Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Frustration Labs 3.0b Kerberos

jread
Champ in-the-making
Champ in-the-making

‎10-10-2008 09:44 AM

I have tried for over a week now to get a installation working with a windows xp server MySQL and AD authentication (Kerberso and LDAP).

I have tried over and over again reinstalling Windows with clean installs. I have also tried with Ubuntu and gotten pretty much the same results. I have read every post on the Forum and every wiki page and at this point I do not believe that Alfresco is ready to intergrate into a Kerberos plateform at least not for us humans who only work with computers everyday.

I have followed this wiki page to the last comma,  http://wiki.alfresco.com/wiki/Configuring_the_CIFS_and_web_servers_for_Kerberos/AD_integrationand it does not work I have been able to use MIT's Leash  found here http://web.mit.edu/kerberos/dist/index.htmland proven that all my Kerberos confgurations are correct but I get pages of errors always starting with Context initialization failed.

I found many Forms with the same basic questions an no answers. To me the difficulty in setting up a simple AD sign-on is a show stopper. My company won't even look at the product if I can not get this to work.

I do not think I am stupid I have many other "open source" systems running. Squid (with ad authentication and Dansguardian) Zimbra (with AD authentication)Openfire (yes with AD authentication) Is there anyone out there who can give a clear direction to make this seamingly promissing product work.

All the Form pages I have looked at end at a seamingly dead end with out a resolution. Many are very old.

Please someone help….
Labels:
0 Kudos
12 REPLIES 12

jread
Champ in-the-making
Champ in-the-making

‎10-10-2008 12:10 PM

I am in the middle of a complete retry (bare metal rebuild)I will post my files when finished

Thank you for your responce

Jim
0 Kudos

jread
Champ in-the-making
Champ in-the-making

‎10-13-2008 11:07 AM

here is my log file 

10:31:02,693 INFO  [org.alfresco.config.xml.XMLConfigService$PropertyConfigurer] Loading properties file from class path resource [alfresco/file-servers.properties]
10:31:21,593 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] Schema managed by database dialect org.hibernate.dialect.MySQLInnoDBDialect.
10:31:23,232 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] No changes were made to the schema.
10:31:26,924 INFO  [org.alfresco.repo.admin.ConfigurationChecker] The Alfresco root data directory ('dir.root') is: C:\Alfresco\alf_data
10:31:26,993 INFO  [org.alfresco.repo.admin.patch.PatchExecuter] Checking for patches to apply …
10:31:27,432 INFO  [org.alfresco.repo.admin.patch.PatchExecuter] No patches were required.
10:31:27,432 INFO  [org.alfresco.repo.module.ModuleServiceImpl] Found 0 module(s).
10:31:29,347 INFO  [org.alfresco.service.descriptor.DescriptorService] Alfresco JVM - v1.6.0_07-b06; maximum heap size 493.063MB
10:31:29,347 WARN  [org.alfresco.service.descriptor.DescriptorService] Alfresco JVM - WARNING - maximum heap size 493.063MB is less than recommended 512MB
10:31:29,347 INFO  [org.alfresco.service.descriptor.DescriptorService] Alfresco started (Labs): Current version 3.0.0 (b 1164) schema 131 - Installed version 3.0.0 (b 1164) schema 131
10:31:29,670 WARN  [org.alfresco.linkvalidation.LinkValidationServiceImpl] LinkValidationService Update is not running (virtualization server not registered or started)
10:31:41,324 ERROR [org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/alfresco]] Exception starting filter Authentication Filter
java.lang.SecurityException: C:Alfrescojdkjrelibsecurityjava.login.config (The system cannot find the file specified)
   at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:93)
   at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
   at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
   at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
   at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
   at java.lang.Class.newInstance0(Class.java:355)
   at java.lang.Class.newInstance(Class.java:308)
   at javax.security.auth.login.Configuration$3.run(Configuration.java:246)
   at java.security.AccessController.doPrivileged(Native Method)
   at javax.security.auth.login.Configuration.getConfiguration(Configuration.java:241)
   at javax.security.auth.login.LoginContext$1.run(LoginContext.java:237)
   at java.security.AccessController.doPrivileged(Native Method)
   at javax.security.auth.login.LoginContext.init(LoginContext.java:234)
   at javax.security.auth.login.LoginContext.<init>(LoginContext.java:403)
   at org.alfresco.web.app.servlet.KerberosAuthenticationFilter.init(KerberosAuthenticationFilter.java:365)
   at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:221)
   at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:302)
   at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:78)
   at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3635)
   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4222)
   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760)
   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740)
   at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544)
   at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:825)
   at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:714)
   at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490)
   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
   at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022)
   at org.apache.catalina.core.StandardHost.start(StandardHost.java:736)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014)
   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
   at org.apache.catalina.core.StandardService.start(StandardService.java:448)
   at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
   at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:597)
   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
Caused by: java.io.FileNotFoundException: C:Alfrescojdkjrelibsecurityjava.login.config (The system cannot find the file specified)
   at java.io.FileInputStream.open(Native Method)
   at java.io.FileInputStream.<init>(FileInputStream.java:106)
   at java.io.FileInputStream.<init>(FileInputStream.java:66)
   at com.sun.security.auth.login.ConfigFile.getInputStream(ConfigFile.java:591)
   at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:260)
   at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:224)
   at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:91)
   … 41 more
10:31:41,393 ERROR [org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/alfresco]] Exception starting filter WebDAV Authentication Filter
java.lang.SecurityException: C:Alfrescojdkjrelibsecurityjava.login.config (The system cannot find the file specified)
   at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:93)
   at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
   at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
   at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
   at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
   at java.lang.Class.newInstance0(Class.java:355)
   at java.lang.Class.newInstance(Class.java:308)
   at javax.security.auth.login.Configuration$3.run(Configuration.java:246)
   at java.security.AccessController.doPrivileged(Native Method)
   at javax.security.auth.login.Configuration.getConfiguration(Configuration.java:241)
   at javax.security.auth.login.LoginContext$1.run(LoginContext.java:237)
   at java.security.AccessController.doPrivileged(Native Method)
   at javax.security.auth.login.LoginContext.init(LoginContext.java:234)
   at javax.security.auth.login.LoginContext.<init>(LoginContext.java:403)
   at org.alfresco.repo.webdav.auth.KerberosAuthenticationFilter.init(KerberosAuthenticationFilter.java:339)
   at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:221)
   at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:302)
   at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:78)
   at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3635)
   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4222)
   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760)
   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740)
   at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544)
   at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:825)
   at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:714)
   at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490)
   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
   at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022)
   at org.apache.catalina.core.StandardHost.start(StandardHost.java:736)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014)
   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
   at org.apache.catalina.core.StandardService.start(StandardService.java:448)
   at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
   at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:597)
   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
Caused by: java.io.FileNotFoundException: C:Alfrescojdkjrelibsecurityjava.login.config (The system cannot find the file specified)
   at java.io.FileInputStream.open(Native Method)
   at java.io.FileInputStream.<init>(FileInputStream.java:106)
   at java.io.FileInputStream.<init>(FileInputStream.java:66)
   at com.sun.security.auth.login.ConfigFile.getInputStream(ConfigFile.java:591)
   at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:260)
   at com.sun.security.auth.login.ConfigFile.init(ConfigFile.java:224)
   at com.sun.security.auth.login.ConfigFile.<init>(ConfigFile.java:91)
   … 41 more
10:31:41,532 ERROR [org.springframework.web.context.support.XmlWebApplicationContext] Exception thrown from ApplicationListener handling ContextClosedEvent
java.lang.IllegalStateException: The org.alfresco.cache.sysAdminCache Cache is not alive.
   at net.sf.ehcache.Cache.checkStatus(Cache.java:1588)
   at net.sf.ehcache.Cache.get(Cache.java:774)
   at net.sf.ehcache.Cache.get(Cache.java:755)
   at org.alfresco.repo.cache.EhCacheAdapter.get(EhCacheAdapter.java:87)
   at org.alfresco.repo.cache.TransactionalCache.get(TransactionalCache.java:347)
   at org.alfresco.repo.transaction.TransactionServiceImpl.isReadOnly(TransactionServiceImpl.java:82)
   at org.alfresco.repo.transaction.TransactionServiceImpl.getUserTransaction(TransactionServiceImpl.java:137)
   at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:283)
   at org.alfresco.repo.transaction.RetryingTransactionAdvice.invoke(RetryingTransactionAdvice.java:73)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:166)
   at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
   at $Proxy157.onShutdown(Unknown Source)
   at org.alfresco.linkvalidation.LinkValidationServiceBootstrap.onShutdown(LinkValidationServiceBootstrap.java:62)
   at org.alfresco.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:73)
   at org.springframework.context.event.SimpleApplicationEventMulticaster$1.run(SimpleApplicationEventMulticaster.java:77)
   at org.springframework.core.task.SyncTaskExecutor.execute(SyncTaskExecutor.java:49)
   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:75)
   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:246)
   at org.springframework.context.support.AbstractApplicationContext.doClose(AbstractApplicationContext.java:676)
   at org.springframework.context.support.AbstractApplicationContext.close(AbstractApplicationContext.java:651)
   at org.springframework.web.context.ContextLoader.closeWebApplicationContext(ContextLoader.java:336)
   at org.springframework.web.context.ContextLoaderListener.contextDestroyed(ContextLoaderListener.java:74)
   at org.apache.catalina.core.StandardContext.listenerStop(StandardContext.java:3805)
   at org.apache.catalina.core.StandardContext.stop(StandardContext.java:4357)
   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4246)
   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760)
   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740)
   at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544)
   at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:825)
   at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:714)
   at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490)
   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
   at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022)
   at org.apache.catalina.core.StandardHost.start(StandardHost.java:736)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014)
   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
   at org.apache.catalina.core.StandardService.start(StandardService.java:448)
   at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
   at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:597)
   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
10:31:49,724 INFO  [org.alfresco.web.site.FrameworkHelper] Successfully Initialized Web Framework

0 Kudos

jread
Champ in-the-making
Champ in-the-making

‎10-13-2008 11:34 AM

here is the rest of my configration

here is the C:\Alfresco\tomcat\webapps\alfresco\WEB-INF\web.xml


<?xml version='1.0' encoding='UTF-8'?>

<!DOCTYPE web-app PUBLIC
  "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
  "http://java.sun.com/dtd/web-app_2_3.dtd">

<web-app>
   <display-name>Alfresco Web Client</display-name>

   <description>Alfresco Web Client</description>

   <context-param>
      <param-name>org.jboss.jbossfaces.WAR_BUNDLES_JSF_IMPL</param-name>
      <param-value>true</param-value>
   </context-param>

   <context-param>
      <param-name>javax.faces.STATE_SAVING_METHOD</param-name>
      <param-value>server</param-value>
   </context-param>

   <context-param>
      <param-name>javax.faces.CONFIG_FILES</param-name>
      <param-value>/WEB-INF/faces-config-app.xml,/WEB-INF/faces-config-beans.xml,/WEB-INF/faces-config-navigation.xml,/WEB-INF/faces-config-common.xml,/WEB-INF/faces-config-repo.xml,/WEB-INF/faces-config-wcm.xml,/WEB-INF/faces-config-custom.xml</param-value>
   </context-param>

   <context-param>
      <param-name>org.apache.myfaces.ALLOW_JAVASCRIPT</param-name>
      <param-value>true</param-value>
   </context-param>

   <context-param>
      <param-name>org.apache.myfaces.DETECT_JAVASCRIPT</param-name>
      <param-value>false</param-value>
      <description>This is an EXPERIMENTAL feature, so leave it off for now!</description>
   </context-param>

   <context-param>
      <param-name>org.apache.myfaces.SERIALIZE_STATE_IN_SESSION</param-name>
      <param-value>false</param-value>
      <description>Stop MyFaces from Serializing the state to the session</description>
   </context-param>

    <!– TODO: Change this to false for production –>
    <context-param>
        <param-name>org.apache.myfaces.PRETTY_HTML</param-name>
        <param-value>true</param-value>
        <description>
            If true, rendered HTML code will be formatted, so that it is "human readable".
            i.e. additional line separators and whitespace will be written, that do not
            influence the HTML code.
            Default: "true"
        </description>
    </context-param>

    <context-param>
        <param-name>org.apache.myfaces.AUTO_SCROLL</param-name>
        <param-value>false</param-value>
        <description>
            If true, a javascript function will be rendered that is able to restore the
            former vertical scroll on every request. Convenient feature if you have pages
            with long lists and you do not want the browser page to always jump to the top
            if you trigger a link or button action that stays on the same page.
            Default: "false"
        </description>
    </context-param>

   <context-param>
      <param-name>contextConfigLocation</param-name>
      <param-value>
         classpath:alfresco/application-context.xml
         classpath:alfresco/webscript-framework-application-context.xml
         classpath:alfresco/web-client-application-context.xml
         classpath:alfresco/web-scripts-application-context.xml
         classpath:alfresco/web-services-application-context.xml

         <!–
         To give final control over the tuning of the custom environment,
         the custom-web-context.xml file is processed last (note:
         custom-web-context.xml isn't part of the source tree itself).
         –>
         classpath*:alfresco/extension/custom-web-context.xml

      </param-value>
      <description>Spring config file locations</description>
   </context-param>

   <filter>
      <filter-name>Authentication Filter</filter-name>
    <!–  
 <filter-class>org.alfresco.web.app.servlet.AuthenticationFilter</filter-class>
–>

     <filter-class>org.alfresco.web.app.servlet.KerberosAuthenticationFilter</filter-class>
     <init-param>
       <param-name>KDC</param-name>
       <param-value>10.65.220.12</param-value>
     </init-param>
     <init-param>
       <param-name>Realm</param-name>
       <param-value>AD.AUDUBON.COM</param-value>
     </init-param>
     <init-param>
       <param-name>Password</param-name>
       <param-value>alfresco</param-value>
     </init-param>
     <init-param>
       <param-name>Principal</param-name>
       <param-value>HTTP/alfresco.ad.audubon.com</param-value>
     </init-param>


    <!– For Novell IChain support use the following filter –>
      <!–
        <filter-class>org.alfresco.web.app.servlet.NovellIChainsHTTPRequestAuthenticationFilter</filter-class>
      –>

      <!– For NTLM authentication support use the following filter –>
      <!–
        <filter-class>org.alfresco.web.app.servlet.NTLMAuthenticationFilter</filter-class>
      –>
   </filter>

   <filter>
      <filter-name>WebDAV Authentication Filter</filter-name>
<!– 
      <filter-class>org.alfresco.repo.webdav.auth.AuthenticationFilter</filter-class>
–>


<filter-class>org.alfresco.repo.webdav.auth.KerberosAuthenticationFilter</filter-class>
     <init-param>
       <param-name>KDC</param-name>
       <param-value>10.65.220.12</param-value>
     </init-param>
     <init-param>
       <param-name>Realm</param-name>
       <param-value>AD.AUDUBON.COM</param-value>
     </init-param>
     <init-param>
       <param-name>Password</param-name>
       <param-value>alfresco</param-value>
     </init-param>
     <init-param>
       <param-name>Principal</param-name>
       <param-value>HTTP/alfresco.ad.audubon.com</param-value>
     </init-param>

      <!– For NTLM authentication support use the following filter –>
      <!–
        <filter-class>org.alfresco.repo.webdav.auth.NTLMAuthenticationFilter</filter-class>
      –>
   </filter>

   <filter>
      <filter-name>Admin Authentication Filter</filter-name>
      <filter-class>org.alfresco.web.app.servlet.AdminAuthenticationFilter</filter-class>
   </filter>

   <filter>
      <filter-name>MT WebScript Basic Authentication Filter</filter-name>
      <filter-class>org.alfresco.web.app.servlet.MTWebScriptAuthenticationFilter</filter-class>
      <init-param>
         <param-name>authenticator</param-name>
         <param-value>webscripts.authenticator.basic</param-value>
      </init-param>
   </filter>

   <filter>
      <filter-name>MT WebScript WC Authentication Filter</filter-name>
      <filter-class>org.alfresco.web.app.servlet.MTWebScriptAuthenticationFilter</filter-class>
      <init-param>
         <param-name>authenticator</param-name>
         <param-value>webscripts.authenticator.webclient</param-value>
      </init-param>
   </filter>

   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/faces/*</url-pattern>
   </filter-mapping>

   <!– For NTLM authentication support enable the following mapping –>
   <!–
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/navigate/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/command/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/download/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/template/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/n/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/c/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/t/*</url-pattern>
   </filter-mapping>
   
   <filter-mapping>
      <filter-name>Authentication Filter</filter-name>
      <url-pattern>/d/*</url-pattern>
   </filter-mapping>
   –>

   <filter-mapping>
      <filter-name>WebDAV Authentication Filter</filter-name>
      <url-pattern>/webdav/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Admin Authentication Filter</filter-name>
      <url-pattern>/faces/jsp/admin/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Admin Authentication Filter</filter-name>
      <url-pattern>/faces/jsp/categories/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Admin Authentication Filter</filter-name>
      <url-pattern>/faces/jsp/groups/*</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Admin Authentication Filter</filter-name>
      <url-pattern>/faces/jsp/users/delete-user.jsp</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Admin Authentication Filter</filter-name>
      <url-pattern>/faces/jsp/users/users.jsp</url-pattern>
   </filter-mapping>

   <filter-mapping>
      <filter-name>Admin Authentication Filter</filter-name>
      <url-pattern>/faces/jsp/admin/system-info.jsp</url-pattern>
   </filter-mapping>


   <!– for MT-context, force auth prior to WebScript binding
        for ST-context, pass through (or can explicitly comment out) –>

   <filter-mapping>
      <filter-name>MT WebScript Basic Authentication Filter</filter-name>
      <servlet-name>apiServlet</servlet-name>
   </filter-mapping>

   <filter-mapping>
      <filter-name>MT WebScript WC Authentication Filter</filter-name>
      <servlet-name>wcapiServlet</servlet-name>
   </filter-mapping>


   <listener>
      <listener-class>org.apache.myfaces.webapp.StartupServletContextListener</listener-class>
   </listener>

   <listener>
      <listener-class>org.springframework.web.util.Log4jConfigListener</listener-class>
   </listener>
   
   <listener>
      <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
   </listener>

   <listener>
      <listener-class>org.alfresco.web.app.ContextListener</listener-class>
   </listener>

   <!– Faces Servlet –>
   <servlet>
      <servlet-name>Faces Servlet</servlet-name>
      <servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
      <load-on-startup>1</load-on-startup>
   </servlet>

   <servlet>
      <servlet-name>uploadFile</servlet-name>
      <servlet-class>org.alfresco.web.app.servlet.UploadFileServlet</servlet-class>
   </servlet>

   <servlet>
      <servlet-name>uploadContent</servlet-name>
      <servlet-class>org.alfresco.web.app.servlet.UploadContentServlet</servlet-class>
   </servlet>

   <servlet>
      <servlet-name>downloadContent</servlet-name>
      <servlet-class>org.alfresco.web.app.servlet.DownloadContentServlet</servlet-class>
   </servlet>

   <servlet>
      <servlet-name>downloadRawContent</servlet-name>
      <servlet-class>org.alfresco.web.app.servlet.DownloadRawContentServlet</servlet-class>
   </servlet>

   <servlet>
      <servlet-name>guestDownloadContent</servlet-name>
      <servlet-class>org.alfresco.web.app.servlet.GuestDownloadContentServlet</servlet-class>
   </servlet>

   <servlet>
      <servlet-name>guestTemplateContent</servlet-name>
      <servlet-class>org.alfresco.web.app.servlet.GuestTemplateContentServlet</servlet-class>
   </servlet>

   <servlet>
      <servlet-name>externalAccess</servlet-name>
      <servlet-class>org.alfresco.web.app.servlet.ExternalAccessServlet</servlet-class>
   </servlet>

   <servlet>
      <servlet-name>templateContent</servlet-name>
      <servlet-class>org.alfresco.web.app.servlet.TemplateContentServlet</servlet-class>
   </servlet>

   <servlet>
      <servlet-name>commandServlet</servlet-name>
      <servlet-class>org.alfresco.web.app.servlet.CommandServlet</servlet-class>
   </servlet>

   <servlet>
      <servlet-name>ajaxServlet</servlet-name>
      <servlet-class>org.alfresco.web.app.servlet.ajax.AjaxServlet</servlet-class>
   </servlet>

   <servlet>
      <servlet-name>axis</servlet-name>
      <servlet-class>org.apache.axis.transport.http.AxisServlet</servlet-class>
      <load-on-startup>5</load-on-startup>
   </servlet>

   <servlet>
      <servlet-name>CXFServlet</servlet-name>
      <servlet-class>org.apache.cxf.transport.servlet.CXFServlet</servlet-class>
      <load-on-startup>6</load-on-startup>
   </servlet>

   <servlet>
      <servlet-name>WebDAV</servlet-name>
      <servlet-class>org.alfresco.repo.webdav.WebDAVServlet</servlet-class>
      <init-param>
         <param-name>store</param-name>
         <param-value>workspace://SpacesStore</param-value>
      </init-param>
      <init-param>
         <param-name>rootPath</param-name>
         <param-value>/app:company_home</param-value>
      </init-param>
      <load-on-startup>5</load-on-startup>
   </servlet>

   <servlet>
      <servlet-name>apiServlet</servlet-name>
      <servlet-class>org.alfresco.web.scripts.servlet.WebScriptServlet</servlet-class>
      <init-param>
         <param-name>authenticator</param-name>
         <param-value>webscripts.authenticator.basic</param-value>
      </init-param>
   </servlet>

   <servlet>
      <servlet-name>wcapiServlet</servlet-name>
      <servlet-class>org.alfresco.web.scripts.servlet.WebScriptServlet</servlet-class>
      <init-param>
         <param-name>authenticator</param-name>
         <param-value>webscripts.authenticator.webclient</param-value>
      </init-param>
   </servlet>

   <servlet>
      <servlet-name>portalapiServlet</servlet-name>
      <servlet-class>org.alfresco.web.scripts.servlet.WebScriptServlet</servlet-class>
      <init-param>
         <param-name>authenticator</param-name>
         <param-value>webscripts.authenticator.webclient</param-value>
      </init-param>
   </servlet>

   <servlet>
      <servlet-name>facebookServlet</servlet-name>
      <servlet-class>org.alfresco.web.scripts.facebook.FacebookServlet</servlet-class>
      <init-param>
         <param-name>authenticator</param-name>
         <param-value>webscripts.authenticator.facebook</param-value>
      </init-param>
   </servlet>

   <servlet>
      <servlet-name>fbapiServlet</servlet-name>
      <servlet-class>org.alfresco.web.scripts.facebook.FacebookAPIServlet</servlet-class>
      <init-param>
         <param-name>authenticator</param-name>
         <param-value>webscripts.authenticator.facebook</param-value>
      </init-param>
   </servlet>

   <servlet>
      <servlet-name>proxyServlet</servlet-name>
      <servlet-class>org.alfresco.web.scripts.servlet.HTTPProxyServlet</servlet-class>
   </servlet>

   <servlet>
      <servlet-name>workflowDefinitionImageServlet</servlet-name>
      <servlet-class>org.alfresco.web.app.servlet.WorkflowDefinitionImageServlet</servlet-class>
   </servlet>

   <servlet>
      <servlet-name>JBPMDeployProcessServlet</servlet-name>
      <servlet-class>org.alfresco.web.app.servlet.JBPMDeployProcessServlet</servlet-class>
   </servlet>

   <servlet-mapping>
      <servlet-name>Faces Servlet</servlet-name>
      <url-pattern>/faces/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>uploadFile</servlet-name>
      <url-pattern>/uploadFileServlet</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>uploadContent</servlet-name>
      <url-pattern>/upload/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>downloadContent</servlet-name>
      <url-pattern>/download/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>downloadContent</servlet-name>
      <url-pattern>/d/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>downloadRawContent</servlet-name>
      <url-pattern>/dr</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>guestDownloadContent</servlet-name>
      <url-pattern>/guestDownload/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>guestDownloadContent</servlet-name>
      <url-pattern>/gd/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>templateContent</servlet-name>
      <url-pattern>/template/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>templateContent</servlet-name>
      <url-pattern>/t/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>guestTemplateContent</servlet-name>
      <url-pattern>/guestTemplate/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>guestTemplateContent</servlet-name>
      <url-pattern>/gt/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>externalAccess</servlet-name>
      <url-pattern>/navigate/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>externalAccess</servlet-name>
      <url-pattern>/n/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>commandServlet</servlet-name>
      <url-pattern>/command/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>commandServlet</servlet-name>
      <url-pattern>/c/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>ajaxServlet</servlet-name>
      <url-pattern>/ajax/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>axis</servlet-name>
      <url-pattern>/api/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>CXFServlet</servlet-name>
      <url-pattern>/cmis/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
        <servlet-name>WebDAV</servlet-name>
        <url-pattern>/webdav/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>apiServlet</servlet-name>
      <url-pattern>/service/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>apiServlet</servlet-name>
      <url-pattern>/s/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>wcapiServlet</servlet-name>
      <url-pattern>/wcservice/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>wcapiServlet</servlet-name>
      <url-pattern>/wcs/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>portalapiServlet</servlet-name>
      <url-pattern>/168service/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>portalapiServlet</servlet-name>
      <url-pattern>/168s/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>facebookServlet</servlet-name>
      <url-pattern>/facebook/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>facebookServlet</servlet-name>
      <url-pattern>/fb/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>fbapiServlet</servlet-name>
      <url-pattern>/fbservice/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>fbapiServlet</servlet-name>
      <url-pattern>/fbs/*</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>proxyServlet</servlet-name>
      <url-pattern>/proxy</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>JBPMDeployProcessServlet</servlet-name>
      <url-pattern>/jbpm/deployprocess</url-pattern>
   </servlet-mapping>

   <servlet-mapping>
      <servlet-name>workflowDefinitionImageServlet</servlet-name>
      <url-pattern>/workflowdefinitionimage/*</url-pattern>
   </servlet-mapping>

   <session-config>
      <session-timeout>60</session-timeout>
   </session-config>

   <welcome-file-list>
      <welcome-file>index.jsp</welcome-file>
   </welcome-file-list>

   <error-page>
      <exception-type>java.lang.Exception</exception-type>
      <location>/jsp/error.jsp</location>
   </error-page>

</web-app>



Here is the C:\Alfresco\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\file-servers.xml
——————————————————————————————-

<alfresco-config area="file-servers">

   <config evaluator="string-compare" condition="CIFS Server">
     <serverEnable enabled="true"/>
      <host name="${cifs.localname}A" domain="${cifs.domain}"/>
      <comment>Alfresco CIFS Server</comment>

      <!– Set to the broadcast mask for the subnet –>
      <broadcast>${cifs.broadcast}</broadcast>

      <!– Use Java socket based NetBIOS over TCP/IP and native SMB on linux –>
      <tcpipSMB platforms="linux,solaris,macosx"/>
      <netBIOSSMB platforms="linux,solaris,macosx"/>

      <!– Can be mapped to non-privileged ports, then use firewall rules to forward
          requests from the standard ports –>
     <!–       
      <tcpipSMB port="1445" platforms="linux,solaris,macosx"/>
      <netBIOSSMB sessionPort="1139" namePort="1137" datagramPort="1138" platforms="linux,solaris,macosx"/>
     –>
       
      <hostAnnounce interval="5"/>

      <!– Use Win32 NetBIOS interface on Windows –>
      <Win32NetBIOS/>
      <Win32Announce interval="5"/>

      <!– CIFS authentication –>
      <authenticator type="enterprise">
      </authenticator>
      
<!–
      <WINS>
         <primary>1.2.3.4</primary>
         <secondary>5.6.7.8</secondary>
      </WINS>
–>
      <sessionDebug flags="Negotiate,Socket"/>
   </config>

   <config evaluator="string-compare" condition="FTP Server">
     <serverEnable enabled="true"/>
     
     <!– Run on a non-privileged port –>
     <!–
     <port>1121</port>
     –>

      <!– FTP authentication –>
      <authenticator type="alfresco"/>
           
<!–      <debug flags="File,Search,Error,Directory,Info,DataPort"/> –>
   </config>
   
   <config evaluator="string-compare" condition="NFS Server">
     <serverEnable enabled="false"/>
   </config>
   
   <config evaluator="string-compare" condition="Filesystems">
     <filesystems>
        
       <!– Alfresco repository access shared filesystem –>
         <filesystem name="Alfresco">
            <store>workspace://SpacesStore</store>
            <rootPath>/app:company_home</rootPath>

         <!– Add a URL file to each folder that links back to the web client –>
         <urlFile>
               <filename>__AlfrescoClient.url</filename>
               <webpath>http://${localname}:8080/alfresco/</webpath>
            </urlFile>

         <!– Mark locked files as offline –> 
          <offlineFiles/>

         <!– Desktop actions –>
         <!– Uses a client-side application to trigger a server-side action                         –>
         <!–   Echo - displays a message echoed from the server                                     –>
         <!–   URL  - launches a URL via the Windows shell                                          –>
         <!–   CmdLine - launches the Notepad application                                           –>
         <!–   CheckInOut - checks files in/out, drag and drop files onto the application           –>
         <!–   JavaScript - run a server-side script                                                –>
         <!–   JavaScriptURL - server-side script that generates a URL to the folder using a ticket –>
         <!–                   to avoid having to logon                                             –>

<!–
         <desktopActions>
            <global>
                    <path>alfresco/desktop/Alfresco.exe</path>
               <webpath>http://${localname}:8080/alfresco/</webpath>
            </global>
            <action>
               <class>org.alfresco.filesys.repo.desk.EchoDesktopAction</class>
               <name>Echo</name>
                 <filename>__AlfrescoEcho.exe</filename>
            </action>
            <action>
               <class>org.alfresco.filesys.repo.desk.URLDesktopAction</class>
               <name>URL</name>
                 <filename>__AlfrescoURL.exe</filename>
            </action>
            <action>
               <class>org.alfresco.filesys.repo.desk.CmdLineDesktopAction</class>
               <name>CmdLine</name>
                 <filename>__AlfrescoCmd.exe</filename>
            </action>
            <action>
               <class>org.alfresco.filesys.repo.desk.CheckInOutDesktopAction</class>
               <name>CheckInOut</name>
                 <filename>__AlfrescoCheckInOut.exe</filename>
            </action>
            <action>
               <class>org.alfresco.filesys.repo.desk.JavaScriptDesktopAction</class>
               <name>JavaScript</name>
               <filename>__AlfrescoScript.exe</filename>
               <script>alfresco/desktop/dumpRequest.js</script>
               <attributes>anyFiles, multiplePaths , allowNoParams</attributes>
               <preprocess>confirm, copyToTarget</preprocess>
            </action>
            <action>
               <class>org.alfresco.filesys.repo.desk.JavaScriptDesktopAction</class>
               <name>JavaScriptURL</name>
               <filename>__AlfrescoDetails.exe</filename>
               <script>alfresco/desktop/showDetails.js</script>
               <attributes>anyFiles</attributes>
               <preprocess>copyToTarget</preprocess>
            </action>

         </desktopActions>
–>          
                    
<!–
            <accessControl default="Write">
               <user name="admin" access="Write"/>
               <address subnet="90.1.0.0" mask="255.255.0.0" access="Write"/>
            </accessControl>
–>
         </filesystem>
         
         <!– AVM virtualization view of all stores/versions for WCM –>
         <!– virtual view can be any of the following: normal, site, staging, author, preview –>
         <avmfilesystem name="AVM">
            <virtualView stores="site,staging,author" />
         </avmfilesystem>
         
      </filesystems>
   </config>

   <config evaluator="string-compare" condition="Filesystem Security">
      <!– Domain mappings used for passthri authentication routing –>
<authenticator type="enterprise">
 <KDC>10.65.220.12</KDC> 
<Realm>AD.AUDUBON.COM</Realm>
 <Password>alfresco</Password> 
<LoginEntry>alfrescocifs</LoginEntry>
<Principal>cifs/alfresco.ad.audubon.com@AD.AUDUBON.COM</Principal>
 </authenticator> 


      <!–
      <DomainMappings>
         <Domain name="ALFRESCO" subnet="192.168.1.0" mask="192.168.1.255"/>
      </DomainMappings>
      –>
      
      <!– Custom share mapper when multi-tenancy is enabled –>
      <!–
     <shareMapper type="multi-tenant">
       <debug/>
     </shareMapper>
      –>
      
<!–
      <globalAccessControl default="None">
         <user name="admin" access="Write"/>
         <address ip="90.1.0.90" access="Write"/>
      </globalAccessControl>
–>
   </config>


</alfresco-config>


Here is the C:\Alfresco\jdk\jre\lib\security\java.login.config
—————————————————————'


AlfrescoCIFS {
   com.sun.security.auth.module.Krb5LoginModule required
   storeKey=true
   useKeyTab=true
   keyTab="C:/etc/alfrescocifs.keytab"
   principal="cifs/alfresco.ad.audubon.com";
};

AlfrescoHTTP {
   com.sun.security.auth.module.Krb5LoginModule required
   storeKey=true
   useKeyTab=true
   keyTab="C:/etc/alfrescohttp.keytab"
   principal="HTTP/alfresco.ad.audubon.com>";
};


C:\Alfresco\jdk\jre\lib\security\java.security
————————————————————-
#
# This is the "master security properties file".

#
security.provider.1=sun.security.provider.Sun
security.provider.2=sun.security.rsa.SunRsaSign
security.provider.3=com.sun.net.ssl.internal.ssl.Provider
security.provider.4=com.sun.crypto.provider.SunJCE
security.provider.5=sun.security.jgss.SunProvider
security.provider.6=com.sun.security.sasl.Provider
security.provider.7=org.jcp.xml.dsig.internal.dom.XMLDSigRI
security.provider.8=sun.security.smartcardio.SunPCSC
security.provider.9=sun.security.mscapi.SunMSCAPI

urandom
# enables use of the Microsoft CryptoAPI seed functionality.
#
securerandom.source=file:/dev/urandom
#

login.configuration.provider=com.sun.security.auth.login.ConfigFile

#
# Default login configuration file
#
#login.config.url.1=file:${user.home}/.java.login.config
login.config.url.1=file:C:\Alfresco\jdk\jre\lib\security\java.login.config

policy.provider=sun.security.provider.PolicyFile


policy.url.1=file:${java.home}/lib/security/java.policy
policy.url.2=file:${user.home}/.java.policy


policy.expandProperties=true


policy.allowSystemProperty=true


policy.ignoreIdentityScope=false

keystore.type=jks


system.scope=sun.security.provider.IdentityDatabase

#

package.access=sun.


security.overridePropertiesFile=true


ssl.KeyManagerFactory.algorithm=SunX509
ssl.TrustManagerFactory.algorithm=PKIX


#
networkaddress.cache.negative.ttl=10



Here is c:\windows\kb5.ini

——————————————————————-

libdefaults]
   default_realm = AD.AUDUBON.COM
   
   

[realms]
   AD.AUDUBON.COM = {
      admin_server = 10.65.220.12
      kdc = 10.65.220.12
      }
      

[domain_realm]
   .ad.audubon.com = AD.AUDUBON.COM
   ad.audubon.com = AD.AUDUBON.COM
   
0 Kudos

jread
Champ in-the-making
Champ in-the-making

‎10-13-2008 12:13 PM

Thank you for your reply agian…

I set this in the line

login.config.url.1=file:C:\Alfresco\jdk\jre\lib\security\java.login.config

found in C:\Alfresco\jdk\jre\lib\security\java.security

i thought maybe wrong that it would be better to include the path than the variables as shown in the how-to
0 Kudos

jread
Champ in-the-making
Champ in-the-making

‎10-13-2008 01:19 PM

Thank you I did that and now I am getting a message that

Client not found in Kerberos database (6) I am researching this since I have leash installed all the clients I think I am sending are there and authenticate so I have to figure out what Alfresco is sending.
0 Kudos

jread
Champ in-the-making
Champ in-the-making

‎10-14-2008 08:25 AM

here is the log file I do not know what file the error is in did a text search on all my config files and can not find the AD in any realms settings now.


08:18:19,683 INFO  [org.alfresco.config.xml.XMLConfigService$PropertyConfigurer] Loading properties file from class path resource [alfresco/file-servers.properties]
08:18:39,804 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] Schema managed by database dialect org.hibernate.dialect.MySQLInnoDBDialect.
08:18:42,719 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] No changes were made to the schema.
08:18:48,549 INFO  [org.alfresco.repo.admin.ConfigurationChecker] The Alfresco root data directory ('dir.root') is: C:\Alfresco\alf_data
08:18:48,659 INFO  [org.alfresco.repo.admin.patch.PatchExecuter] Checking for patches to apply …
08:18:49,119 INFO  [org.alfresco.repo.admin.patch.PatchExecuter] No patches were required.
08:18:49,119 INFO  [org.alfresco.repo.module.ModuleServiceImpl] Found 0 module(s).
08:18:52,582 INFO  [org.alfresco.service.descriptor.DescriptorService] Alfresco JVM - v1.6.0_07-b06; maximum heap size 493.063MB
08:18:52,582 WARN  [org.alfresco.service.descriptor.DescriptorService] Alfresco JVM - WARNING - maximum heap size 493.063MB is less than recommended 512MB
08:18:52,582 INFO  [org.alfresco.service.descriptor.DescriptorService] Alfresco started (Labs): Current version 3.0.0 (b 1164) schema 131 - Installed version 3.0.0 (b 1164) schema 131
08:18:52,977 WARN  [org.alfresco.linkvalidation.LinkValidationServiceImpl] LinkValidationService Update is not running (virtualization server not registered or started)
08:19:05,996 ERROR [org.alfresco.web.app.servlet.KerberosAuthenticationFilter] HTTP Kerberos web filter error
javax.security.auth.login.LoginException: Cannot get kdc for realm AD.AUDUBON.COM>
   at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:696)
   at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:542)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:597)
   at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
   at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
   at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
   at java.security.AccessController.doPrivileged(Native Method)
   at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
   at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
   at org.alfresco.web.app.servlet.KerberosAuthenticationFilter.init(KerberosAuthenticationFilter.java:366)
   at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:221)
   at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:302)
   at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:78)
   at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3635)
   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4222)
   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760)
   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740)
   at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544)
   at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:825)
   at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:714)
   at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490)
   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
   at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022)
   at org.apache.catalina.core.StandardHost.start(StandardHost.java:736)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014)
   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
   at org.apache.catalina.core.StandardService.start(StandardService.java:448)
   at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
   at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:597)
   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
Caused by: KrbException: Cannot get kdc for realm AD.AUDUBON.COM>
   at sun.security.krb5.KrbKdcReq.send(KrbKdcReq.java:133)
   at sun.security.krb5.KrbKdcReq.send(KrbKdcReq.java:106)
   at sun.security.krb5.KrbAsReq.send(KrbAsReq.java:434)
   at sun.security.krb5.Credentials.sendASRequest(Credentials.java:405)
   at sun.security.krb5.Credentials.acquireTGT(Credentials.java:355)
   at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:662)
   … 39 more
08:19:06,040 ERROR [org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/alfresco]] Exception starting filter Authentication Filter
javax.servlet.ServletException: Failed to login HTTP server service
   at org.alfresco.web.app.servlet.KerberosAuthenticationFilter.init(KerberosAuthenticationFilter.java:380)
   at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:221)
   at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:302)
   at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:78)
   at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3635)
   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4222)
   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760)
   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740)
   at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544)
   at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:825)
   at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:714)
   at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490)
   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
   at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022)
   at org.apache.catalina.core.StandardHost.start(StandardHost.java:736)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014)
   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
   at org.apache.catalina.core.StandardService.start(StandardService.java:448)
   at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
   at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:597)
   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
08:19:06,150 ERROR [org.alfresco.repo.webdav.auth.KerberosAuthenticationFilter] HTTP Kerberos web filter error
javax.security.auth.login.LoginException: Cannot get kdc for realm AD.AUDUBON.COM>
   at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:696)
   at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:542)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:597)
   at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
   at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
   at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
   at java.security.AccessController.doPrivileged(Native Method)
   at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
   at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
   at org.alfresco.repo.webdav.auth.KerberosAuthenticationFilter.init(KerberosAuthenticationFilter.java:340)
   at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:221)
   at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:302)
   at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:78)
   at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3635)
   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4222)
   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760)
   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740)
   at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544)
   at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:825)
   at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:714)
   at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490)
   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
   at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022)
   at org.apache.catalina.core.StandardHost.start(StandardHost.java:736)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014)
   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
   at org.apache.catalina.core.StandardService.start(StandardService.java:448)
   at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
   at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:597)
   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
Caused by: KrbException: Cannot get kdc for realm AD.AUDUBON.COM>
   at sun.security.krb5.KrbKdcReq.send(KrbKdcReq.java:133)
   at sun.security.krb5.KrbKdcReq.send(KrbKdcReq.java:106)
   at sun.security.krb5.KrbAsReq.send(KrbAsReq.java:434)
   at sun.security.krb5.Credentials.sendASRequest(Credentials.java:405)
   at sun.security.krb5.Credentials.acquireTGT(Credentials.java:355)
   at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:662)
   … 39 more
08:19:06,172 ERROR [org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/alfresco]] Exception starting filter WebDAV Authentication Filter
javax.servlet.ServletException: Failed to login HTTP server service
   at org.alfresco.repo.webdav.auth.KerberosAuthenticationFilter.init(KerberosAuthenticationFilter.java:354)
   at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:221)
   at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:302)
   at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:78)
   at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3635)
   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4222)
   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760)
   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740)
   at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544)
   at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:825)
   at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:714)
   at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490)
   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
   at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022)
   at org.apache.catalina.core.StandardHost.start(StandardHost.java:736)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014)
   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
   at org.apache.catalina.core.StandardService.start(StandardService.java:448)
   at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
   at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:597)
   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
08:19:06,325 ERROR [org.springframework.web.context.support.XmlWebApplicationContext] Exception thrown from ApplicationListener handling ContextClosedEvent
java.lang.IllegalStateException: The org.alfresco.cache.sysAdminCache Cache is not alive.
   at net.sf.ehcache.Cache.checkStatus(Cache.java:1588)
   at net.sf.ehcache.Cache.get(Cache.java:774)
   at net.sf.ehcache.Cache.get(Cache.java:755)
   at org.alfresco.repo.cache.EhCacheAdapter.get(EhCacheAdapter.java:87)
   at org.alfresco.repo.cache.TransactionalCache.get(TransactionalCache.java:347)
   at org.alfresco.repo.transaction.TransactionServiceImpl.isReadOnly(TransactionServiceImpl.java:82)
   at org.alfresco.repo.transaction.TransactionServiceImpl.getUserTransaction(TransactionServiceImpl.java:137)
   at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:283)
   at org.alfresco.repo.transaction.RetryingTransactionAdvice.invoke(RetryingTransactionAdvice.java:73)
   at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:166)
   at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
   at $Proxy157.onShutdown(Unknown Source)
   at org.alfresco.linkvalidation.LinkValidationServiceBootstrap.onShutdown(LinkValidationServiceBootstrap.java:62)
   at org.alfresco.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:73)
   at org.springframework.context.event.SimpleApplicationEventMulticaster$1.run(SimpleApplicationEventMulticaster.java:77)
   at org.springframework.core.task.SyncTaskExecutor.execute(SyncTaskExecutor.java:49)
   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:75)
   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:246)
   at org.springframework.context.support.AbstractApplicationContext.doClose(AbstractApplicationContext.java:676)
   at org.springframework.context.support.AbstractApplicationContext.close(AbstractApplicationContext.java:651)
   at org.springframework.web.context.ContextLoader.closeWebApplicationContext(ContextLoader.java:336)
   at org.springframework.web.context.ContextLoaderListener.contextDestroyed(ContextLoaderListener.java:74)
   at org.apache.catalina.core.StandardContext.listenerStop(StandardContext.java:3805)
   at org.apache.catalina.core.StandardContext.stop(StandardContext.java:4357)
   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4246)
   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760)
   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740)
   at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544)
   at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:825)
   at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:714)
   at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490)
   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
   at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022)
   at org.apache.catalina.core.StandardHost.start(StandardHost.java:736)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014)
   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
   at org.apache.catalina.core.StandardService.start(StandardService.java:448)
   at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
   at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:597)
   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
08:19:18,161 INFO  [org.alfresco.web.site.FrameworkHelper] Successfully Initialized Web Framework

0 Kudos

jread
Champ in-the-making
Champ in-the-making

‎10-14-2008 08:29 AM

i have used leash from MIT and it can authenticate HTTP/alfresco.ad.audubon.com@AD.AUDUBON.COM

heres is the Web.xml I think is being referanced.
   <filter-class>org.alfresco.web.app.servlet.KerberosAuthenticationFilter</filter-class>
     <init-param>
       <param-name>KDC</param-name>
       <param-value>audubon-2003.ad.audubon.com</param-value>
     </init-param>
     <init-param>
       <param-name>Realm</param-name>
       <param-value>AUDUBON.COM</param-value>
     </init-param>
     <init-param>
       <param-name>Password</param-name>
       <param-value>alfresco</param-value>
     </init-param>
     <init-param>
       <param-name>Principal</param-name>
       <param-value>HTTP/alfresco.ad.audubon.com@AD.AUDUBON.COM</param-value>
     </init-param>


    <!– For Novell IChain support use the following filter –>
      <!–
        <filter-class>org.alfresco.web.app.servlet.NovellIChainsHTTPRequestAuthenticationFilter</filter-class>
      –>

      <!– For NTLM authentication support use the following filter –>
      <!–
        <filter-class>org.alfresco.web.app.servlet.NTLMAuthenticationFilter</filter-class>
      –>
   </filter>

   <filter>
      <filter-name>WebDAV Authentication Filter</filter-name>
<!– 
      <filter-class>org.alfresco.repo.webdav.auth.AuthenticationFilter</filter-class>
–>


<filter-class>org.alfresco.repo.webdav.auth.KerberosAuthenticationFilter</filter-class>
     <init-param>
       <param-name>KDC</param-name>
       <param-value>audubon-2003.ad.audubon.com</param-value>
     </init-param>
     <init-param>
       <param-name>Realm</param-name>
       <param-value>AUDUBON.COM</param-value>
     </init-param>
     <init-param>
       <param-name>Password</param-name>
       <param-value>alfresco</param-value>
     </init-param>
     <init-param>
       <param-name>Principal</param-name>
       <param-value>HTTP/alfresco.ad.audubon.com@AD.AUDUBON.COM</param-value>
     </init-param>

      <!– For NTLM authentication support use the following filter –>
      <!–
        <filter-class>org.alfresco.repo.webdav.auth.NTLMAuthenticationFilter</filter-class>
      –>
   </filter>
0 Kudos

jread
Champ in-the-making
Champ in-the-making

‎10-15-2008 03:57 AM

BELMEKKI

I guess that is part of the issue – I want to not force my users to sign into alfresco and if they do need to sign in I want it to be the same as their Domain login.

I have tried NTLM LDAP etc.

It looked to me that I have to use KERBEROS to athenticate against the domain to get what I want. So far I have used the

I have been trying to follow this http://wiki.alfresco.com/wiki/Configuring_the_CIFS_and_web_servers_for_Kerberos/AD_integration

and followed it the above was the message I was reciving. I have adjusted the kb5.ini many times.
if have made the line
KDC = AUDUBON-2003.AD.AUDUBON.COM
i tried
KDC = 10.3.67.14 (ip address)

the  machine answers nslookup with the correct answers

the computer this is running on is a windows xp sp2 computer that is part of the domain and is named alfresco the FQDN is alfresco.ad.audubon.com
the KDC and the alfresco computer are in the same subnet and when I log in to the alfresco computer it is athenticating against the domain.

but so far it always stops with the line….

Cannot find the KDC for domain AD.AUDUBON.COM

I have worked on this all day yesterday and always get the same result. Maybe I am just to confused to make Alfresco work…

Their does not seam to be a clear way to do such a simple thing.

best regards
Jim
0 Kudos

jread
Champ in-the-making
Champ in-the-making

‎10-15-2008 11:11 AM

BELMEKKI

It is a shame you are the only one trying to help with this problem I guess Alfresco does not care if the communuty is sucsesful or not my error is 
 11:05:58,457 ERROR [org.alfresco.web.app.servlet.KerberosAuthenticationFilter] HTTP Kerberos web filter error
javax.security.auth.login.LoginException: Cannot get kdc for realm AD.AUDUBON.COM>

I can not for the life of me figure out what configuration file this is referancing ( i have tried them all)

so i will punt and try just AD…. Did you use NTLM or something else

Jim
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC