Hello!
I´m having some trouble with the FTP Configuration on an Alfresco Labs installation.
The FTP Server is being started, but it is being impossible to connect to it while the authenticator can´t be recognized correctly.
As the log says, there is an wrong authentication setup for alfresco authenticator.
I´m am using Afresco with CAS-SSO and LDAP Authentication (Apache DS).
Here is my config for the FTP server in the file-servers.xml:
And this is the important log output part after starting Alfresco:
Does anybody have any idea how to solve this issue?
Is there anyway I can conrrectly configure the Alfresco Authenticator for the FTP Server? Where? :?:
I would be very gratefull for any kind of help
Thanks!
I´m having some trouble with the FTP Configuration on an Alfresco Labs installation.
The FTP Server is being started, but it is being impossible to connect to it while the authenticator can´t be recognized correctly.
As the log says, there is an wrong authentication setup for alfresco authenticator.
I´m am using Afresco with CAS-SSO and LDAP Authentication (Apache DS).
Here is my config for the FTP server in the file-servers.xml:
<config evaluator="string-compare" condition="FTP Server">
<serverEnable enabled="true"/>
<debug flags="File,Search,Error,Directory,Info,DataPort"/>
<port>21</port>
<authenticator type="alfresco">
</authenticator>
</config>
And this is the important log output part after starting Alfresco:
12:51:37,904 User:System ERROR [alfresco.smb.protocol] FTP server configuration error, Wrong authentication setup for alfresco authenticator
org.alfresco.error.AlfrescoRuntimeException: Wrong authentication setup for alfresco authenticator
at org.alfresco.filesys.ServerConfigurationBean.processFTPServerConfig(ServerConfigurationBean.java:1835)
at org.alfresco.filesys.ServerConfigurationBean.init(ServerConfigurationBean.java:583)
at org.alfresco.filesys.ServerConfigurationBean.onApplicationEvent(ServerConfigurationBean.java:3098)
at org.springframework.context.event.SimpleApplicationEventMulticaster$1.run(SimpleApplicationEventMulticaster.java:77)
at org.springframework.core.task.SyncTaskExecutor.execute(SyncTaskExecutor.java:49)
at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:75)
at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:241)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:349)
at org.springframework.web.context.support.AbstractRefreshableWebApplicationContext.refresh(AbstractRefreshableWebApplicationContext.java:156)
at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:246)
at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:184)
at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:49)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3764)
at org.apache.catalina.core.StandardContext.start(StandardContext.java:4216)
at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760)
at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740)
at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544)
at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:825)
at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:714)
at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490)
at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:736)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014)
at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
at org.apache.catalina.core.StandardService.start(StandardService.java:448)
at org.apache.catalina.core.StandardServer.start(StandardServer.java:700)
at org.apache.catalina.startup.Catalina.start(Catalina.java:552)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433)
12:51:37,928 User:System INFO [alfresco.ftp.server] Starting server FTP …
Does anybody have any idea how to solve this issue?
Is there anyway I can conrrectly configure the Alfresco Authenticator for the FTP Server? Where? :?:
I would be very gratefull for any kind of help
Thanks!
Hello???
Anybody there??? I have not found any solution yet…
Please, some help…
ops:
Thanks…
Anybody there??? I have not found any solution yet…
Please, some help…
ops: Thanks…
Hello, Belmekki!
thank you very much for your help and time!
I still having the problem with the alfressco Authenticator after setting the FTP Server like you posted.
Do you know where and how ist this authenticator configured? I didn´t set anything like this in my enviroment.
Also have not seen someone talking about setting this authenticator in any thread. And believe me, I have searched a lot!
If you have any idea of what could be wrong with my system, tell me please. I really don´t understand what´s happening.
Thanks a lot!
Regards
Wagner
thank you very much for your help and time!
I still having the problem with the alfressco Authenticator after setting the FTP Server like you posted.
14:52:35,181 User:System ERROR [alfresco.smb.protocol] FTP server configuration error, Wrong authentication setup for alfresco authenticator
org.alfresco.error.AlfrescoRuntimeException: Wrong authentication setup for alfresco authenticator
…
Do you know where and how ist this authenticator configured? I didn´t set anything like this in my enviroment.
Also have not seen someone talking about setting this authenticator in any thread. And believe me, I have searched a lot!
If you have any idea of what could be wrong with my system, tell me please. I really don´t understand what´s happening.
Thanks a lot!
Regards
Wagner
Hello!
Thanks one more time
This configuration is like mine. But mine still not working.
I post the chaning-context and the ldap-context one more time. They depend on each other, so there was nothing wrong with my chaining file.
ldap-authentication-context.xml:
chaining-authentication-context.xml:
There is no failure output in my logs, just The users still not able to log to the ftp server.
I could see that after adding a new user in alfresco itself, the user is able to log in to the ftp.
The problem is there anywhere between ftp and ldap authenticator.
I also though, it could be the MD4 hashing used on the password, but after saving the passwords with MD4 hashed passwords in the ldap, nothing changed.
So I have no ideas anymore
Thanks !
Regards
Thanks one more time
This configuration is like mine. But mine still not working.
I post the chaning-context and the ldap-context one more time. They depend on each other, so there was nothing wrong with my chaining file.
ldap-authentication-context.xml:
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
<beans>
<!– The main configuration has moved into a properties file –>
<bean name="ldapAuthenticationPlaceholderConfigurer" class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="ignoreUnresolvablePlaceholders">
<value>true</value>
</property>
<property name="locations">
<value>classpath:alfresco/extension/ldap-authentication.properties</value>
</property>
</bean>
<!– DAO that rejects changes - LDAP is read only at the moment. It does allow users to be deleted with out warnings from the UI. –>
<bean name="authenticationDaoLDAP" class="org.alfresco.repo.security.authentication.DefaultMutableAuthenticationDao" >
<property name="allowDeleteUser">
<value>false</value>
</property>
</bean>
<!– LDAP authentication configuration –>
<!–
You can also use JAAS authentication for Kerberos against Active Directory or NTLM if you also require single sign on from the
web browser. You do not have to use LDAP authentication to synchronise groups and users from an LDAP store if it supports other
authentication routes, like Active Directory.
–>
<bean id="authenticationComponentLDAP"
class="org.alfresco.repo.security.authentication.ldap.LDAPAuthenticationComponentImpl"
parent="authenticationComponentBase">
<property name="LDAPInitialDirContextFactory">
<ref bean="ldapInitialDirContextFactory"/>
</property>
<property name="userNameFormat">
<value>${ldap.authentication.userNameFormat}</value>
</property>
<property name="nodeService">
<ref bean="nodeService" />
</property>
<property name="personService">
<ref bean="personService" />
</property>
<property name="transactionService">
<ref bean="transactionService" />
</property>
<property name="escapeCommasInBind">
<value>${ldap.authentication.escapeCommasInBind}</value>
</property>
<property name="escapeCommasInUid">
<value>${ldap.authentication.escapeCommasInUid}</value>
</property>
</bean>
<!–
This bean is used to support general LDAP authentication. It is also used to provide read only access to users and groups
to pull them out of the LDAP reopsitory
–>
<bean id="ldapInitialDirContextFactory" class="org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl">
<property name="initialDirContextEnvironment">
<map>
<!– The LDAP provider –>
<entry key="java.naming.factory.initial">
<value>${ldap.authentication.java.naming.factory.initial}</value>
</entry>
<!– The url to the LDAP server –>
<!– Note you can use space separated urls - they will be tried in turn until one works –>
<!– This could be used to authenticate against one or more ldap servers (you will not know which one ….) –>
<entry key="java.naming.provider.url">
<value>${ldap.authentication.java.naming.provider.url}</value>
</entry>
<!– The authentication mechanism to use –>
<!– Some sasl authentication mechanisms may require a realm to be set –>
<!– java.naming.security.sasl.realm –>
<!– The available options will depend on your LDAP provider –>
<entry key="java.naming.security.authentication">
<value>${ldap.authentication.java.naming.security.authentication}</value>
</entry>
<!– The id of a user who can read group and user information –>
<!– This does not go through the pattern substitution defined above and is used "as is" –>
<entry key="java.naming.security.principal">
<value>${ldap.authentication.java.naming.security.principal}</value>
</entry>
<!– The password for the user defined above –>
<entry key="java.naming.security.credentials">
<value>${ldap.authentication.java.naming.security.credentials}</value>
</entry>
</map>
</property>
</bean>
</beans>
chaining-authentication-context.xml:
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
<beans>
<!– Chaining of both the services and components –>
<bean id="authenticationService" class="org.alfresco.repo.security.authentication.ChainingAuthenticationServiceImpl">
<property name="authenticationServices">
<list>
<ref bean="authenticationServiceImplLDAP"/>
</list>
</property>
<property name="mutableAuthenticationService">
<ref bean="authenticationServiceImplAlfresco"/>
</property>
<property name="sysAdminCache">
<ref bean="sysAdminCache"/>
</property>
</bean>
<bean id="authenticationComponent" class="org.alfresco.repo.security.authentication.ChainingAuthenticationComponentImpl">
<property name="authenticationComponents">
<list>
<ref bean="authenticationComponentLDAP"/>
</list>
</property>
<property name="mutableAuthenticationComponent">
<ref bean="authenticationComponentImplAlfresco"/>
</property>
</bean>
<!– Alfresco Auth –>
<bean id="authenticationServiceImplAlfresco" class="org.alfresco.repo.security.authentication.AuthenticationServiceImpl">
<property name="authenticationDao">
<ref bean="authenticationDaoAlfresco"/>
</property>
<property name="ticketComponent">
<ref bean="ticketComponent"/>
</property>
<property name="authenticationComponent">
<ref bean="authenticationComponentImplAlfresco"/>
</property>
<property name="sysAdminCache">
<ref bean="sysAdminCache"/>
</property>
</bean>
<bean id="authenticationDaoAlfresco" class="org.alfresco.repo.security.authentication.RepositoryAuthenticationDao">
<property name="nodeService">
<ref bean="nodeService"/>
</property>
<property name="tenantService">
<ref bean="tenantService"/>
</property>
<property name="dictionaryService">
<ref bean="dictionaryService"/>
</property>
<property name="namespaceService">
<ref bean="namespaceService"/>
</property>
<property name="searchService">
<ref bean="admSearchService"/>
</property>
<property name="retryingTransactionHelper">
<ref bean="retryingTransactionHelper"/>
</property>
<property name="userNamesAreCaseSensitive">
<value>${user.name.caseSensitive}</value>
</property>
<property name="passwordEncoder">
<ref bean="passwordEncoder"/>
</property>
</bean>
<bean id="authenticationComponentImplAlfresco" class="org.alfresco.repo.security.authentication.AuthenticationComponentImpl" parent="authenticationComponentBase">
<property name="authenticationDao">
<ref bean="authenticationDaoAlfresco"/>
</property>
<property name="authenticationManager">
<ref bean="authenticationManager"/>
</property>
<property name="allowGuestLogin">
<value>false</value>
</property>
<property name="nodeService">
<ref bean="nodeService" />
</property>
<property name="personService">
<ref bean="personService" />
</property>
<property name="transactionService">
<ref bean="transactionService" />
</property>
</bean>
<!– LDAP –>
<bean id="authenticationServiceImplLDAP" class="org.alfresco.repo.security.authentication.AuthenticationServiceImpl">
<property name="authenticationDao">
<ref bean="authenticationDaoLDAP"/>
</property>
<property name="ticketComponent">
<ref bean="ticketComponent"/>
</property>
<property name="authenticationComponent">
<ref bean="authenticationComponentLDAP"/>
</property>
<property name="sysAdminCache">
<ref bean="sysAdminCache"/>
</property>
</bean>
</beans>
There is no failure output in my logs, just The users still not able to log to the ftp server.
I could see that after adding a new user in alfresco itself, the user is able to log in to the ftp.
The problem is there anywhere between ftp and ldap authenticator.
I also though, it could be the MD4 hashing used on the password, but after saving the passwords with MD4 hashed passwords in the ldap, nothing changed.
So I have no ideas anymore
Thanks !
Regards
