Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Alfresco Kerberos and Linux

twright
Champ in-the-making
Champ in-the-making

‎06-16-2011 08:23 AM

Hi all,

I'll admit, I'm very very new to the world of Alfresco and am having some trouble getting it installed and working.

We have a Linux authentication server, which uses both Kerberos and LDAP to handle user details. LDAP holds the user info, and Kerberos does the user authentication. There is NO Active Directory, this is a completely *NIX network. Having read through the Authentication Subsystems documentation on the wiki, I find myself utterly baffled. The documentation seems to only address AD Kerberos systems, which as I have previously stated, we do not have. Can anyone give me some pointers on this? I have tried adding Kerberos to the authentication chain and have modified the kerberos-authentication.properties file to read

kerberos.authentication.realm=SDEV.LOCAL
kerberos.authentication.user.configEntryName=Alfresco
kerberos.authentication.defaultAdministratorUserNames=admin,Administrator
kerberos.authentication.cifs.configEntryName=AlfrescoCIFS
kerberos.authentication.cifs.password=xxxxxx
kerberos.authentication.authenticateCIFS=false

Upon trying this, however, I received the following error:

javax.faces.FacesException: Error calling action method of component with id loginForm:submit
caused by:
javax.faces.el.EvaluationException: Exception while invoking expression #{LoginBean.login}
caused by:
java.lang.SecurityException: Unable to locate a login configuration
caused by:
java.io.IOException: Unable to locate a login configuration

I am almost certain that I have missed some big step out somewhere, but I really can't think of where to start.

Any help that anyone may be able to offer would be greatly appreciated.

Thanks in advance,
Troy.
Labels:
0 Kudos
3 REPLIES 3

twright
Champ in-the-making
Champ in-the-making

‎06-16-2011 02:34 PM

Nevermind, got it sorted. Was just missing the java security config.
0 Kudos

scourtney
Champ in-the-making
Champ in-the-making

‎07-28-2011 01:36 PM

Good day, all

I am brand-new to Alfresco, literally configuring my very first server. We have an existing Kerberos authentication realm, but no Active Directory, and we would like to have Alfresco authenticate against this. I concur with what was previously posted – there is much documentation on AD, but none I can find on using MIT Kerberos (or Heimdall). Could someone, perhaps the person who posted this thread and then resolved his or her own question, please post some example configuration files (with anything security-sensitive redacted)?

I've created the service principals and keytabs, have created the Java security configuration, and have followed the Wiki instructions for Alfresco config, although given the result I apparently have missed something somewhere. kinit using the specified principals and keytabs works fine from the Linux command line.

(Someone could reasonably ask me to post a log – I'm out of the office on business right now and don't have ready access, but can do so when I'm back at the hotel this evening; my VPN doesn't work well from my current location due to their firewall setup.)

Thanks if someone can help out with a sample non-AD Kerberos config, or, if my searching has overlooked an extant web doc, a link to that.
0 Kudos

msalihg
Champ in-the-making
Champ in-the-making

‎02-15-2012 08:01 AM

Good day, all

I am brand-new to Alfresco, literally configuring my very first server. We have an existing Kerberos authentication realm, but no Active Directory, and we would like to have Alfresco authenticate against this. I concur with what was previously posted – there is much documentation on AD, but none I can find on using MIT Kerberos (or Heimdall). Could someone, perhaps the person who posted this thread and then resolved his or her own question, please post some example configuration files (with anything security-sensitive redacted)?

I've created the service principals and keytabs, have created the Java security configuration, and have followed the Wiki instructions for Alfresco config, although given the result I apparently have missed something somewhere. kinit using the specified principals and keytabs works fine from the Linux command line.

(Someone could reasonably ask me to post a log – I'm out of the office on business right now and don't have ready access, but can do so when I'm back at the hotel this evening; my VPN doesn't work well from my current location due to their firewall setup.)

Thanks if someone can help out with a sample non-AD Kerberos config, or, if my searching has overlooked an extant web doc, a link to that.

Hello my friend,
Unfortunately JLAN does not have a well written configuration document although functionally the software itself is very good. Additionally there is no other web site to look for sample configuration files with descriptive documents Smiley Sad
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC