NTLM authentication error Alfresco 2.0prev
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-29-2007 12:27 PM
Hello all
I have a problem with the new release of alfresco.
I've been working on authentication with Alfresco 1.4. I use the LDAP export to get the users on alfresco. That works without problems with 1.4 and 2.0prev. When I try to log into alfresco on 1.4 using NTLM passtrouhgt it works, but the same configuration on alfresco 2.0prev crashes:
Why org.alfresco.repo.security.authentication.ntlm.NullMutableAuthenticationDao.getMD4HashedPassword is not implemented? Working with 1.4 I have no problem with this. Maybe a bug of the 2.0 preview?
Please help me.
Thanks
I have a problem with the new release of alfresco.
I've been working on authentication with Alfresco 1.4. I use the LDAP export to get the users on alfresco. That works without problems with 1.4 and 2.0prev. When I try to log into alfresco on 1.4 using NTLM passtrouhgt it works, but the same configuration on alfresco 2.0prev crashes:
18:13:55,178 DEBUG [app.servlet.NTLMAuthenticationFilter] New NTLM auth request from 10.226.137.178 (10.226.137.178:1973)18:13:55,182 DEBUG [app.servlet.NTLMAuthenticationFilter] Received type1 [Type1:0xa200b207,Domain:MYDOMAIN,Wks:PC03111]18:13:55,186 DEBUG [app.servlet.NTLMAuthenticationFilter] Sending NTLM type2 to client - [Type2:0x80000203,Target:ALFRESCOSERVER_A,Ch:7b733c91488a34d9]18:13:55,192 DEBUG [app.servlet.NTLMAuthenticationFilter] Received type3 [Type3:,LM:53e18ca648f88a5696088ff7cded917e0642a1662cd8261c,NTLM:ed0b85cb8a116c585816b2cc81015a0e9f92e0c41c0e4090,Dom:,MYDOMAINUser:HSANTANDER,Wks:PC03111]18:13:55,192 ERROR [[localhost].[/alfresco].[externalAccess]] Servlet.service() para servlet externalAccess lanzó excepciónorg.alfresco.error.AlfrescoRuntimeException: Not implemented at org.alfresco.repo.security.authentication.ntlm.NullMutableAuthenticationDao.getMD4HashedPassword(NullMutableAuthenticationDao.java:293) at org.alfresco.repo.security.authentication.AuthenticationComponentImpl.getMD4HashedPassword(AuthenticationComponentImpl.java:99) at org.alfresco.web.app.servlet.NTLMAuthenticationFilter.processType3(NTLMAuthenticationFilter.java:658) at org.alfresco.web.app.servlet.NTLMAuthenticationFilter.doFilter(NTLMAuthenticationFilter.java:392) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) at java.lang.Thread.run(Thread.java:595)Why org.alfresco.repo.security.authentication.ntlm.NullMutableAuthenticationDao.getMD4HashedPassword is not implemented? Working with 1.4 I have no problem with this. Maybe a bug of the 2.0 preview?
Please help me.
Thanks
Labels:
- Labels:
-
Archive
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-30-2007 05:03 AM
Hi,
Could you email me your authentication configuration XML files, plus the file-servers.xml and file-servers-custom.xml (if you have the custom file).
Thanks
Gary
Could you email me your authentication configuration XML files, plus the file-servers.xml and file-servers-custom.xml (if you have the custom file).
Thanks
Gary
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-30-2007 11:26 AM
Hello Gary
I already send you by email the files. I put it here too for document this problem in the forum.
When I first tried the url of the web client I get this errors:
Then I use the Disconnect link at the botton of errors and the NTLM window (using firefox) ask me the user/password to authenticate. Then alfresco troughts the error about MD4.
The extension/custom-file-servers.xml (I haven't modified file-servers.xml):
The extension/custom-authentication-services-context.xml:
As I comment in the first post, the same configuration works without problems in Alfresco 1.4 (the only problem is documented in JIRA AR-1120, so tha's the reason I want to Alfresco 2.0preview works with this configuration).
I look at the forum but anybody seems to have this problem.
Any help will be appretieted. Thanks
I already send you by email the files. I put it here too for document this problem in the forum.
When I first tried the url of the web client I get this errors:
javax.faces.FacesException: Cannot get value for expression '#{NavigationBean.companyHomeVisible}'caused by:org.apache.jasper.JasperException: Cannot get value for expression '#{NavigationBean.companyHomeVisible}'caused by:javax.faces.el.EvaluationException: Cannot get value for expression '#{NavigationBean.companyHomeVisible}'caused by:javax.faces.el.EvaluationException: org.alfresco.web.bean.NavigationBeancaused by:javax.faces.el.EvaluationException: Bean: org.alfresco.web.bean.NavigationBean, property: companyHomeVisiblecaused by:java.lang.reflect.InvocationTargetExceptioncaused by:net.sf.acegisecurity.AuthenticationCredentialsNotFoundException: A valid SecureContext was not provided in the RequestContextThen I use the Disconnect link at the botton of errors and the NTLM window (using firefox) ask me the user/password to authenticate. Then alfresco troughts the error about MD4.
org.alfresco.error.AlfrescoRuntimeException: Not implementedThe extension/custom-file-servers.xml (I haven't modified file-servers.xml):
<alfresco-config area="file-servers"> <!– To override the default Alfresco filesystem use replace="true", to –> <!– add additional filesystems remove the replace="true" attribute –> <config evaluator="string-compare" condition="CIFS Server" replace="true"> <host name="${localname}_A"/> <comment>Alfresco CIFS Server</comment> <!– Set to the broadcast mask for the subnet –> <broadcast>255.255.255.255</broadcast> <!– Use Java socket based NetBIOS over TCP/IP and native SMB on linux –> <tcpipSMB platforms="linux,solaris,macosx"/> <netBIOSSMB platforms="linux,solaris,macosx"/> <hostAnnounce interval="5"/> <!– Use Win32 NetBIOS interface on Windows –> <Win32NetBIOS/> <Win32Announce interval="5"/> <WINS> <primary>10.226.128.46</primary> </WINS> <sessionDebug flags="Negotiate,Socket"/> </config> <config evaluator="string-compare" condition="Filesystems" replace="true"> <filesystems> <filesystem name="Alfresco"> <store>workspace://SpacesStore</store> <rootPath>/app:company_home</rootPath> <!– Add a URL file to each folder that links back to the web client –> <urlFile> <filename>__Alfresco.url</filename> <webpath>http://${localname}:8080/alfresco/</webpath> </urlFile> <!– Mark locked files as offline –> <offlineFiles/> <!– Desktop actions –><!– <desktopActions> <global> <path>alfresco/desktop/Alfresco.exe</path> <webpath>http://${localname}:8080/alfresco/</webpath> </global> <action> <class>org.alfresco.filesys.smb.server.repo.desk.CheckInOutDesktopAction</class> <name>CheckInOut</name> <filename>__CheckInOut.exe</filename> </action> <action> <class>org.alfresco.filesys.smb.server.repo.desk.JavaScriptDesktopAction</class> <name>JavaScriptURL</name> <filename>__ShowDetails.exe</filename> <script>alfresco/desktop/showDetails.js</script> <attributes>anyFiles</attributes> <preprocess>copyToTarget</preprocess> </action> </desktopActions>–><!– <accessControl default="Write"> <user name="admin" access="Write"/> <address subnet="90.1.0.0" mask="255.255.0.0" access="Write"/> </accessControl>–> </filesystem> </filesystems> </config> <config evaluator="string-compare" condition="Filesystem Security"> <authenticator type="passthru"> <Server>10.226.128.113</Server> <Domain>TTTTHACIENDA_DO</Domain> </authenticator> </config></alfresco-config>The extension/custom-authentication-services-context.xml:
<?xml version='1.0' encoding='UTF-8'?><!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'><beans> <!– The person service. –> <bean id="personService" class="org.alfresco.repo.security.person.PersonServiceImpl"> <property name="nodeService"> <ref bean="nodeService" /> </property> <property name="searchService"> <ref bean="searchService" /> </property> <property name="permissionServiceSPI"> <ref bean="permissionServiceImpl" /> </property> <property name="authorityService"> <ref bean="authorityService" /> </property> <property name="namespacePrefixResolver"> <ref bean="namespaceService" /> </property> <!– Configurable properties. –> <!– –> <!– TODO: –> <!– Add support for creating real home spaces adn setting –> <!– permissions on the hame space and people created. –> <!– –> <!– The store in which people are persisted. –> <property name="storeUrl"> <value>${spaces.store}</value> </property> <!– Some authentication mechanisms may need to create people –> <!– in the repository on demand. This enables that feature. –> <!– If dsiabled an error will be generated for missing –> <!– people. If enabled then a person will be created and –> <!– persisted. –> <!– Valid values are –> <!– ${server.transaction.allow-writes} –> <!– false –> <property name="createMissingPeople"><!– <value>${server.transaction.allow-writes}</value> –> <value>false</value> </property> <property name="userNamesAreCaseSensitive"> <value>${user.name.caseSensitive}</value> </property> <!– New properties after 1.4.0 to deal with duplicate user ids when found –> <property name="processDuplicates"> <value>true</value> </property> <!– one of: LEAVE, SPLIT, DELETE –> <property name="duplicateMode"> <value>SPLIT</value> </property> <property name="lastIsBest"> <value>true</value> </property> <property name="includeAutoCreated"> <value>false</value> </property> </bean> <bean name="homeFolderManager" class="org.alfresco.repo.security.person.HomeFolderManager"> <property name="nodeService"> <ref bean="nodeService" /> </property> <property name="policyComponent"> <ref bean="policyComponent" /> </property> <property name="defaultProvider"> <ref bean="personalHomeFolderProvider" /> </property> </bean> <bean name="companyHomeFolderProvider" class="org.alfresco.repo.security.person.ExistingPathBasedHomeFolderProvider"> <property name="serviceRegistry"> <ref bean="ServiceRegistry" /> </property> <property name="path"> <value>/${spaces.company_home.childname}</value> </property> <property name="storeUrl"> <value>${spaces.store}</value> </property> <property name="homeFolderManager"> <ref bean="homeFolderManager" /> </property> </bean> <bean name="guestHomeFolderProvider" class="org.alfresco.repo.security.person.ExistingPathBasedHomeFolderProvider"> <property name="serviceRegistry"> <ref bean="ServiceRegistry" /> </property> <property name="path"> <value>/${spaces.company_home.childname}/${spaces.guest_home.childname}</value> </property> <property name="storeUrl"> <value>${spaces.store}</value> </property> <property name="homeFolderManager"> <ref bean="homeFolderManager" /> </property> <property name="userPemissions"> <set> <value>Consumer</value> </set> </property> </bean> <bean name="bootstrapHomeFolderProvider" class="org.alfresco.repo.security.person.BootstrapHomeFolderProvider"> <property name="homeFolderManager"> <ref bean="homeFolderManager" /> </property> </bean> <bean name="personalHomeFolderProvider" class="org.alfresco.repo.security.person.UIDBasedHomeFolderProvider"> <property name="serviceRegistry"> <ref bean="ServiceRegistry" /> </property> <property name="path"><!– <value>/${spaces.company_home.childname}</value> –> <value>/${spaces.company_home.childname}/cm:Usuarios</value> </property> <property name="storeUrl"> <value>${spaces.store}</value> </property> <property name="homeFolderManager"> <ref bean="homeFolderManager" /> </property> <property name="inheritsPermissionsOnCreate"> <value>false</value> </property> <property name="ownerPemissionsToSetOnCreate"> <set> <value>All</value> </set> </property> <property name="userPemissions"> <set> <value>All</value> </set> </property> </bean> <bean name="userHomesHomeFolderProvider" class="org.alfresco.repo.security.person.UIDBasedHomeFolderProvider"> <property name="serviceRegistry"> <ref bean="ServiceRegistry" /> </property> <property name="path"> <value>/${spaces.company_home.childname}/${spaces.user_homes.childname}</value> </property> <property name="storeUrl"> <value>${spaces.store}</value> </property> <property name="homeFolderManager"> <ref bean="homeFolderManager" /> </property> <property name="inheritsPermissionsOnCreate"> <value>false</value> </property> <property name="ownerPemissionsToSetOnCreate"> <set> <value>All</value> </set> </property> <property name="userPemissions"> <set> <value>All</value> </set> </property> </bean> <!– The ticket component. –> <!– Used for reauthentication –> <bean id="ticketComponent" class="org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl"> <property name="ticketsCache"> <ref bean="ticketsCache"/> </property> <!– The period for which tickets are valid in XML duration format. –> <!– The default is P1H for one hour. –> <property name="validDuration"> <value>P1H</value> </property> <!– Do tickets expire or live for ever? –> <property name="ticketsExpire"> <value>false</value> </property> <!– Are tickets only valid for a single use? –> <property name="oneOff"> <value>false</value> </property> </bean> <!– Here for now. Probably want remote-context.xml file. –> <!– The AuthenticationService exported as an RMI service. –> <bean id="rmiAuthenticationService" class="org.springframework.remoting.rmi.RmiServiceExporter"> <property name="service"> <ref bean="AuthenticationService"/> </property> <property name="serviceInterface"> <value>org.alfresco.service.cmr.security.AuthenticationService</value> </property> <property name="serviceName"> <value>authentication</value> </property> <property name="registryPort"> <value>${avm.remote.port}</value> </property> </bean></beans>As I comment in the first post, the same configuration works without problems in Alfresco 1.4 (the only problem is documented in JIRA AR-1120, so tha's the reason I want to Alfresco 2.0preview works with this configuration).
I look at the forum but anybody seems to have this problem.
Any help will be appretieted. Thanks
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-01-2007 07:00 AM
Gary, did you find somthing about this error?
Any help will be appreciated. Thanks
Any help will be appreciated. Thanks
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-05-2007 05:34 AM
Any of the Alfresco Engineers can help me? I know Alfresco 2.0 is a preview but, this configuration works on 1.4 except AR-1120.
Thanks
Thanks
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-19-2007 05:51 AM
Hi
Make sure you have changed any beans called "authenticationComponentImpl" to "authenticationComponent".
This was changed in 2.0 to tidy up some transactional bean definitions.
It sounds like you have configured the alfresco authentication with the NTLM DAO - which would most likely arise as described above.
Regards
Andy
Make sure you have changed any beans called "authenticationComponentImpl" to "authenticationComponent".
This was changed in 2.0 to tidy up some transactional bean definitions.
It sounds like you have configured the alfresco authentication with the NTLM DAO - which would most likely arise as described above.
Regards
Andy
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-19-2007 08:13 AM
This didn't work for my installation.
Thanks
Thanks
