Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

LDAP + Alfresco user authent...

davidbarbion
Champ in-the-making
Champ in-the-making

‎09-19-2006 10:49 AM

Is there anyone who can give me the configuration file to chain ldap+alfresco user authentication ?

The example given in "chaining" doesn't cover this topic, and I couldn't manage to do it…

Thanks in advance.
Labels:
0 Kudos
50 REPLIES 50

rivetlogic
Champ on-the-rise
Champ on-the-rise

‎09-30-2006 04:41 PM

Hi,

This should work:

chaining-authentication-context.xml
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>

<beans>

    <!– Chaining –>
    <bean id="authenticationServiceImpl" class="org.alfresco.repo.security.authentication.ChainingAuthenticationServiceImpl">
        <property name="authenticationServices">
            <list>
                <ref bean="authenticationServiceImplLDAP"/>
            </list>
        </property>
        <property name="mutableAuthenticationService">
            <ref bean="authenticationServiceImplAlfresco"/>
        </property>
    </bean>

    <!– Alfresco Auth –>
    <bean id="authenticationServiceImplAlfresco" class="org.alfresco.repo.security.authentication.AuthenticationServiceImpl">
        <property name="authenticationDao">
            <ref bean="authenticationDaoAlfresco"/>
        </property>
        <property name="ticketComponent">
            <ref bean="ticketComponent"/>
        </property>
        <property name="authenticationComponent">
            <ref bean="authenticationComponentImplAlfresco"/>
        </property> 
    </bean>
         
    <bean id="authenticationDaoAlfresco" class="org.alfresco.repo.security.authentication.RepositoryAuthenticationDao">
        <property name="nodeService">
            <ref bean="nodeService"/>
        </property>
        <property name="dictionaryService"> 
            <ref bean="dictionaryService"/>
        </property>
        <property name="namespaceService">
            <ref bean="namespaceService"/>
        </property> 
        <property name="searchService"> 
            <ref bean="searchService"/>
        </property> 
        <property name="userNamesAreCaseSensitive">
            <value>${user.name.caseSensitive}</value>
        </property>
        <property name="passwordEncoder">
            <ref bean="passwordEncoder"/>
        </property>
    </bean>

    <bean id="authenticationComponentImplAlfresco" class="org.alfresco.repo.security.authentication.AuthenticationComponentImpl">
        <property name="authenticationDao">
            <ref bean="authenticationDaoAlfresco"/>
        </property>
        <property name="authenticationManager">
            <ref bean="authenticationManager"/>
        </property>
        <property name="allowGuestLogin">
            <value>true</value>
        </property>
    </bean>

   <!– LDAP Auth –>
    <bean id="authenticationServiceImplLDAP" class="org.alfresco.repo.security.authentication.AuthenticationServiceImpl">
        <property name="authenticationDao">
            <ref bean="authenticationDaoLDAP" />
        </property>
        <property name="ticketComponent">
            <ref bean="ticketComponent" />
        </property>
        <property name="authenticationComponent">
            <ref bean="authenticationComponentImplLDAP" />
        </property>
    </bean>

    <bean id="authenticationComponentImplLDAP" class="org.alfresco.repo.security.authentication.ldap.LDAPAuthenticationComponentImpl">
        <property name="LDAPInitialDirContextFactory">
            <ref bean="ldapInitialDirContextFactory"/>
        </property>
        <property name="userNameFormat">
            <value>cn=%s,ou=people,dc=rivetlogic,dc=com</value>
        </property>
    </bean>

    <bean id="authenticationDaoLDAP" class="org.alfresco.repo.security.authentication.ntlm.NullMutableAuthenticationDao"/>

</beans>

ldap-authentication-context.xml:
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>

<beans>

    <bean id="ldapInitialDirContextFactory" class="org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl">
        <property name="initialDirContextEnvironment">
            <map>
                <!– The LDAP provider –>
                <entry key="java.naming.factory.initial">
                    <value>com.sun.jndi.ldap.LdapCtxFactory</value>
                </entry>

                <!– The url to the LDAP server –>
                <entry key="java.naming.provider.url">
                    <value>ldap://xx.xx.xx.xx:389</value>
                </entry>

                <!– The authentication mechanism to use      –>
                <!– Some sasl authentication mechanisms may require a realm to be set –>
                <!–                java.naming.security.sasl.realm –>
                <!– The available options will depend on your LDAP provider –>
                <entry key="java.naming.security.authentication">
                    <value>simple</value>
                </entry>

                <!– The id of a user who can read group and user information –>
                <!– This does not go through the pattern substitution defined above and is used "as is" –>
                <entry key="java.naming.security.principal">
                    <value>cn=user_with_read_access,dc=rivetlogic,dc=com</value>
                </entry>

                <!– The password for the user defined above –>
                <entry key="java.naming.security.credentials">
                    <value>*****</value>
                </entry>
            </map>
        </property>
    </bean>

</beans>

Hope this helps,

–Aladdin
0 Kudos

davidbarbion
Champ in-the-making
Champ in-the-making

‎10-02-2006 03:48 AM

Ok, thank you very much. I'll try the conf as soon as possible.
0 Kudos

ribz33
Champ on-the-rise
Champ on-the-rise

‎10-04-2006 11:13 AM

Its not working for me. Smiley Sad

All my users were defined in a LDAP and its working.
Now i want to implement chaining in order to have internal alfresco users also.

So i had created an internal user in web client.
I had copy/paste your code for chaining.

Now i can connect with external LDAP user like before but i cant connect with internal user that i had created.
I have this error

javax.faces.FacesException: Error calling action method of component with id loginForm:submit
caused by:
javax.faces.el.EvaluationException: Exception while invoking expression #{LoginBean.login}
caused by:
org.alfresco.error.AlfrescoRuntimeException: Not implemented

I had done more test :
Without ldap config i can connect with internal user - its ok
Without chaining config i can connect with external users and internal user are unknow  - its ok

For info i use 1.4 preview

I expect someone have an idea Smiley Wink
thx a lot
0 Kudos

rivetlogic
Champ on-the-rise
Champ on-the-rise

‎10-04-2006 11:35 AM

Hi,

Just for clarification; have you replaced:

- userNameFormat
- java.naming.provider.url
- java.naming.security.principal
- java.naming.security.credentials

with the appropriate values?

–Aladdin
0 Kudos

ribz33
Champ on-the-rise
Champ on-the-rise

‎10-04-2006 11:38 AM

Yes Smiley Very Happy

And my problem is with internal users not external users.
So my LDAP configuration is working.

Thx for your help Smiley Happy
0 Kudos

rivetlogic
Champ on-the-rise
Champ on-the-rise

‎10-04-2006 01:33 PM

Hi,

For what it's worth, I tried chaining LDAP/Alfresco authentication using the config listed here and had no problems. I used 1.4 Preview.

Try posting your chaining-authentication-context.xml and ldap-authentication-context.xml files.

Regards,

–Aladdin
0 Kudos

ribz33
Champ on-the-rise
Champ on-the-rise

‎10-09-2006 04:48 AM

Ok sorry,

i had found my mistake !

I had forgot to delete bean "authenticationComponentImpl" in ldap-authetication-context.xml

Its working now !

Thx for your help Smiley Very Happy
0 Kudos

unknown-user
Champ on-the-rise
Champ on-the-rise

‎05-14-2007 04:57 AM

Hi all,

I'm using the 2.0 version and have the same exception when I change the name of the bean authenticationServiceImpl to authenticationService. It is necessary to modify ldap-authentication-context.xml to get Chaining service running?

Thanks

Felipe
0 Kudos

cn2ca
Champ in-the-making
Champ in-the-making

‎05-18-2007 06:43 PM

Its not working for me. Smiley Sad

All my users were defined in a LDAP and its working.
Now i want to implement chaining in order to have internal alfresco users also.

So i had created an internal user in web client.
I had copy/paste your code for chaining.

Now i can connect with external LDAP user like before but i cant connect with internal user that i had created.
I have this error

javax.faces.FacesException: Error calling action method of component with id loginForm:submit
caused by:
javax.faces.el.EvaluationException: Exception while invoking expression #{LoginBean.login}
caused by:
org.alfresco.error.AlfrescoRuntimeException: Not implemented

I had done more test :
Without ldap config i can connect with internal user - its ok
Without chaining config i can connect with external users and internal user are unknow  - its ok

For info i use 1.4 preview

I expect someone have an idea Smiley Wink
thx a lot

Hi, someone have idea about that? i have the same issue of that…
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC