Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

LDAP Authentication with SSL only

Go to answer
garbetsp
Champ on-the-rise
Champ on-the-rise

‎09-27-2016 02:29 PM

I have a site which can be accessed by SSL only. I've configured the server.xml with a certificate to only enable the 8443 port of the site. This has caused the LDAP authentication to fail, I look in the logs and it's hitting localhost:8080, which is disabled. How can I modify LDAP to work when 8080 is disabled, and all communication must go through 8443 over SSL?

Labels:
0 Kudos
1 ACCEPTED ANSWER

Go to answer
afaust
Legendary Innovator
Legendary Innovator

‎09-27-2016 04:07 PM

Can you provide the error details from the log?

Making Alfresco accessible via SSL should have no side effects on LDAP authentication which is completely separate from the Tomcat connector configuration.

The only thing I can imagine is that you have unknowingly cut the connection between the Share and Repository tier by disabling the port 8080. In this case you should adapt the share-config-custom.xml configuration for the section "Remote", specifically the URL of the endpoint elements.

View answer in original post

3 REPLIES 3

Go to answer
afaust
Legendary Innovator
Legendary Innovator

‎09-27-2016 04:07 PM

Can you provide the error details from the log?

Making Alfresco accessible via SSL should have no side effects on LDAP authentication which is completely separate from the Tomcat connector configuration.

The only thing I can imagine is that you have unknowingly cut the connection between the Share and Repository tier by disabling the port 8080. In this case you should adapt the share-config-custom.xml configuration for the section "Remote", specifically the URL of the endpoint elements.

Go to answer
garbetsp
Champ on-the-rise
Champ on-the-rise

‎09-28-2016 12:26 PM

Editing this file did change which port it's hitting, and the error logs changed from hitting a dead port to not trusting the cert (hint: it wasn't registered to localhost). So I changed it to point to the server name itself.

Now I'm getting the following:

2016-09-28 11:21:49,300 INFO [webscripts.connector.RemoteClient] [http-bio-844
3-exec-5] Exception calling (GET) http://XXX.com:8443/alfresc
o/s/api/admin/restrictions?guest=true
2016-09-28 11:21:49,300 INFO [webscripts.connector.RemoteClient] [http-bio-84
43-exec-5] Error status 500 null
org.apache.http.client.ClientProtocolException
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttp
Client.java:186)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttp
Client.java:186)

...

Over and over in the logs.

0 Kudos

Go to answer
garbetsp
Champ on-the-rise
Champ on-the-rise
In response to garbetsp

‎09-28-2016 12:33 PM

DOH! 

http -> https for protocol and it just worked.

Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC