22 Jun
2007
22 Jun
'07
7:29 p.m.
Hi All,
Does anyone sucessfully authenticate with Active Directory using xwiki 1.0?
On my newly installed XWiki, I'm trying to authenticate against active directory. I
installed the xwiki 1.0 war on tomcat 6, using mysql 5 as the database.
Using the default forms authentication method works fine, when I try to enable using the
AD via the LDAP authentication, it doesn't work; I always get messages in the
xwiki.log saying that "LDAP Bind failed with Exception Invalid Credentials".
I am able to connect to the AD using ldap function in Coldfusion, so it should be
possible.
Also, I'm using the following log4j.properties file located in WEB-INF/lib:
****log4j.properties:
### Direct log messages to stdout
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.Target=System.out
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d{ABSOLUTE} %5p %t %X{url} %c{1}:%M:%L -
%m%n
log4j.appender.file=org.apache.log4j.RollingFileAppender
log4j.appender.file.File=xwiki.log
log4j.appender.file.MaxFileSize=10MB
log4j.appender.file.MaxBackupIndex=50
log4j.appender.file.layout=org.apache.log4j.PatternLayout
log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} [%t] %-5p %-30.30c{2} %x - %m
%n
### By default everything that is of warning or severity WARN, ERROR or FATAL is logged
both to
### the console and to the xwiki.log file.
#log4j.rootLogger=warn, stdout, file
log4j.rootLogger=debug, stdout, file
### Hibernate logging options
log4j.logger.org.hibernate=warn
log4j.logger.org.hibernate.SQL=warn
log4j.logger.org.hibernate.type=warn
log4j.logger.org.hibernate.ps.PreparedStatementCache=warn
### XWiki logging configuration
log4j.logger.com.xpn.xwiki=warn
log4j.logger.com.xpn.xwiki.render.XWikiRadeoxRenderEngine=warn
### Deactive Radeox warnings
#log4j.logger.org.radeox.macro.BaseLocaleMacro=error
### Deactive Struts warnings
#log4j.logger.org.apache.struts.util.RequestUtils=error
### Deactivate JGroups warnings
#log4j.logger.org.jgroups=error
#turn on debug messages for LDAP
com.xpn.xwiki.user.impl.LDAP=debug
Here are some snippets of the relevant files:
****xwiki.cfg:
xwiki.version=1.0
xwiki.base=../../
xwiki.store.class=com.xpn.xwiki.store.XWikiHibernateStore
xwiki.store.hibernate.path=/WEB-INF/hibernate.cfg.xml
xwiki.store.hibernate.updateschema=1
xwiki.store.hibernate.custommapping=1
## Jcr Store configuration
#xwiki.store.class=com.xpn.xwiki.store.jcr.XWikiJcrStore
#xwiki.store.attachment.class=com.xpn.xwiki.store.jcr.XWikiJcrAttachmentStore
#xwiki.store.versioning.class=com.xpn.xwiki.store.jcr.XWikiJcrPropertyVersioningStore
#xwiki.store.jcr.mapping=WEB-INF/classes/jcrmapping.xml
#xwiki.store.jcr.provider=com.xpn.xwiki.store.jcr.JackRabbitJCRProvider
#xwiki.store.jcr.jackrabbit.repository.config=WEB-INF/classes/jackrabbit/repository.xml
#xwiki.store.jcr.jackrabbit.repository.path=jackrabbitrepo
#xwiki.store.jcr.jackrabbit.nodetypes.config=WEB-INF/classes/jackrabbit/nodetypes.cnd
xwiki.store.cache=1
xwiki.store.cache.capacity=100
xwiki.monitor=1
# List of active plugins.
xwiki.plugins=com.xpn.xwiki.monitor.api.MonitorPlugin,\
com.xpn.xwiki.plugin.calendar.CalendarPlugin,\
com.xpn.xwiki.plugin.feed.FeedPlugin,\
com.xpn.xwiki.plugin.ldap.LDAPPlugin,\
com.xpn.xwiki.plugin.google.GooglePlugin,\
com.xpn.xwiki.plugin.flickr.FlickrPlugin,\
com.xpn.xwiki.plugin.mail.MailPlugin,\
com.xpn.xwiki.plugin.packaging.PackagePlugin,\
com.xpn.xwiki.plugin.query.QueryPlugin,\
com.xpn.xwiki.plugin.svg.SVGPlugin,\
com.xpn.xwiki.plugin.charts.ChartingPlugin,\
com.xpn.xwiki.plugin.fileupload.FileUploadPlugin,\
com.xpn.xwiki.plugin.image.ImagePlugin,\
com.xpn.xwiki.plugin.captcha.CaptchaPlugin,\
com.xpn.xwiki.plugin.userdirectory.UserDirectoryPlugin,\
com.xpn.xwiki.plugin.usertools.XWikiUserManagementToolsImpl
# This parameter allows XWiki to operate in Hosting mode
# allowing to create multiple wikis having their own database
# and responding to different URLs
xwiki.virtual=0
xwiki.virtual.redirect=http://127.0.0.1:9080/xwiki/bin/Main/ThisWikiDoesNotExist
# This parameter will activate the exo integration
xwiki.exo=0
#xwiki.authentication=form
#xwiki.authentication.validationKey=totototototototototototototototo
#xwiki.authentication.encryptionKey=titititititititititititititititi
#xwiki.authentication.cookiedomains=xwiki.com,wiki.fr
# Stats configuration allows to globally activate/deactivate stats module
# it is also possible to choose a different stats service to record
# statistics separately from XWiki.
# Note: Statistics are disabled by default for improved performances.
xwiki.stats=0
xwiki.stats.default=1
xwiki.stats.class=com.xpn.xwiki.stats.impl.XWikiStatsServiceImpl
xwiki.encoding=ISO-8859-1
xwiki.render.macromapping=1
xwiki.backlinks=1
xwiki.tags=1
# GraphViz plugin configuration. The GraphViz plugin is not configured by default.
# To enable it, add "com.xpn.xwiki.plugin.graphviz.GraphVizPlugin" to the list
of plugins
# in the xwiki.plugins property.
# Uncomment and set the locations of the Dot and Neato executables
#xwiki.plugin.graphviz.dotpath=c:/Program Files/ATT/GraphViz/bin/dot.exe
#xwiki.plugin.graphviz.neatopath=c:/Program Files/ATT/GraphViz/bin/neato.exe
xwiki.plugin.laszlo.baseurl=/openlaszlo/xwiki/
xwiki.plugin.laszlo.path=c:/Program Files/Apache Software Foundation/Tomcat
5.0/webapps/openlaszlo/xwiki/
xwiki.plugin.image.cache.capacity=30
xwiki.plugin.captcha=1
## Personal config
# Enable to allow superadmin. It is disabled by default as this could be a security breach
if
# it were set and you forgot about it.
#xwiki.superadminpassword=system
#xwiki.authentication.ldap=0
#xwiki.authentication.ldap.server=172.29.116.202
#xwiki.authentication.ldap.check_level=1
#xwiki.authentication.ldap.port=389
#xwiki.authentication.ldap.base_DN=dc=necf,dc=fr
#xwiki.authentication.ldap.bind_DN=cn={0},cn=Users,dc=necf,dc=fr
#xwiki.authentication.ldap.bind_pass={1}
#xwiki.authentication.ldap.UID_attr=sAMAccountName
#xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name=sn,first_name=givenName,fullname=displayName,email=mail,ldap_dn=dn
xwiki.authentication.ldap=1
xwiki.authentication.ldap.authclass=com.xpn.xwiki.user.impl.LDAP.LDAPAuthServiceImpl
xwiki.authentication.ldap.server=adserver
xwiki.authentication.ldap.check_level=1
xwiki.authentication.ldap.port=389
xwiki.authentication.ldap.base_DN=dc=dc1,dc=dc2,dc=dc3
xwiki.authentication.ldap.bind_DN=dc1{0}
xwiki.authentication.ldap.bind_pass={1}
xwiki.authentication.ldap.UID_attr=sAMAccountName
xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name=sn,first_name=givenName,fullname=displayName,mail=mail,ldap_dn=dn
xwiki.authentication.unauthorized_code=200
# This parameter will activate the sectional editing
xwiki.section.edit=1
# Editor config
xwiki.wysiwyg.use_style_toolbar=1
xwiki.defaultskin=albatross
xwiki.defaultbaseskin=albatross
****xwiki.log:
10:41:22,015 [http-8888-2] ERROR LDAP.LDAPAuthServiceImpl - LDAP Bind failed with
Exception Invalid Credentials
10:43:23,500 [http-8888-1] ERROR LDAP.LDAPAuthServiceImpl - LDAP Bind failed with
Exception Invalid Credentials
etc.
Any thoughts? They would be much appreciated.
Thanks,
Joe
25 Jun
25 Jun
3:04 p.m.
New subject: [xwiki-users] Active Directory Authentication
I also got ActievDirectory authentication working. Here's my LDAP portion
of my xwiki.cfg:
xwiki.authentication.ldap=1
xwiki.authentication.ldap.server=ad1.mydomain.com
xwiki.authentication.ldap.check_level=1
xwiki.authentication.ldap.port=389
xwiki.authentication.ldap.base_DN=dc=mydomain,dc=mlan
xwiki.authentication.ldap.bind_DN=cn={0},cn=Users,dc=mydomain,dc=mlan
xwiki.authentication.ldap.bind_pass={1}
xwiki.authentication.ldap.UID_attr=cn
xwiki.authentication.ldap.fields_mapping=name=cn,last_name=sn,first_name=givenName,fullname=displayName,mail=cn,ldap_dn=dn
Regards,
Brian.
"Joseph P.
McEttrick"
<jpmcettrick@suff To
olk.edu> xwiki-users(a)objectweb.org
cc
06/22/2007 01:29
PM Subject
[xwiki-users] Active Directory
Authentication
Please respond to
xwiki-users@objec
tweb.org
Hi All,
Does anyone sucessfully authenticate with Active Directory using xwiki 1.0?
On my newly installed XWiki, I'm trying to authenticate against active
directory. I installed the xwiki 1.0 war on tomcat 6, using mysql 5 as the
database.
Using the default forms authentication method works fine, when I try to
enable using the AD via the LDAP authentication, it doesn't work; I always
get messages in the xwiki.log saying that "LDAP Bind failed with Exception
Invalid Credentials".
I am able to connect to the AD using ldap function in Coldfusion, so it
should be possible.
Also, I'm using the following log4j.properties file located in WEB-INF/lib:
****log4j.properties:
### Direct log messages to stdout
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.Target=System.out
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d{ABSOLUTE} %5p %t %X{url}
%c{1}:%M:%L - %m%n
log4j.appender.file=org.apache.log4j.RollingFileAppender
log4j.appender.file.File=xwiki.log
log4j.appender.file.MaxFileSize=10MB
log4j.appender.file.MaxBackupIndex=50
log4j.appender.file.layout=org.apache.log4j.PatternLayout
log4j.appender.file.layout.ConversionPattern=%d{ABSOLUTE} [%t] %-5p %-30.30
c{2} %x - %m %n
### By default everything that is of warning or severity WARN, ERROR or
FATAL is logged both to
### the console and to the xwiki.log file.
#log4j.rootLogger=warn, stdout, file
log4j.rootLogger=debug, stdout, file
### Hibernate logging options
log4j.logger.org.hibernate=warn
log4j.logger.org.hibernate.SQL=warn
log4j.logger.org.hibernate.type=warn
log4j.logger.org.hibernate.ps.PreparedStatementCache=warn
### XWiki logging configuration
log4j.logger.com.xpn.xwiki=warn
log4j.logger.com.xpn.xwiki.render.XWikiRadeoxRenderEngine=warn
### Deactive Radeox warnings
#log4j.logger.org.radeox.macro.BaseLocaleMacro=error
### Deactive Struts warnings
#log4j.logger.org.apache.struts.util.RequestUtils=error
### Deactivate JGroups warnings
#log4j.logger.org.jgroups=error
#turn on debug messages for LDAP
com.xpn.xwiki.user.impl.LDAP=debug
Here are some snippets of the relevant files:
****xwiki.cfg:
xwiki.version=1.0
xwiki.base=../../
xwiki.store.class=com.xpn.xwiki.store.XWikiHibernateStore
xwiki.store.hibernate.path=/WEB-INF/hibernate.cfg.xml
xwiki.store.hibernate.updateschema=1
xwiki.store.hibernate.custommapping=1
## Jcr Store configuration
#xwiki.store.class=com.xpn.xwiki.store.jcr.XWikiJcrStore
#xwiki.store.attachment.class=com.xpn.xwiki.store.jcr.XWikiJcrAttachmentStore
#xwiki.store.versioning.class=com.xpn.xwiki.store.jcr.XWikiJcrPropertyVersioningStore
#xwiki.store.jcr.mapping=WEB-INF/classes/jcrmapping.xml
#xwiki.store.jcr.provider=com.xpn.xwiki.store.jcr.JackRabbitJCRProvider
#xwiki.store.jcr.jackrabbit.repository.config=WEB-INF/classes/jackrabbit/repository.xml
#xwiki.store.jcr.jackrabbit.repository.path=jackrabbitrepo
#xwiki.store.jcr.jackrabbit.nodetypes.config=WEB-INF/classes/jackrabbit/nodetypes.cnd
xwiki.store.cache=1
xwiki.store.cache.capacity=100
xwiki.monitor=1
# List of active plugins.
xwiki.plugins=com.xpn.xwiki.monitor.api.MonitorPlugin,\
com.xpn.xwiki.plugin.calendar.CalendarPlugin,\
com.xpn.xwiki.plugin.feed.FeedPlugin,\
com.xpn.xwiki.plugin.ldap.LDAPPlugin,\
com.xpn.xwiki.plugin.google.GooglePlugin,\
com.xpn.xwiki.plugin.flickr.FlickrPlugin,\
com.xpn.xwiki.plugin.mail.MailPlugin,\
com.xpn.xwiki.plugin.packaging.PackagePlugin,\
com.xpn.xwiki.plugin.query.QueryPlugin,\
com.xpn.xwiki.plugin.svg.SVGPlugin,\
com.xpn.xwiki.plugin.charts.ChartingPlugin,\
com.xpn.xwiki.plugin.fileupload.FileUploadPlugin,\
com.xpn.xwiki.plugin.image.ImagePlugin,\
com.xpn.xwiki.plugin.captcha.CaptchaPlugin,\
com.xpn.xwiki.plugin.userdirectory.UserDirectoryPlugin,\
com.xpn.xwiki.plugin.usertools.XWikiUserManagementToolsImpl
# This parameter allows XWiki to operate in Hosting mode
# allowing to create multiple wikis having their own database
# and responding to different URLs
xwiki.virtual=0
xwiki.virtual.redirect=http://127.0.0.1:9080/xwiki/bin/Main/ThisWikiDoesNotExist
# This parameter will activate the exo integration
xwiki.exo=0
#xwiki.authentication=form
#xwiki.authentication.validationKey=totototototototototototototototo
#xwiki.authentication.encryptionKey=titititititititititititititititi
#xwiki.authentication.cookiedomains=xwiki.com,wiki.fr
# Stats configuration allows to globally activate/deactivate stats module
# it is also possible to choose a different stats service to record
# statistics separately from XWiki.
# Note: Statistics are disabled by default for improved performances.
xwiki.stats=0
xwiki.stats.default=1
xwiki.stats.class=com.xpn.xwiki.stats.impl.XWikiStatsServiceImpl
xwiki.encoding=ISO-8859-1
xwiki.render.macromapping=1
xwiki.backlinks=1
xwiki.tags=1
# GraphViz plugin configuration. The GraphViz plugin is not configured by
default.
# To enable it, add "com.xpn.xwiki.plugin.graphviz.GraphVizPlugin" to the
list of plugins
# in the xwiki.plugins property.
# Uncomment and set the locations of the Dot and Neato executables
#xwiki.plugin.graphviz.dotpath=c:/Program Files/ATT/GraphViz/bin/dot.exe
#xwiki.plugin.graphviz.neatopath=c:/Program
Files/ATT/GraphViz/bin/neato.exe
xwiki.plugin.laszlo.baseurl=/openlaszlo/xwiki/
xwiki.plugin.laszlo.path=c:/Program Files/Apache Software Foundation/Tomcat
5.0/webapps/openlaszlo/xwiki/
xwiki.plugin.image.cache.capacity=30
xwiki.plugin.captcha=1
## Personal config
# Enable to allow superadmin. It is disabled by default as this could be a
security breach if
# it were set and you forgot about it.
#xwiki.superadminpassword=system
#xwiki.authentication.ldap=0
#xwiki.authentication.ldap.server=172.29.116.202
#xwiki.authentication.ldap.check_level=1
#xwiki.authentication.ldap.port=389
#xwiki.authentication.ldap.base_DN=dc=necf,dc=fr
#xwiki.authentication.ldap.bind_DN=cn={0},cn=Users,dc=necf,dc=fr
#xwiki.authentication.ldap.bind_pass={1}
#xwiki.authentication.ldap.UID_attr=sAMAccountName
#xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name=sn,first_name=givenName,fullname=displayName,email=mail,ldap_dn=dn
xwiki.authentication.ldap=1
xwiki.authentication.ldap.authclass=com.xpn.xwiki.user.impl.LDAP.LDAPAuthServiceImpl
xwiki.authentication.ldap.server=adserver
xwiki.authentication.ldap.check_level=1
xwiki.authentication.ldap.port=389
xwiki.authentication.ldap.base_DN=dc=dc1,dc=dc2,dc=dc3
xwiki.authentication.ldap.bind_DN=dc1{0}
xwiki.authentication.ldap.bind_pass={1}
xwiki.authentication.ldap.UID_attr=sAMAccountName
xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name=sn,first_name=givenName,fullname=displayName,mail=mail,ldap_dn=dn
xwiki.authentication.unauthorized_code=200
# This parameter will activate the sectional editing
xwiki.section.edit=1
# Editor config
xwiki.wysiwyg.use_style_toolbar=1
xwiki.defaultskin=albatross
xwiki.defaultbaseskin=albatross
****xwiki.log:
10:41:22,015 [http-8888-2] ERROR LDAP.LDAPAuthServiceImpl - LDAP
Bind failed with Exception Invalid Credentials
10:43:23,500 [http-8888-1] ERROR LDAP.LDAPAuthServiceImpl - LDAP
Bind failed with Exception Invalid Credentials
etc.
Any thoughts? They would be much appreciated.
Thanks,
Joe
--
You receive this message as a subscriber of the xwiki-users(a)objectweb.org
mailing list.
To unsubscribe: mailto:xwiki-users-unsubscribe@objectweb.org
For general help: mailto:sympa@objectweb.org?subject=help
ObjectWeb mailing lists service home page: http://www.objectweb.org/wws
-----------------------------------------
CONFIDENTIALITY STATEMENT:
This e-mail transmission contains information that is intended to
be confidential. It is intended only for the addressee named
above. If you receive this e-mail in error, please do not read,
copy, or disseminate it. If you are not the intended recipient,
any disclosure, copying, distribution or use of the contents of
this information is prohibited. Please reply to the message
immediately by informing the sender that the message was
misdirected. After replying, please erase it from your computer
system. Your assistance in correcting this error is appreciated.
6346
days inactive
6349
days old
1 comments
2 participants
participants (2)
-
BSayatovicļ¼ amig.com -
Joseph P. McEttrick