocityEngine - Deprecated usage of method [com.xpn.xwiki.api.XWiki.parseMessage] in /templates/login.vm@29,33
i thought the authentication will start if i enter username and password in wiki.. is there a order in the xwiki.cfg LDAP configuration line? _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
-- Thomas Mortagne
Thank you so much for your help :) Finally its working and you were right..had to change it in xwiki preferences. Now i only have to set up the groups :)
participants (2)
-
niko dangl -
Thomas Mortagne