Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Hyland Connect
- Enterprise Platforms
- Alfresco
- Alfresco Archive
- 2.2, LDAP + Alfresco chaining error
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
2.2, LDAP + Alfresco chaining error
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-04-2008 04:56 AM
Hi all,
I'm trying to set up chaining authentication using LDAP and Alfresco as the login methods. I believe I've followed the various examples correctly, but I get an error when I try to start Alfresco. It appears to be a problem instantiating the searchService bean which is referenced by the authenticationDaoAlfresco bean. Anyone know what's wrong here or seen it themselves?
If i just use ldap and get rid of the chaining context it works and i can log in as an ldap user. If i comment out the searchService in authenticationDaoAlfresco then Alfresco starts, but I then get an error when I login.
My ldap-authentication-context.xml
My chaining-authentication-context.xml
and the error I see…
Cheers,
Ian.
I'm trying to set up chaining authentication using LDAP and Alfresco as the login methods. I believe I've followed the various examples correctly, but I get an error when I try to start Alfresco. It appears to be a problem instantiating the searchService bean which is referenced by the authenticationDaoAlfresco bean. Anyone know what's wrong here or seen it themselves?
If i just use ldap and get rid of the chaining context it works and i can log in as an ldap user. If i comment out the searchService in authenticationDaoAlfresco then Alfresco starts, but I then get an error when I login.
My ldap-authentication-context.xml
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
<beans>
<!– The main configuration has moved into a properties file –>
<bean name="ldapAuthenticationPlaceholderConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="ignoreUnresolvablePlaceholders">
<value>true</value>
</property>
<property name="locations">
<value>classpath:alfresco/extension/ldap-authentication.properties</value>
</property>
</bean>
<!– LDAP authentication configuration –>
<!–
You can also use JAAS authentication for Kerberos against Active Directory or NTLM if you also require single sign on from the
web browser. You do not have to use LDAP authentication to synchronise groups and users from an LDAP store if it supports other
authentication routes, like Active Directory.
–>
<bean id="authenticationComponentImplLDAP" class="org.alfresco.repo.security.authentication.ldap.LDAPAuthenticationComponentImpl">
<property name="LDAPInitialDirContextFactory">
<ref bean="ldapInitialDirContextFactory"/>
</property>
<property name="userNameFormat">
<!–
This maps between what the user types in and what is passed through to the underlying LDAP authentication.
"%s" - the user id is passed through without modification.
Used for LDAP authentication such as DIGEST-MD5, anything that is not "simple".
"cn=%s,ou=London,dc=company,dc=com" - If the user types in "Joe Bloggs" the authenticate as "cn=Joe Bloggs,ou=London,dc=company,dc=com"
Usually for simple authentication. Simple authentication always uses the DN for the user.
–>
<value>${ldap.authentication.userNameFormat}</value>
</property>
<property name="nodeService">
<ref bean="nodeService" />
</property>
<property name="personService">
<ref bean="personService" />
</property>
<property name="transactionService">
<ref bean="transactionService" />
</property>
</bean>
<!–
This bean is used to support general LDAP authentication. It is also used to provide read only access to users and groups
to pull them out of the LDAP reopsitory
–>
<bean id="ldapInitialDirContextFactory" class="org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl">
<property name="initialDirContextEnvironment">
<map>
<!– The LDAP provider –>
<entry key="java.naming.factory.initial">
<value>${ldap.authentication.java.naming.factory.initial}</value>
</entry>
<!– The url to the LDAP server –>
<!– Note you can use space separated urls - they will be tried in turn until one works –>
<!– This could be used to authenticate against one or more ldap servers (you will not know which one ….) –>
<entry key="java.naming.provider.url">
<value>${ldap.authentication.java.naming.provider.url}</value>
</entry>
<!– The authentication mechanism to use –>
<!– Some sasl authentication mechanisms may require a realm to be set –>
<!– java.naming.security.sasl.realm –>
<!– The available options will depend on your LDAP provider –>
<entry key="java.naming.security.authentication">
<value>${ldap.authentication.java.naming.security.authentication}</value>
</entry>
<!– The id of a user who can read group and user information –>
<!– This does not go through the pattern substitution defined above and is used "as is" –>
<entry key="java.naming.security.principal">
<value>${ldap.authentication.java.naming.security.principal}</value>
</entry>
<!– The password for the user defined above –>
<entry key="java.naming.security.credentials">
<value>${ldap.authentication.java.naming.security.credentials}</value>
</entry>
</map>
</property>
</bean>
</beans>
My chaining-authentication-context.xml
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
<beans>
<!– Chaining –>
<bean id="authenticationService" class="org.alfresco.repo.security.authentication.ChainingAuthenticationServiceImpl">
<property name="authenticationServices">
<list>
<ref bean="authenticationServiceImplLDAP"/>
</list>
</property>
<property name="mutableAuthenticationService">
<ref bean="authenticationServiceImplAlfresco"/>
</property>
</bean>
<!– Alfresco Auth –>
<bean id="authenticationServiceImplAlfresco" class="org.alfresco.repo.security.authentication.AuthenticationServiceImpl">
<property name="authenticationDao">
<ref bean="authenticationDaoAlfresco"/>
</property>
<property name="ticketComponent">
<ref bean="ticketComponent"/>
</property>
<property name="authenticationComponent">
<ref bean="authenticationComponentImplAlfresco"/>
</property>
</bean>
<bean id="authenticationDaoAlfresco" class="org.alfresco.repo.security.authentication.RepositoryAuthenticationDao">
<property name="nodeService">
<ref bean="nodeService"/>
</property>
<property name="dictionaryService">
<ref bean="dictionaryService"/>
</property>
<property name="namespaceService">
<ref bean="namespaceService"/>
</property>
<property name="searchService">
<ref bean="searchService"/>
</property>
<property name="userNamesAreCaseSensitive">
<value>${user.name.caseSensitive}</value>
</property>
<property name="passwordEncoder">
<ref bean="passwordEncoder"/>
</property>
</bean>
<bean id="authenticationComponentImplAlfresco" class="org.alfresco.repo.security.authentication.AuthenticationComponentImpl">
<property name="authenticationDao">
<ref bean="authenticationDaoAlfresco"/>
</property>
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="allowGuestLogin">
<value>true</value>
</property>
</bean>
<!– LDAP Auth –>
<bean id="authenticationServiceImplLDAP" class="org.alfresco.repo.security.authentication.AuthenticationServiceImpl">
<property name="authenticationDao">
<ref bean="authenticationDaoLDAP" />
</property>
<property name="ticketComponent">
<ref bean="ticketComponent" />
</property>
<property name="authenticationComponent">
<ref bean="authenticationComponentImplLDAP" />
</property>
</bean>
<bean id="authenticationDaoLDAP" class="org.alfresco.repo.security.authentication.ntlm.NullMutableAuthenticationDao"/>
</beans>
and the error I see…
Caused by:
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationServiceImplAlfresco' defined in file [C:\alfresco-enterprise-tomcat-2.2.0\tomcat\shared\classes\alfresco\extension\chaining-authentication-context.xml]: Cannot resolve reference to bean 'authenticationDaoAlfresco' while setting bean property 'authenticationDao'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationDaoAlfresco' defined in file [C:\alfresco-enterprise-tomcat-2.2.0\tomcat\shared\classes\alfresco\extension\chaining-authentication-context.xml]: Cannot resolve reference to bean 'searchService' while setting bean property 'searchService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'searchService' defined in class path resource [alfresco/core-services-context.xml]: Cannot resolve reference to bean 'indexerAndSearcherFactory' while setting bean property 'indexerAndSearcherFactory'; nested exception is org.springframework.beans.factory.BeanCurrentlyInCreationException: Error creating bean with name 'indexerAndSearcherFactory': FactoryBean which is currently in creation returned null from getObject
Caused by:
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationDaoAlfresco' defined in file [C:\alfresco-enterprise-tomcat-2.2.0\tomcat\shared\classes\alfresco\extension\chaining-authentication-context.xml]: Cannot resolve reference to bean 'searchService' while setting bean property 'searchService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'searchService' defined in class path resource [alfresco/core-services-context.xml]: Cannot resolve reference to bean 'indexerAndSearcherFactory' while setting bean property 'indexerAndSearcherFactory'; nested exception is org.springframework.beans.factory.BeanCurrentlyInCreationException: Error creating bean with name 'indexerAndSearcherFactory': FactoryBean which is currently in creation returned null from getObject
Caused by:
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'searchService' defined in class path resource [alfresco/core-services-context.xml]: Cannot resolve reference to bean 'indexerAndSearcherFactory' while setting bean property 'indexerAndSearcherFactory'; nested exception is org.springframework.beans.factory.BeanCurrentlyInCreationException: Error creating bean with name 'indexerAndSearcherFactory': FactoryBean which is currently in creation returned null from getObject
Caused by:
org.springframework.beans.factory.BeanCurrentlyInCreationException: Error creating bean with name 'indexerAndSearcherFactory': FactoryBean which is currently in creation returned null from getObject
Cheers,
Ian.
Labels:
- Labels:
-
Archive
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-04-2008 11:54 AM
Hello,
I have a problem with chaining. Not the same error but you have an error in your file chaining-authentication-context.xml.
You can find the correction here : https://issues.alfresco.com/browse/AR-1850;jsessionid=E0D0A5FA8F38BF528405CDFD10CFDE95?page=com.atla...
Goof luck
I have a problem with chaining. Not the same error but you have an error in your file chaining-authentication-context.xml.
You can find the correction here : https://issues.alfresco.com/browse/AR-1850;jsessionid=E0D0A5FA8F38BF528405CDFD10CFDE95?page=com.atla...
Goof luck
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2008 08:21 AM
That fixed it. Thanks very much.
After fixing the above problem I got a NullPointerException when hitting Alfresco as the Guest user. It turned out I needed to add transaction, people and node services to authenticationComponentImplAlfresco. My final configs are below in the hope that someone will find them useful. I use the files as shown to chain Alfresco and an Active Directory server as the authentication mechanisms for my system.
Cheers,
Ian.
chaining-authentication-context.xml
ldap-authentication-context.xml
After fixing the above problem I got a NullPointerException when hitting Alfresco as the Guest user. It turned out I needed to add transaction, people and node services to authenticationComponentImplAlfresco. My final configs are below in the hope that someone will find them useful. I use the files as shown to chain Alfresco and an Active Directory server as the authentication mechanisms for my system.
Cheers,
Ian.
chaining-authentication-context.xml
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
<beans>
<!– Chaining –>
<bean id="authenticationService" class="org.alfresco.repo.security.authentication.ChainingAuthenticationServiceImpl">
<property name="mutableAuthenticationService">
<ref bean="authenticationServiceImplAlfresco"/>
</property>
<property name="authenticationServices">
<list>
<ref bean="authenticationServiceImplLDAP"/>
</list>
</property>
</bean>
<!– Alfresco Auth –>
<bean id="authenticationServiceImplAlfresco" class="org.alfresco.repo.security.authentication.AuthenticationServiceImpl">
<property name="authenticationDao">
<ref bean="authenticationDaoAlfresco"/>
</property>
<property name="ticketComponent">
<ref bean="ticketComponent"/>
</property>
<property name="authenticationComponent">
<ref bean="authenticationComponentImplAlfresco"/>
</property>
</bean>
<bean id="authenticationDaoAlfresco" class="org.alfresco.repo.security.authentication.RepositoryAuthenticationDao">
<property name="nodeService">
<ref bean="nodeService"/>
</property>
<property name="dictionaryService">
<ref bean="dictionaryService"/>
</property>
<property name="namespaceService">
<ref bean="namespaceService"/>
</property>
<property name="searchService">
<ref bean="admSearchService"/>
</property>
<property name="userNamesAreCaseSensitive">
<value>${user.name.caseSensitive}</value>
</property>
<property name="passwordEncoder">
<ref bean="passwordEncoder"/>
</property>
</bean>
<bean id="authenticationComponentImplAlfresco" class="org.alfresco.repo.security.authentication.AuthenticationComponentImpl">
<property name="authenticationDao">
<ref bean="authenticationDaoAlfresco"/>
</property>
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="transactionService">
<ref bean="transactionService"/>
</property>
<property name="nodeService">
<ref bean="nodeService"/>
</property>
<property name="personService">
<ref bean="personService"/>
</property>
<property name="allowGuestLogin">
<value>true</value>
</property>
</bean>
<!– LDAP Auth –>
<bean id="authenticationServiceImplLDAP" class="org.alfresco.repo.security.authentication.AuthenticationServiceImpl">
<property name="authenticationDao">
<ref bean="authenticationDaoLDAP" />
</property>
<property name="ticketComponent">
<ref bean="ticketComponent" />
</property>
<property name="authenticationComponent">
<ref bean="authenticationComponentImplLDAP" />
</property>
</bean>
<bean id="authenticationDaoLDAP" class="org.alfresco.repo.security.authentication.ntlm.NullMutableAuthenticationDao"/>
</beans>
ldap-authentication-context.xml
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
<beans>
<!– The main configuration has moved into a properties file –>
<bean name="ldapAuthenticationPlaceholderConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="ignoreUnresolvablePlaceholders">
<value>true</value>
</property>
<property name="locations">
<value>classpath:alfresco/extension/ldap-authentication.properties</value>
</property>
</bean>
<!– LDAP authentication configuration –>
<!–
You can also use JAAS authentication for Kerberos against Active Directory or NTLM if you also require single sign on from the
web browser. You do not have to use LDAP authentication to synchronise groups and users from an LDAP store if it supports other
authentication routes, like Active Directory.
–>
<bean id="authenticationComponentImplLDAP" class="org.alfresco.repo.security.authentication.ldap.LDAPAuthenticationComponentImpl">
<property name="LDAPInitialDirContextFactory">
<ref bean="ldapInitialDirContextFactory"/>
</property>
<property name="userNameFormat">
<!–
This maps between what the user types in and what is passed through to the underlying LDAP authentication.
"%s" - the user id is passed through without modification.
Used for LDAP authentication such as DIGEST-MD5, anything that is not "simple".
"cn=%s,ou=London,dc=company,dc=com" - If the user types in "Joe Bloggs" the authenticate as "cn=Joe Bloggs,ou=London,dc=company,dc=com"
Usually for simple authentication. Simple authentication always uses the DN for the user.
–>
<value>${ldap.authentication.userNameFormat}</value>
</property>
<property name="nodeService">
<ref bean="nodeService" />
</property>
<property name="personService">
<ref bean="personService" />
</property>
<property name="transactionService">
<ref bean="transactionService" />
</property>
</bean>
<!–
This bean is used to support general LDAP authentication. It is also used to provide read only access to users and groups
to pull them out of the LDAP reopsitory
–>
<bean id="ldapInitialDirContextFactory" class="org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl">
<property name="initialDirContextEnvironment">
<map>
<!– The LDAP provider –>
<entry key="java.naming.factory.initial">
<value>${ldap.authentication.java.naming.factory.initial}</value>
</entry>
<!– The url to the LDAP server –>
<!– Note you can use space separated urls - they will be tried in turn until one works –>
<!– This could be used to authenticate against one or more ldap servers (you will not know which one ….) –>
<entry key="java.naming.provider.url">
<value>${ldap.authentication.java.naming.provider.url}</value>
</entry>
<!– The authentication mechanism to use –>
<!– Some sasl authentication mechanisms may require a realm to be set –>
<!– java.naming.security.sasl.realm –>
<!– The available options will depend on your LDAP provider –>
<entry key="java.naming.security.authentication">
<value>${ldap.authentication.java.naming.security.authentication}</value>
</entry>
<!– The id of a user who can read group and user information –>
<!– This does not go through the pattern substitution defined above and is used "as is" –>
<entry key="java.naming.security.principal">
<value>${ldap.authentication.java.naming.security.principal}</value>
</entry>
<!– The password for the user defined above –>
<entry key="java.naming.security.credentials">
<value>${ldap.authentication.java.naming.security.credentials}</value>
</entry>
</map>
</property>
</bean>
</beans>
Related Content
- APS - How to override DbSqlSessionFactory properly? in Alfresco Forum
- Request for Credentials to Access Alfresco Private Repository in Alfresco Forum
- Solr, search API can't find any result without error in Alfresco Forum
- Unable to create "share.log" in Alfresco Forum
- Folder quota exceeded in Alfresco Forum
Getting started
Tags
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.
