Hyland Connect

stuartmcmahon · ‎09-12-2006

I have an ldap server I wish to use to authenticate logon.
How do i do it?
I've tried editing and renaming the ldap-authentication-context.xml.sample
with the server address and dropping it into extension folder but no use.
what am I doing wrong??

andy · ‎09-14-2006

Hi

You are trying to do the corrcet thing.

See http://wiki.alfresco.com/wiki/Enterprise_Security_and_Authentication_Configuration

Where exactly did you put the file?
What did you call it?

What did not work? Was there an error?

Regards

Andy

stuartmcmahon · ‎09-14-2006

Hi Andy,
I have since realised that NTLM authentication would suit me best.
I have 2 NTLM servers that I wish to chain but when I do this I cannot login successfully.
The thing is if I put either one of these servers in the ntlm-authentication-context.xml in the extrension folder I can login successfully.
I have updated the chaining-authentication-context.xml and placed it in the extension folder, it is listed below.
Can you tell me what else I must configure for NTLM chaining to work.

thanks a million,
Stuart.

Here is my chaining-authentication-context.xml file……

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>

<beans>

    <!– Chaining –>

    <bean id="authenticationServiceImpl" class="org.alfresco.repo.security.authentication.ChainingAuthenticationServiceImpl">
        <property name="authenticationServices">
            <list>
                <ref bean="authenticationComponentImplIE"/>
                <ref bean="authenticationComponentImplUS"/>
            </list>
        </property>
        <property name="mutableAuthenticationService">
            <ref bean="authenticationServiceImplAlfresco"/>
        </property>
    </bean>

    <!– Alfresco Auth –>

    <bean id="authenticationServiceImplAlfresco" class="org.alfresco.repo.security.authentication.AuthenticationServiceImpl">
        <property name="authenticationDao">
            <ref bean="authenticationDaoAlfresco"/>
        </property>
        <property name="ticketComponent">
            <ref bean="ticketComponent"/>
        </property>
        <property name="authenticationComponent">
            <ref bean="authenticationComponentImplAlfresco"/>
        </property>
    </bean>

    <bean id="authenticationDaoAlfresco" class="org.alfresco.repo.security.authentication.RepositoryAuthenticationDao">
        <property name="nodeService">
            <ref bean="nodeService"/>
        </property>
        <property name="dictionaryService">
            <ref bean="dictionaryService"/>
        </property>
        <property name="namespaceService">
            <ref bean="namespaceService"/>
        </property>
        <property name="searchService">
            <ref bean="searchService"/>
        </property>
        <property name="userNamesAreCaseSensitive">
            <value>${user.name.caseSensitive}</value>
        </property>
        <property name="passwordEncoder">
            <ref bean="passwordEncoder"/>
        </property>
    </bean>

    <bean id="authenticationComponentImplAlfresco" class="org.alfresco.repo.security.authentication.AuthenticationComponentImpl">
        <property name="authenticationDao">
            <ref bean="authenticationDaoAlfresco"/>
        </property>
        <property name="authenticationManager">
            <ref bean="authenticationManager"/>
        </property>
        <property name="allowGuestLogin">
            <value>true</value>
        </property>
    </bean>

    <!– NTLM –>

    <bean id="authenticationComponentImplIE" class="org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl">
        <property name="servers">
            <value>IESERVER</value>
        </property>
        <property name="useLocalServer">
            <value>false</value>
        </property>
        <property name="personService">
            <ref bean="personService" />
        </property>
        <property name="nodeService">
            <ref bean="nodeService" />
        </property>
        <property name="guestAccess">
            <value>false</value>
        </property>
    </bean>


    <bean id="authenticationComponentImplUS" class="org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl">
        <property name="servers">
            <value>USSERVER</value>
        </property>
        <property name="useLocalServer">
            <value>false</value>
        </property>
        <property name="personService">
            <ref bean="personService" />
        </property>
        <property name="nodeService">
            <ref bean="nodeService" />
        </property>
        <property name="guestAccess">
            <value>false</value>
        </property>
    </bean>

</beans>

gary_spencer · ‎09-18-2006

Hi,

Rather than using a chaining auth component have you tried using the NTLM passthru auth with a Servers value of 'IESERVER,USSERVER'. The passthru auth component will load balance the requests across all of the servers in the list.

Are the problems when logging in via the web client or CIFS client ?.

Cheers

Gary

stuartmcmahon · ‎09-19-2006

Hi Gary,
I have but that doesn't work!
The authentication details are not replicated on both servers.
Therefore when a user attempts to login they will be denied access but on their second attempt they are successful.
Alfresco picks a server attempts to login but does not try the next on the list if a failure occurs.

thanks for your help though,
Stuart.

Hyland Connect

ldap server...