Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Hyland Connect
- Enterprise Platforms
- Alfresco
- Alfresco Archive
- MOVED - LDAP Configuration
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
MOVED - LDAP Configuration
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-10-2008 11:05 PM
Hi,
I am a new user of Alfresco and for days struggling to connect it to either my OpenLDAP or Active Directory systems.
It would be much easier if a user authentication page could be included under the Administration Console to configure this feature.
Thank you.
I am a new user of Alfresco and for days struggling to connect it to either my OpenLDAP or Active Directory systems.
It would be much easier if a user authentication page could be included under the Administration Console to configure this feature.
Thank you.
Labels:
- Labels:
-
Archive
30 REPLIES 30
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2008 02:42 PM
Belmekki;
I think that some HOW TOs for this basic configurations like this. Even though it sounds very easy for more experienced people like yourself, it is not as easy for noobs like me.
How about having a section just for HOW TOs where we can post complete guides to help others like me get through this basic stuff much quicker.
If I can get this one working, I will create the first one call HOW TO LDAP Authentication just like the Ubuntu, Trixbox and other project do.
So far the documentation and wikis I have found have bits and pieces you are supposed to put together, some one gives you a chuck of and xml file but doesn't specify if you need to configure the rest. So that's where I stand at this point.
Your information is great, it tells me that besides the ldap-authentication-context.xml, the chaining-authentication-context.xml I also need to configure the ldap-syncronization-context.xml. The question is, where is the best place to find real life examples of these type of configurations? Back to searching the forums again!
Thank you.
I think that some HOW TOs for this basic configurations like this. Even though it sounds very easy for more experienced people like yourself, it is not as easy for noobs like me.
How about having a section just for HOW TOs where we can post complete guides to help others like me get through this basic stuff much quicker.
If I can get this one working, I will create the first one call HOW TO LDAP Authentication just like the Ubuntu, Trixbox and other project do.
So far the documentation and wikis I have found have bits and pieces you are supposed to put together, some one gives you a chuck of and xml file but doesn't specify if you need to configure the rest. So that's where I stand at this point.
Your information is great, it tells me that besides the ldap-authentication-context.xml, the chaining-authentication-context.xml I also need to configure the ldap-syncronization-context.xml. The question is, where is the best place to find real life examples of these type of configurations? Back to searching the forums again!
Thank you.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-12-2008 11:26 AM
This is just great!
I will more than happy to test the HOW TO and provide as much feedback as possible. I can test on Ubuntu and openldap, Windows 2003 and Active Directory.
I will be trying your instructions here soon, I can't wait to be able to login using an user account from Active Directory.
Thank you very much Belmekki for taking the time to post and provide this so much needed information.
Marco.
I will more than happy to test the HOW TO and provide as much feedback as possible. I can test on Ubuntu and openldap, Windows 2003 and Active Directory.
I will be trying your instructions here soon, I can't wait to be able to login using an user account from Active Directory.
Thank you very much Belmekki for taking the time to post and provide this so much needed information.
Marco.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-12-2008 05:37 PM
Belmekki,
My intent with this post under this section was to raise an issue that new users are facing, and I still think that better documentation or easier implementation from inside Alfresco needs to be done.
On the other hand, I would like to move the discussion to a better place, maybe installation or configuration in the forums. I will create a new post and try to link it to this.
Thank you.
Marco.
Update:
Created new Thread for discussion here: http://forums.alfresco.com/en/viewtopic.php?f=9&t=14741
My intent with this post under this section was to raise an issue that new users are facing, and I still think that better documentation or easier implementation from inside Alfresco needs to be done.
On the other hand, I would like to move the discussion to a better place, maybe installation or configuration in the forums. I will create a new post and try to link it to this.
Thank you.
Marco.
Update:
Created new Thread for discussion here: http://forums.alfresco.com/en/viewtopic.php?f=9&t=14741
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-11-2009 06:47 PM
First and foremost a large amount of thanks to Belmekki!!!!
This forum was a tremendous help.
I am running the Alfresco Ent 3.0.1 on Linux Fedora 10 on a network that is Linux/Windows and all systems authenticate against Active Directory with Kerbreros (500+users). I have avoided LDAP for a while but this was the only solution for my current applications.
I did find it necessary to change the ldap-authentication.properties file to a little different settings than on this file.
If you are auth against AD I have tried this on 3 different servers and it worked by just renaming ldap-authentication.properties.sample to ldap-authentication.properties and changing the setting listed
# How to map the user id entered by the user to that passed through to LDAP
# - simple
# - this must be a DN and would be something like
# CN=%s,DC=company,DC=com
# - digest
# - usually pass through what is entered
# %s
ldap.authentication.userNameFormat=%s@foobar.com
# The LDAP context factory to use
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
# The URL to connect to the LDAP server
# This was necessary to talk to AD on secure LDAP
ldap.authentication.java.naming.provider.url=ldaps://ip to server:636
# The authentication mechanism to use
#ldap.authentication.java.naming.security.authentication=DIGEST-MD5
# SIMPLE worked for me
ldap.authentication.java.naming.security.authentication=SIMPLE
# The default principal to use (only used for LDAP sync)
# ldap account I use with the fully qualified name
ldap.authentication.java.naming.security.principal=ldapman@foobar.com
# The password for the default principal (only used for LDAP sync)
# Duh the password
ldap.authentication.java.naming.security.credentials=*************
# Escape commas entered by the user at bind time
# Useful when using simple authentication and the CN is part of the DN and contains commas
ldap.authentication.escapeCommasInBind=false
# Escape commas entered by the user when setting the authenticated user
# Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped \, is
# pulled in as part of an LDAP sync
# If this option is set to true it will break the default home folder provider as space names can not contain \
ldap.authentication.escapeCommasInUid=false
This forum was a tremendous help.
I am running the Alfresco Ent 3.0.1 on Linux Fedora 10 on a network that is Linux/Windows and all systems authenticate against Active Directory with Kerbreros (500+users). I have avoided LDAP for a while but this was the only solution for my current applications.
I did find it necessary to change the ldap-authentication.properties file to a little different settings than on this file.
If you are auth against AD I have tried this on 3 different servers and it worked by just renaming ldap-authentication.properties.sample to ldap-authentication.properties and changing the setting listed
# How to map the user id entered by the user to that passed through to LDAP
# - simple
# - this must be a DN and would be something like
# CN=%s,DC=company,DC=com
# - digest
# - usually pass through what is entered
# %s
ldap.authentication.userNameFormat=%s@foobar.com
# The LDAP context factory to use
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
# The URL to connect to the LDAP server
# This was necessary to talk to AD on secure LDAP
ldap.authentication.java.naming.provider.url=ldaps://ip to server:636
# The authentication mechanism to use
#ldap.authentication.java.naming.security.authentication=DIGEST-MD5
# SIMPLE worked for me
ldap.authentication.java.naming.security.authentication=SIMPLE
# The default principal to use (only used for LDAP sync)
# ldap account I use with the fully qualified name
ldap.authentication.java.naming.security.principal=ldapman@foobar.com
# The password for the default principal (only used for LDAP sync)
# Duh the password
ldap.authentication.java.naming.security.credentials=*************
# Escape commas entered by the user at bind time
# Useful when using simple authentication and the CN is part of the DN and contains commas
ldap.authentication.escapeCommasInBind=false
# Escape commas entered by the user when setting the authenticated user
# Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped \, is
# pulled in as part of an LDAP sync
# If this option is set to true it will break the default home folder provider as space names can not contain \
ldap.authentication.escapeCommasInUid=false
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-19-2009 07:06 AM
Hi Belmekki,
I am Configuring Alfresco 2.1 to work with LDAP (oracle OID). I am able to authenticate LDAP
user from alfresco using ldap-authentication-context.xml. But I am not able to login using
alfresco user (admin).
Could you please share your thoughts about synchronization & chaining authentication ?
Thanks in advance
Vishal
I am Configuring Alfresco 2.1 to work with LDAP (oracle OID). I am able to authenticate LDAP
user from alfresco using ldap-authentication-context.xml. But I am not able to login using
alfresco user (admin).
Could you please share your thoughts about synchronization & chaining authentication ?
Thanks in advance
Vishal
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-03-2009 05:32 AM
Belmekki & battletroll01
Thanks a lot!!!!,
Thanks a lot!!!!,
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-03-2009 02:48 AM
Hello Belmekki & battletroll01,
I want to know the configuration of OpenDS in Alfresco
I have created user1 as
uid=user1,dc=example,dc=com
and user2
cn=user2,dc=example,dc=com
ldap-authentication.properties is:
I am not able to authenticate users in Alfresco.
Can you put some pointers on this???
I want to know the configuration of OpenDS in Alfresco
I have created user1 as
uid=user1,dc=example,dc=com
and user2
cn=user2,dc=example,dc=com
ldap-authentication.properties is:
#
# This properties file brings together the common options for LDAP authentication rather than editing the bean definitions
#
# How to map the user id entered by the user to taht passed through to LDAP
# - simple
# - this must be a DN and would be something like
# CN=%s,DC=company,DC=com
# - digest
# - usually pass through what is entered
# %s
ldap.authentication.userNameFormat=%s@example.com
# The LDAP context factory to use
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
# The URL to connect to the LDAP server
ldap.authentication.java.naming.provider.url=ldap://10.199.92.3:389
# The authentication mechanism to use
ldap.authentication.java.naming.security.authentication=SIMPLE
# The default principal to use (only used for LDAP sync)
ldap.authentication.java.naming.security.principal=user1@example.com
# The password for the default principal (only used for LDAP sync)
ldap.authentication.java.naming.security.credentials=test
# Escape commas entered by the user at bind time
# Useful when using simple authentication and the CN is part of the DN and contains commas
ldap.authentication.escapeCommasInBind=false
# Escape commas entered by the user when setting the authenticated user
# Useful when using simple authentication and the CN is part of the DN and contains commas, and the escaped \, is
# pulled in as part of an LDAP sync
# If this option is set to true it will break the default home folder provider as space names can not contain \
ldap.authentication.escapeCommasInUid=falseI am not able to authenticate users in Alfresco.
Can you put some pointers on this???
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-10-2009 07:21 AM
Dear all,
I have done the necessary configurations to the files but when I login into the Alfresco Explorer I get this error:
Summary of error:
Anybody with an idea on how I can sort out this problem?
Please remember i can successfully login into the application but will not be able to do anything because of this error. Your suggestions on how i can sort out this problem, willl really be appreciated.
Regards,
Davis M Onsakia
I have done the necessary configurations to the files but when I login into the Alfresco Explorer I get this error:
Summary of error:
javax.faces.FacesException: Error calling action method of component with id loginForm:submit
caused by:
javax.faces.el.EvaluationException: Exception while invoking expression #{LoginBean.login}
caused by:
java.lang.NullPointerException
javax.faces.FacesException: Error calling action method of component with id loginForm:submit
at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:72)
at javax.faces.component.UICommand.broadcast(UICommand.java:109)
at javax.faces.component.UIViewRoot._broadcastForPhase(UIViewRoot.java:97)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:171)
at org.apache.myfaces.lifecycle.InvokeApplicationExecutor.execute(InvokeApplicationExecutor.java:32)
at org.apache.myfaces.lifecycle.LifecycleImpl.executePhase(LifecycleImpl.java:95)
at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:70)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:139)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.alfresco.web.app.servlet.AuthenticationFilter.doFilter(AuthenticationFilter.java:94)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)
Caused by: javax.faces.el.EvaluationException: Exception while invoking expression #{LoginBean.login}
at org.apache.myfaces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:156)
at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:61)
… 22 more
Caused by: java.lang.NullPointerException
at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent.isGuestUserName(AbstractAuthenticationComponent.java:359)
at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent.authenticate(AbstractAuthenticationComponent.java:124)
at org.alfresco.repo.security.authentication.AuthenticationServiceImpl.authenticate(AuthenticationServiceImpl.java:118)
at org.alfresco.repo.security.authentication.ChainingAuthenticationServiceImpl.authenticate(ChainingAuthenticationServiceImpl.java:166)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:296)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:177)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:144)
at net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:80)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:166)
at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:49)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:166)
at org.alfresco.repo.audit.AuditComponentImpl.audit(AuditComponentImpl.java:275)
at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:69)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:166)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:107)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:166)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy24.authenticate(Unknown Source)
at org.alfresco.web.bean.LoginBean.login(LoginBean.java:274)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.myfaces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:132)
… 23 more
Anybody with an idea on how I can sort out this problem?
Please remember i can successfully login into the application but will not be able to do anything because of this error. Your suggestions on how i can sort out this problem, willl really be appreciated.
Regards,
Davis M Onsakia
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-10-2009 07:27 AM
I suspect you are running Alfresco v3.2 with some out-of-date Spring configuration. Please state which Alfresco version you are using and what files you have changed.
Related Content
- ldapS configuration for samba-ad in Alfresco Forum
- ldap configuration in alfresco 7.2 in docker in Alfresco Forum
- Different time Syncronization Ldap in Alfresco Forum
- Script for Content Rule in Alfresco Community 2.1.0 in Alfresco Forum
- ACS 7.3 CE Kerberos SSO not working, always shows login page in Alfresco Forum
Getting started
Tags
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.
