Hyland Connect

equinoxefr · ‎02-28-2007

Hello,

I have a problem with CIFS server in alfresco 2.0. I'm using kerberos auth for web access ( it work's like a charm ) and passthru authentication for cifs server.

When accessing CIFS server, i've and error in log and no access to server:

14:01:20,778 WARN  [remoting.rmi.RmiRegistryFactoryBean] Could not detect RMI registry - creating new one
14:01:27,606 WARN  [repo.admin.ConfigurationChecker] The Alfresco 'dir.root' property is set to a relative path './alf_data'.  'dir.root' should be overridden to point to a specific folder.
14:01:27,606 INFO  [repo.admin.ConfigurationChecker] The Alfresco root data directory ('dir.root') is: ./alf_data
14:01:28,181 INFO  [admin.patch.PatchExecuter] VÃ©rification des correctifs Ã  appliquer …
14:01:28,218 INFO  [admin.patch.PatchExecuter] Aucun correctif requis.
14:01:28,223 INFO  [repo.module.ModuleServiceImpl] Found 0 module(s).
14:01:28,362 ERROR [alfresco.smb.protocol] Failed to get local domain/workgroup name, using default of WORKGROUP
14:01:28,362 ERROR [alfresco.smb.protocol] (This may be due to firewall settings or incorrect <broadcast> setting)
14:01:28,405 INFO  [alfresco.smb.protocol] CIFS server started
14:01:28,405 INFO  [alfresco.smb.protocol] FTP server started
14:01:28,405 INFO  [alfresco.smb.protocol] NFS server NOT started
14:01:28,447 INFO  [alfresco.smb.protocol] SMB Server SLS-GED01_A starting
14:01:28,447 INFO  [alfresco.smb.protocol] GUID 819c1f69-844c-366d-867b-abd3b799c891
14:01:28,447 INFO  [alfresco.smb.protocol] Using authenticator org.alfresco.filesys.server.auth.passthru.PassthruAuthenticator
14:01:28,447 INFO  [alfresco.smb.protocol] Server timezone Europe/Paris, offset from UTC = -1hrs
14:01:28,448 INFO  [alfresco.smb.protocol] Shares:
14:01:28,450 INFO  [alfresco.smb.protocol]  [Alfresco,DISK,,[Alfresco,workspace://SpacesStore/1718938a-c702-11db-8fce-031b8225c9f0]] [Alfresco,workspace://SpacesStore/1718938a-c702-11db-8fce-031b8225c9f0]
14:01:28,450 INFO  [alfresco.smb.protocol] Add Share [IPC$,IPC$,,Admin,Hidden] : true
14:01:28,455 INFO  [service.descriptor.DescriptorService] Alfresco JVM - v1.5.0_08-b03; maximum heap size 993,625MB
14:01:28,456 INFO  [service.descriptor.DescriptorService] Alfresco started (Community Network): Current version 2.0.0 (build-185) schema 38 - Installed version 2.0.0 (build-185) schema 38
28 fÃ©vr. 2007 14:01:30 org.apache.coyote.http11.Http11BaseProtocol start
INFO: DÃ©marrage de Coyote HTTP/1.1 sur http-8080
28 fÃ©vr. 2007 14:01:30 org.apache.jk.common.ChannelSocket init
INFO: JK: ajp13 listening on /0.0.0.0:8009
28 fÃ©vr. 2007 14:01:30 org.apache.jk.server.JkMain start
INFO: Jk running ID=0 time=0/49  config=null
28 fÃ©vr. 2007 14:01:30 org.apache.catalina.storeconfig.StoreLoader load
INFO: Find registry server-registry.xml at classpath resource
28 fÃ©vr. 2007 14:01:30 org.apache.catalina.startup.Catalina start
INFO: Server startup in 29701 ms
14:02:06,963 ERROR [alfresco.smb.protocol] Closing session due to exception
java.lang.NullPointerException
        at org.alfresco.filesys.server.auth.CifsAuthenticator.generateNegotiateResponse(CifsAuthenticator.java:349)
        at org.alfresco.filesys.smb.server.SMBSrvSession.procSMBNegotiate(SMBSrvSession.java:1233)
        at org.alfresco.filesys.smb.server.SMBSrvSession.run(SMBSrvSession.java:1336)
        at java.lang.Thread.run(Thread.java:595)
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

jaas-authentication-context.xml:


<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>

<beans>
    <!– The authentication component.                                      –>

    <!– Jass authentication - most of the config goes somewhere else       –>
       
    <bean id="authenticationComponent" 
                 class="org.alfresco.repo.security.authentication.jaas.JAASAuthenticationComponent">
        <property name="realm">
            <value>WPROD.DS.APHP.FR</value>
        </property>
        <property name="jaasConfigEntryName">
            <value>Alfresco</value>
        </property>
    </bean>

                <bean id="alfDao" class="org.springframework.transaction.interceptor.TransactionProxyFactoryBean">
                        <property name="proxyInterfaces">
                                        <value>
                                                org.alfresco.repo.security.authentication.MutableAuthenticationDao
                                        </value>
                        </property>
                        <property name="transactionManager">
                                        <ref bean="transactionManager" />
                        </property>
                        <property name="target">
                                        <bean class="org.alfresco.repo.security.authentication.ntlm.NullMutableAuthenticationDao" />
                        </property>
                        <property name="transactionAttributes">
                                <props>
                                        <prop key="*">${server.transaction.mode.default}</prop>
                                </props>
                        </property>
                </bean>

</beans>

‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

file-servers-custom.xml:


<alfresco-config area="file-servers">

   <!– To override the default Alfresco filesystem use replace="true", to –>
   <!– add additional filesystems remove the replace="true" attribute     –>
   
   <config evaluator="string-compare" condition="Filesystems" replace="true">

      <filesystems>
      
          <!– Default share –>
              <filesystem name="Alfresco">

                 <store>workspace://SpacesStore</store>
                 <rootPath>/app:company_home</rootPath>

                 <!– Enable Web client launch shortcut in all folders –>
                 <urlFile>

                    <!– Change the filename as required, keeping the .url extension –>
                    <filename>_Alfresco.url</filename>

                    <!– Change 'localhost' to the name or IP of the Alfresco server –>
                    <webpath>http://localhost:8080/alfresco/</webpath>

                 </urlFile>

              </filesystem>
      </filesystems>
      
   </config>

   <!– Allow guest access to file systems –>
   <config evaluator="string-compare" condition="Filesystem Security">
<!–
  <authenticator type="enterprise">
    <KDC>xxxxx.wprod.ds.aphp.fr</KDC>
    <Realm>WPROD.DS.APHP.FR</Realm>
    <Password>kroot</Password>
  </authenticator>
</config>
–>
      <authenticator type="passthru">
      <Server>xxxxx.wprod.ds.aphp.fr</Server>
      <Domain>WPROD</Domain>
      <LocalDomain>WPROD</LocalDomain>
      </authenticator>
   </config>
</alfresco-config>
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Alfresco server is a Mandriva Linux 2007.

Any idea ?

Thank's

Pierre

equinoxefr · ‎02-28-2007

in debug mode, i have this message:

15:31:06,063 INFO  [service.descriptor.DescriptorService] Alfresco JVM - v1.5.0_08-b03; maximum heap size 993,625MB
15:31:06,064 INFO  [service.descriptor.DescriptorService] Alfresco started (Community Network): Current version 2.0.0 (build-185) schema 38 - Installed version 2.0.0 (build-185) schema 38
15:31:06,127 DEBUG [smb.protocol.auth] New auth session from sls-ged01.wprod.ds.aphp.fr_1 to \\10.181.208.29\IPC$\
15:31:06,131 DEBUG [smb.protocol.auth] Passthru offline check failed for o-dcp-p048.wprod.ds.aphp.fr‍‍‍‍

o-dcp-p048 is a W2K3 DC.

equinoxefr · ‎03-08-2007

Now it work's,

I have to wait 5 minutes after restarting Alfresco for ntlm auth to work.

Hyland Connect

Alfresco 2.0 Community with CIFS and passthru auth