can not log in as internal user with passthru configured
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-16-2010 06:16 PM
I installed alfresco with basically default settings. I log in to the Alfresco Explorer webpage as admin and change the password. I log out and log back in as admin just to make sure the new password works. I then enable passthru authentication and user synchronization with ldap-ad. I restart Tomcat and try to log in to Alfresco Explorer again.
First of all, I get a pop-up login window instead of the neat webpage, but that issue can wait. The problem is, I now can not log in as the local admin user. I can log in to users through the passthru authentication (to our windows domain) just fine, but not internal users. I would really like to be able to create an log in to local alfresco user accounts in addition to the domain accounts.
here is settings in alfresco-global.properties, you can see I have ntlm first in the chain:
and here is my alfresco/extension/subsystems/Authentication/alfrescoNtlm/alfrescoNtlm1/alfrescoNtlm1.properties:
and here is alfresco/extension/subsystems/Authentication/passthru/passthru1/passthru1.properties:
Nothing fancy. If I remove ldap-ad synch from the chain, it doesn't change anything - only if I add or remove passthru. If I remove passthru, then I can log in as the internal admin user or as another user that I create.
First of all, I get a pop-up login window instead of the neat webpage, but that issue can wait. The problem is, I now can not log in as the local admin user. I can log in to users through the passthru authentication (to our windows domain) just fine, but not internal users. I would really like to be able to create an log in to local alfresco user accounts in addition to the domain accounts.
here is settings in alfresco-global.properties, you can see I have ntlm first in the chain:
authentication.chain=alfrescoNtlm1:alfrescoNtlm,passthru1:passthru,ldap-ad1:ldap-adsynchronization.autoCreatePeopleOnLogin=false
and here is my alfresco/extension/subsystems/Authentication/alfrescoNtlm/alfrescoNtlm1/alfrescoNtlm1.properties:
ntlm.authentication.sso.enabled=falsealfresco.authentication.authenticateCIFS=falsentlm.authentication.mapUnknownUserToGuest=falsealfresco.authentication.allowGuestLogin=false
and here is alfresco/extension/subsystems/Authentication/passthru/passthru1/passthru1.properties:
passthru.authentication.servers=192.168.1.2,192.168.1.3ntlm.authentication.mapUnknownUserToGuest=falsepassthru.authentication.guestAccess=false
Nothing fancy. If I remove ldap-ad synch from the chain, it doesn't change anything - only if I add or remove passthru. If I remove passthru, then I can log in as the internal admin user or as another user that I create.
Labels:
- Labels:
-
Archive
1 REPLY 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-16-2010 09:31 PM
I fixed this by setting ntlm.authentication.sso.enabled=false in my passthru properties file, which also fixed a couple other problems I was having.
