Hyland Connect

raippl · ‎12-22-2011

Hi guys,
I instaled Alfresco 4.0 and everithing it's ok. My adiministrator is admin/admin.
Now I'm configuring my Alfresco 4.0 on OpenLdap 2.4.23, I only changed this files:
/usr/local/etc/openldap/slapd.conf


include          /usr/local/etc/openldap/schema/core.schema
include          /usr/local/etc/openldap/schema/cosine.schema
include          /usr/local/etc/openldap/schema/nis.schema
include          /usr/local/etc/openldap/schema/inetorgperson.schema

pidfile         /usr/local/var/run/slapd.pid
argsfile        /usr/local/var/run/slapd.args
loglevel        296
modulepath      /usr/lib/ldap
moduleload      back_hdb
sizelimit       500
tool-threads    1
backend         hdb

database        config
rootdn          "cn=admin,cn=config"
rootpw          admin

database        hdb
suffix          "dc=macif-lfn,dc=com"
directory       "/usr/local/var/openldap-data"
dbconfig        set_cachesize 0 2097152 0
dbconfig        set_lk_max_objects 1500
dbconfig        set_lk_max_locks 1500
dbconfig        set_lk_max_lockers 1500
index           objectClass eq
lastmod         on
checkpoint      512 30

TLSCertificateFile     /etc/ldap/slapd-cert.pem
TLSCertificateKeyFile  /etc/ldap/slapd-key.pem
TLSCACertificateFile   /etc/ldap/slapd-cert.pem
rootdn          "cn=admin,dc=macif-lfn,dc=com"
rootpw          secret

access to *
        by * write‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

then /usr/local/Alfresco4.0/tomcat-6.0.29/webapps/alfresco/WEB-INF/classes/alfresco/subsystems/Authentication/ldap/ldap-authentication-context.xml

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
<beans>
    <bean name="ldapAuthenticationPlaceholderConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
        <property name="ignoreUnresolvablePlaceholders">
            <value>true</value>
        </property>  
        <property name="locations">
            <value>classpath:alfresco/extension/ldap-authentication.properties</value>
        </property>
    </bean>
    <bean name="authenticationDaoLDAP" class="org.alfresco.repo.security.authentication.DefaultMutableAuthenticationDao" >
        <property name="allowDeleteUser">
            <value>true</value>
        </property>
    </bean>    
    <bean id="authenticationComponentLDAP"
          class="org.alfresco.repo.security.authentication.ldap.LDAPAuthenticationComponentImpl" 
          parent="authenticationComponentBase">
        <property name="LDAPInitialDirContextFactory">
            <ref bean="ldapInitialDirContextFactory"/>
        </property>
        <property name="userNameFormat">
              <value>${ldap.authentication.userNameFormat}</value>
        </property>
        <property name="nodeService">
            <ref bean="nodeService" />
        </property>
        <property name="personService">
            <ref bean="personService" />
        </property>
        <property name="transactionService">
            <ref bean="transactionService" />
        </property>   
        <property name="escapeCommasInBind">
            <value>true</value>
        </property>
        <property name="escapeCommasInUid">
            <value>true</value>
        </property> 
    </bean>
   <bean id="ldapInitialDirContextFactory" class="org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl">
        <property name="initialDirContextEnvironment">
            <map>
                <entry key="java.naming.factory.initial">
                    <value>${ldap.authentication.java.naming.factory.initial}</value>
                </entry>
                <entry key="java.naming.provider.url">
                    <value>${ldap.authentication.java.naming.provider.url}</value>
                </entry>
                <entry key="java.naming.security.authentication">
                    <value>${ldap.authentication.java.naming.security.authentication}</value>
                </entry>
                <entry key="java.naming.security.principal">
                    <value>${ldap.authentication.java.naming.security.principal}</value>
                </entry>
                <entry key="java.naming.security.credentials">
                    <value>${ldap.authentication.java.naming.security.credentials}</value>
                </entry>
            </map>
        </property>
    </bean>
</beans>‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

and /usr/local/Alfresco4.0/tomcat-6.0.29/shared/classes/alfresco/extension/ldap-authentication.properties

ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory    
ldap.authentication.active=false
ldap.authentication.java.naming.security.authentication=simple
ldap.synchronization.active=true
ldap.authentication.userNameFormat=%s
ldap.authentication.allowGuestLogin=true
ldap.authentication.java.naming.provider.url=ldap://localhost:389
ldap.synchronization.java.naming.security.principal=cn=admin,dc=macif-lfn,dc=com
ldap.synchronization.java.naming.security.credentials=admin
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.groupQuery=(&(objectclass\=group)(memberOf\=cn\=Alfresco Groups,ou\=user,dc\=macif-lfn,dc\=com))
ldap.synchronization.groupDifferentialQuery=(&(objectclass\=group)(memberOf\=cn\=Alfresco Groups,ou\=user,dc\=macif-lfn,dc\=com)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(&(objectclass\=user)(|(memberOf\=CN\=Developers,OU\=user,DC\=macif-lfn,DC\=com)(memberOf\=CN\=Sales,OU\=user,DC\=macif-lfn,DC\=com))(userAccountControl\:1.2.840.113556.1.4.803\:\=512))
ldap.synchronization.personDifferentialQuery=(&(objectclass\=user)(|(memberOf\=CN\=Developers,OU\=user,DC\=macif-lfn,DC\=com)(memberOf\=CN\=Sales,OU\=user,DC\=macif-lfn,DC\=com))(userAccountControl\:1.2.840.113556.1.4.803\:\=512)(!(modifyTimestamp<\={0})))‍‍‍‍‍‍‍‍‍‍‍‍‍‍

When I start Alfresco I got this error:

 2011-12-22 11:21:34,739  INFO  [service.descriptor.DescriptorService] [main] Alfresco started (Community). Current version: 4.0.0 (b 3835) schema 5.019. Originally installed version: 4.0.0 (b 3835) schema 5.019.
 2011-12-22 11:21:34,741  INFO  [management.subsystems.ChildApplicationContextFactory] [main] Starting 'ActivitiesFeed' subsystem, ID: [ActivitiesFeed, default]
 2011-12-22 11:21:34,896  INFO  [management.subsystems.ChildApplicationContextFactory] [main] Startup of 'ActivitiesFeed' subsystem, ID: [ActivitiesFeed, default] complete
 2011-12-22 11:21:34,897  INFO  [management.subsystems.ChildApplicationContextFactory] [main] Starting 'Replication' subsystem, ID: [Replication, default]
 2011-12-22 11:21:34,944  INFO  [management.subsystems.ChildApplicationContextFactory] [main] Startup of 'Replication' subsystem, ID: [Replication, default] complete
 2011-12-22 11:21:35,530  ERROR [activities.feed.FeedNotifierImpl] [DefaultScheduler_Worker-4] Exception during notification of feeds
 java.lang.NullPointerException
   at org.alfresco.repo.security.authentication.AbstractChainingAuthenticationService.getDefaultAdministratorUserNames  
                (AbstractChainingAuthenticationService.java:534)
   at org.alfresco.repo.security.authority.AuthorityServiceImpl.getRoleAuthorities(AuthorityServiceImpl.java:256)
   at org.alfresco.repo.security.authority.AuthorityServiceImpl.access$000(AuthorityServiceImpl.java:52)
   at org.alfresco.repo.security.authority.AuthorityServiceImpl$UserAuthoritySet.<init>(AuthorityServiceImpl.java:717)
   at org.alfresco.repo.security.authority.AuthorityServiceImpl.getAuthoritiesForUser(AuthorityServiceImpl.java:247)
   at org.alfresco.repo.security.authority.AuthorityServiceImpl.isAdminAuthority(AuthorityServiceImpl.java:177)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

It seems that Alfresco doesn't found the administrator user "admin".
Any idea??
Thanks.

lotharmärkle · ‎12-22-2011

As a hint,

the NPE is not because of the Admin user name, it is because one if the chained authentication services is null.

I would suggest, your authen chain contains one null value and therefore check the chaining configuration (property authentication.chain=…)in the alfresco-global.properties file?

Hyland Connect

Alfresco OpenLdap AdministratorUserNames NullPointer