Hyland Connect

martin_cowie · ‎02-27-2007

Having followed the instructions on enabling NTLM at http://wiki.alfresco.com/wiki/Configuring_NTLM#NTLM_Passthru_Authentication , when I try to login I am given this exception instead..


Caused by: org.alfresco.error.AlfrescoRuntimeException: Not implemented
        at org.alfresco.repo.security.authentication.ntlm.NullMutableAuthenticationDao.loadUserByUsername(NullMutableAuthenticationDao.java:316)
        at net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider.getUserFromBackend(DaoAuthenticationProvider.java:390)
        at net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider.authenticate(DaoAuthenticationProvider.java:225)
        at net.sf.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:159)
        at net.sf.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:49)
        at org.alfresco.repo.security.authentication.AuthenticationComponentImpl.authenticate(AuthenticationComponentImpl.java:74)
        at org.alfresco.repo.security.authentication.AuthenticationServiceImpl.authenticate(AuthenticationServiceImpl.java:112)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:335)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:181)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:148)
        at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:116)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170)
        at net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:80)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170)
        at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:49)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170)
        at org.alfresco.repo.audit.AuditComponentImpl.auditImpl(AuditComponentImpl.java:219)
        at org.alfresco.repo.audit.AuditComponentImpl.audit(AuditComponentImpl.java:165)
        at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:69)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170)
        at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:176)
        at $Proxy20.authenticate(Unknown Source)
        at org.alfresco.web.bean.LoginBean.login(LoginBean.java:243)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at org.apache.myfaces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:129)
        … 24 more
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Which is reasonable given the implementation of NullMutableAuthenticationDao.loadUserByUsername being …


public UserDetails loadUserByUsername(String arg0) throws UsernameNotFoundException, DataAccessException
{
    throw new AlfrescoRuntimeException("Not implemented");
    
//   return null;
}
‍‍‍‍‍‍‍‍

This all happened after I created ntlm-authentication-context.xml with the following content …


<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>

<beans>       
    <bean id="authenticationComponentImpl" class="org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl">
        <property name="useLocalServer">
            <value>true</value>
        </property>
        <property name="personService">
            <ref bean="personService" />
        </property>
        <property name="nodeService">
            <ref bean="nodeService" />
        </property>
        <property name="guestAccess">
            <value>false</value>
        </property>
    </bean>    
</beans>
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

As this is running on a Windows 2000 workstation, I imagine that useLocalServer=true is reasonable. Can anyone say where I may have gone wrong?

andy · ‎03-02-2007

Hi

Change any bean names from authenticationComponentImpl to authenticationComponent.

Andy

hsantander · ‎03-02-2007

Hi

I'm sorry Andy, but that doesn't work.

When you take away all references to authenticationComponentImpl and use authenticationComponent Alfresco doesn't authenticate on the community version (maybe that works on Enterprise, but I it's supposed to be the same functionalities both versions in Alfresco 2.0 about NTLM).

Using references to authenticationComponent only got working CIFS with NNTLM authentication. When I use custom-ntlm-authentication-context.xml:

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>

<beans>

    <bean id="authenticationDao" class="org.alfresco.repo.security.authentication.ntlm.NullMutableAuthenticationDao" />

    <!– The authentication component.                                      –>

    <!– Use the passthru authentication component to authenticate using    –>
    <!– user accounts on one or more Windows servers.                      –>

    <!– Properties that specify the server(s) to use for passthru          –>
    <!– authentication :-                                                  –>
    <!–   useLocalServer   use the local server for authentication         –>
    <!–   domain           use domain controllers from the specified domain–>
    <!–   servers          comma delimted list of server addresses or      –>
    <!–                    names                                           –>

<!–    <bean id="authenticationComponentImpl" class="org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl"> –>
    <bean id="authenticationComponent" class="org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl">
        <property name="useLocalServer">
            <value>true</value>
        </property>
        <property name="personService">
            <ref bean="personService" />
        </property>
        <property name="nodeService">
            <ref bean="nodeService" />
        </property>
        <property name="guestAccess">
            <value>false</value>
        </property>
<!–    <property name="servers">
                <value>10.226.128.113</value>
        </property>
        <property name="domain">
                <value>TTTTHACIENDA_DO</value>
        </property> –>
    </bean>

</beans>
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Then I got this error:

14:47:27,282 ERROR [alfresco.smb.protocol] Failed to get local domain/workgroup name, using default of WORKGROUP
14:47:27,283 ERROR [alfresco.smb.protocol] (This may be due to firewall settings or incorrect <broadcast> setting)
14:47:27,298 ERROR [alfresco.smb.protocol] CIFS server configuration error, Wrong authentication setup for passthru authenticator (can only be used with LDAP/JAAS auth component)
org.alfresco.error.AlfrescoRuntimeException: Wrong authentication setup for passthru authenticator (can only be used with LDAP/JAAS auth component)
        at org.alfresco.filesys.server.config.ServerConfiguration.processSecurityConfig(ServerConfiguration.java:2269)
        at org.alfresco.filesys.server.config.ServerConfiguration.init(ServerConfiguration.java:634)
        at org.alfresco.filesys.server.config.ServerConfiguration.onBootstrap(ServerConfiguration.java:4007)
        at org.alfresco.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:62)
        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:45)
        at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:225)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:323)
        at org.springframework.web.context.support.AbstractRefreshableWebApplicationContext.refresh(AbstractRefreshableWebApplicationContext.java:134)
        at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:246)
        at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:184)
        at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:49)
        at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3763)
        at org.apache.catalina.core.StandardContext.start(StandardContext.java:4211)
        at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:759)
        at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:739)
        at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:524)
        at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:809)
        at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:698)
        at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:472)
        at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1122)
        at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:310)
        at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1021)
        at org.apache.catalina.core.StandardHost.start(StandardHost.java:718)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1013)
        at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442)
        at org.apache.catalina.core.StandardService.start(StandardService.java:450)
        at org.apache.catalina.core.StandardServer.start(StandardServer.java:709)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:294)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

But if I remove custom-ntlm-authentication-context.xml CIFS works without any problem:

15:04:15,055 DEBUG [smb.protocol.auth] Added passthru server [sfha00n2.ceh.junta-andalucia.es:10.226.128.113:Offline:0,0]
15:04:15,056 INFO  [alfresco.smb.protocol] CIFS server started
15:04:15,056 INFO  [alfresco.smb.protocol] FTP server started
15:04:15,056 INFO  [alfresco.smb.protocol] NFS server NOT started
15:04:15,115 INFO  [alfresco.smb.protocol] SMB Server HSANTANDER_A starting
15:04:15,116 INFO  [alfresco.smb.protocol] GUID 1c281f5d-5353-38bb-bf70-81ff870cc442
15:04:15,117 INFO  [alfresco.smb.protocol] Using authenticator org.alfresco.filesys.server.auth.passthru.PassthruAuthenticator
15:04:15,117 INFO  [alfresco.smb.protocol] Server timezone Europe/Madrid, offset from UTC = -1hrs
15:04:15,117 INFO  [alfresco.smb.protocol] Shares:
15:04:15,120 INFO  [alfresco.smb.protocol]  [Alfresco,DISK,,[Alfresco,workspace://SpacesStore/80d7ac10-c89d-11db-a251-cd3801c4af7b]] [Alfresco,workspace://SpacesStore/80d7ac10-c89d-11db-a251-cd3801c4af7b]
‍‍‍‍‍‍‍‍‍‍‍

Why that weird behaviour?

Another problem arise when I set this on custom-ntlm-authentication-context.xml:

<property name="servers">
                <value>10.226.128.113</value>
        </property>
        <property name="domain">
                <value>TTTTHACIENDA_DO</value>
        </property>‍‍‍‍‍‍

Then the errors are:

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authenticationComponent' defined in file [/opt/alfresco-2.0.0-jaas/tomcat/shared/classes/alfresco/extension/custom-ntlm-authentication-context.xml]: Error setting property values; nested exception is org.springframework.beans.PropertyAccessExceptionsException: PropertyAccessExceptionsException (1 errors); nested propertyAccessExceptions are: [org.springframework.beans.MethodInvocationException: Property 'domain' threw exception; nested exception is org.alfresco.error.AlfrescoRuntimeException: Passthru server list already configured]
PropertyAccessExceptionsException (1 errors)
org.springframework.beans.MethodInvocationException: Property 'domain' threw exception; nested exception is org.alfresco.error.AlfrescoRuntimeException: Passthru server list already configured
org.alfresco.error.AlfrescoRuntimeException: Passthru server list already configured
        at org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl.setDomain(NTLMAuthenticationComponentImpl.java:277)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at org.springframework.beans.BeanWrapperImpl.setPropertyValue(BeanWrapperImpl.java:596)
        at org.springframework.beans.BeanWrapperImpl.setPropertyValue(BeanWrapperImpl.java:469)
        at org.springframework.beans.BeanWrapperImpl.setPropertyValue(BeanWrapperImpl.java:626)
        at org.springframework.beans.BeanWrapperImpl.setPropertyValues(BeanWrapperImpl.java:653)
        at org.springframework.beans.BeanWrapperImpl.setPropertyValues(BeanWrapperImpl.java:642)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1023)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:824)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:345)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:226)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:147)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:176)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:105)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1013)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:824)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:345)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:226)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:147)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:176)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:105)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1013)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:824)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:345)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:226)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:147)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:176)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:105)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1013)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:824)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:345)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:226)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:147)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:176)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:105)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:193)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:109)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1013)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:824)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:345)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:226)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:147)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:176)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:105)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1013)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:824)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:345)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:226)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:147)
        at org.springframework.aop.framework.ProxyFactoryBean.createAdvisorChain(ProxyFactoryBean.java:353)
        at org.springframework.aop.framework.ProxyFactoryBean.setBeanFactory(ProxyFactoryBean.java:216)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:358)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:226)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:147)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:176)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:105)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1013)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:824)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:345)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:226)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:147)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:176)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:105)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1013)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:824)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:345)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:226)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:147)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:176)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:105)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1013)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:824)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:345)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:226)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:147)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:176)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:105)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1013)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:824)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:345)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:226)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:147)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:176)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:105)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1013)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:824)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:345)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:226)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:147)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveReference(BeanDefinitionValueResolver.java:176)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:105)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveManagedList(BeanDefinitionValueResolver.java:193)
        at org.springframework.beans.factory.support.BeanDefinitionValueResolver.resolveValueIfNecessary(BeanDefinitionValueResolver.java:109)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyPropertyValues(AbstractAutowireCapableBeanFactory.java:1013)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:824)
        at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:345)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:226)
        at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:147)
        at org.springframework.beans.factory.support.DefaultListableBeanFactory.getBeansOfType(DefaultListableBeanFactory.java:203)
        at org.springframework.context.support.AbstractApplicationContext.getBeansOfType(AbstractApplicationContext.java:614)
        at org.springframework.context.support.AbstractApplicationContext.registerListeners(AbstractApplicationContext.java:496)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:317)
        at org.springframework.web.context.support.AbstractRefreshableWebApplicationContext.refresh(AbstractRefreshableWebApplicationContext.java:134)
        at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:246)
        at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:184)
        at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:49)
        at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3763)
        at org.apache.catalina.core.StandardContext.start(StandardContext.java:4211)
        at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:759)
        at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:739)
        at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:524)
        at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:809)
        at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:698)
        at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:472)
        at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1122)
        at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:310)
        at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1021)
        at org.apache.catalina.core.StandardHost.start(StandardHost.java:718)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1013)
        at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442)
        at org.apache.catalina.core.StandardService.start(StandardService.java:450)
        at org.apache.catalina.core.StandardServer.start(StandardServer.java:709)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:294)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Why that error? Where have been defined previously domain and server properties? The only references to passthru are on file-servers.xml which are not the NTLM configuration file.
Andy and other alfresco engineers, please, we have several post about problems related to NTLM and no solutions. Please help us.

Thanks

andy · ‎03-02-2007

Hi

If you are using NTLM then custom-file-servers.xml needs to use the "alfresco" authentication option or "enterprise" with Kerneros configured, not the passthru version. See the wiki.

The error


14:47:27,283 ERROR [alfresco.smb.protocol] (This may be due to firewall settings or incorrect <broadcast> setting)
14:47:27,298 ERROR [alfresco.smb.protocol] CIFS server configuration error, Wrong authentication setup for passthru authenticator (can only be used with LDAP/JAAS auth component)
org.alfresco.error.AlfrescoRuntimeException: Wrong authentication setup for passthru authenticator (can only be used with LDAP/JAAS auth component) 
‍‍‍‍‍

…is telling you the file servers authentication configuration does not match your authentication configuration.

The bean name change is correct rename authenticationComponentImpl to authenticationComponent.

Regards

Andy

martin_cowie · ‎03-02-2007

Thanks Andy, your 1st suggestion works a charm

I have fed this gotcha into the Wiki page on the subject.

Only downside is this exception at startup …


17:21:55,437 ERROR [smb.protocol.auth] No valid CIFS authentication combination available
17:21:55,437 ERROR [smb.protocol.auth] Either enable Kerberos support or use an authentication component that supports MD4 hashed passwords
17:21:55,447 ERROR [alfresco.smb.protocol] CIFS server configuration error, Invalid CIFS authenticator configuration
org.alfresco.error.AlfrescoRuntimeException: Invalid CIFS authenticator configuration
        at org.alfresco.filesys.server.auth.EnterpriseCifsAuthenticator.initialize(EnterpriseCifsAuthenticator.java:348)
        at org.alfresco.filesys.server.config.ServerConfiguration.setAuthenticator(ServerConfiguration.java:3310)
        at org.alfresco.filesys.server.config.ServerConfiguration.processSecurityConfig(ServerConfiguration.java:2310)
        at org.alfresco.filesys.server.config.ServerConfiguration.init(ServerConfiguration.java:634)
        at org.alfresco.filesys.server.config.ServerConfiguration.onBootstrap(ServerConfiguration.java:4007)
        at org.alfresco.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:62)
        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:45)
        at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:225)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:323)
        at org.springframework.web.context.support.AbstractRefreshableWebApplicationContext.refresh(AbstractRefreshableWebApplicationContext.java:134)
        at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:246)
        at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:184)
        at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:49)
        at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3763)
        at org.apache.catalina.core.StandardContext.start(StandardContext.java:4211)
        at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:759)
        at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:739)
        at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:524)
        at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:809)
        at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:698)
        at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:472)
        at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1122)
        at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:310)
        at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1021)
        at org.apache.catalina.core.StandardHost.start(StandardHost.java:718)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1013)
        at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442)
        at org.apache.catalina.core.StandardService.start(StandardService.java:450)
        at org.apache.catalina.core.StandardServer.start(StandardServer.java:709)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:294)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

… not that I'm planning on using CIFS, but it'd be ever so nice to have.

M.

hsantander · ‎03-05-2007

Hi

Andy, I made the changes and here is the result:

10:02:20,356 DEBUG [app.servlet.NTLMAuthenticationFilter] New NTLM auth request from 10.226.128.70 (10.226.128.70:3026)
10:02:20,450 DEBUG [app.servlet.NTLMAuthenticationFilter] Received type1 [Type1:0xa200b207,Domain:TTTTHACIENDA_DO,Wks:ESTEFANIA]
10:02:20,466 ERROR [[localhost].[/alfresco].[Faces Servlet]] Servlet.service() para servlet Faces Servlet lanzÃ³ excepciÃ³n
net.sf.acegisecurity.AuthenticationServiceException: Failed to open passthru auth session
        at org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl.authenticatePassthru(NTLMAuthenticationComponentImpl.java:764)
        at org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl.authenticate(NTLMAuthenticationComponentImpl.java:521)
        at org.alfresco.web.app.servlet.NTLMAuthenticationFilter.processType1(NTLMAuthenticationFilter.java:515)
        at org.alfresco.web.app.servlet.NTLMAuthenticationFilter.doFilter(NTLMAuthenticationFilter.java:393)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
        at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
        at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
        at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
        at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
        at java.lang.Thread.run(Thread.java:595)
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

and here is the bean definition I use:

    <bean id="authenticationComponent" class="org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl">
        <property name="useLocalServer">
            <value>true</value>
        </property>
        <property name="personService">
            <ref bean="personService" />
        </property>
        <property name="nodeService">
            <ref bean="nodeService" />
        </property>
        <property name="guestAccess">
            <value>false</value>
        </property>
<!–    <property name="servers">
                <value>10.226.128.113</value>
        </property>
        <property name="domain">
                <value>TTTTHACIENDA_DO</value>
        </property> –>
    </bean>
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

When I try Alfresco CIFS:

10:06:34,890 ERROR [alfresco.smb.protocol] Closing session due to exception
net.sf.acegisecurity.AuthenticationServiceException: Failed to open passthru auth session
        at org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl.authenticatePassthru(NTLMAuthenticationComponentImpl.java:764)
        at org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl.authenticate(NTLMAuthenticationComponentImpl.java:521)
        at org.alfresco.filesys.server.auth.AlfrescoAuthenticator.getAuthContext(AlfrescoAuthenticator.java:231)
        at org.alfresco.filesys.server.auth.CifsAuthenticator.generateNegotiateResponse(CifsAuthenticator.java:342)
        at org.alfresco.filesys.smb.server.SMBSrvSession.procSMBNegotiate(SMBSrvSession.java:1233)
        at org.alfresco.filesys.smb.server.SMBSrvSession.run(SMBSrvSession.java:1336)
        at java.lang.Thread.run(Thread.java:595)
‍‍‍‍‍‍‍‍‍‍

I think the problem is that ALfresco didn't know where to authenticate. When I start Alfresco I got some debug messages indicating that the passthru server is the same server where Alfresco is installed:

10:12:32,329 DEBUG [smb.protocol.auth] Added passthru server [hsantander.ceh.junta-andalucia.es:10.226.138.237:Offline:0,0]
10:12:32,410 DEBUG [smb.protocol.auth] New auth session from hsantander.ceh.junta-andalucia.es_1 to \\10.226.138.237\IPC$\
10:12:34,494 DEBUG [smb.protocol.auth] Passthru offline check failed for hsantander.ceh.junta-andalucia.es
‍‍‍‍

That's not correct, but where can I defined?

Thanks

hsantander · ‎03-05-2007

Please Andy and other people, here you have the configuration files and I'll be very glad if any of you could help to solve the NTLM authentication problem:
custom-ntlm-authentication-context.xml

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>

<beans>

    <bean id="authenticationDao" class="org.alfresco.repo.security.authentication.ntlm.NullMutableAuthenticationDao" />

    <!– The authentication component.                                      –>

    <!– Use the passthru authentication component to authenticate using    –>
    <!– user accounts on one or more Windows servers.                      –>

    <!– Properties that specify the server(s) to use for passthru          –>
    <!– authentication :-                                                  –>
    <!–   useLocalServer   use the local server for authentication         –>
    <!–   domain           use domain controllers from the specified domain–>
    <!–   servers          comma delimted list of server addresses or      –>
    <!–                    names                                           –>

<!–    <bean id="authenticationComponentImpl" class="org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl"> –>
    <bean id="authenticationComponent" class="org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl">
        <property name="useLocalServer">
            <value>true</value>
        </property>
        <property name="personService">
            <ref bean="personService" />
        </property>
        <property name="nodeService">
            <ref bean="nodeService" />
        </property>
        <property name="guestAccess">
            <value>false</value>
        </property>

    </bean>

</beans>
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

file-servers.xml

<alfresco-config area="file-servers">

   <config evaluator="string-compare" condition="CIFS Server">
          <serverEnable enabled="true"/>
      <host name="${localname}_A"/>
      <comment>Alfresco CIFS Server</comment>

      <!– Set to the broadcast mask for the subnet –>
      <broadcast>255.255.255.255</broadcast>

      <!– Use Java socket based NetBIOS over TCP/IP and native SMB on linux –>
      <tcpipSMB platforms="linux,solaris,macosx"/>
      <netBIOSSMB platforms="linux,solaris,macosx"/>

           <!– Can be mapped to non-privileged ports, then use firewall rules to forward
                    requests from the standard ports –>
          <!–
      <tcpipSMB port="1445" platforms="linux,solaris,macosx"/>
      <netBIOSSMB sessionPort="1139" namePort="1137" datagramPort="1138" platforms="linux,solaris,macosx"/>
          –>

      <hostAnnounce interval="5"/>

      <!– Use Win32 NetBIOS interface on Windows –>
      <Win32NetBIOS/>
      <Win32Announce interval="5"/>

<!–
      <WINS>
         <primary>1.2.3.4</primary>
         <secondary>5.6.7.8</secondary>
      </WINS>
–>
      <sessionDebug flags="Negotiate,Socket"/>
   </config>

   <config evaluator="string-compare" condition="FTP Server">
          <serverEnable enabled="false"/>
<!–      <debug flags="File,Search,Error,Directory,Info,DataPort"/> –>
   </config>

   <config evaluator="string-compare" condition="NFS Server">
          <serverEnable enabled="false"/>
   </config>

   <config evaluator="string-compare" condition="Filesystems">
          <filesystems>

                 <!– Alfresco repository access shared filesystem –>
         <filesystem name="Alfresco">
            <store>workspace://SpacesStore</store>
            <rootPath>/app:company_home</rootPath>

                        <!– Add a URL file to each folder that links back to the web client –>
                        <urlFile>
               <filename>__AlfrescoClient.url</filename>
               <webpath>http://${localname}:8080/alfresco/</webpath>
            </urlFile>

                        <!– Mark locked files as offline –>
                    <offlineFiles/>

                        <!– Desktop actions –>
                        <!– Uses a client-side application to trigger a server-side action                         –>
                        <!–   Echo - displays a message echoed from the server                                     –>
                        <!–   URL  - launches a URL via the Windows shell                                          –>
                        <!–   CmdLine - launches the Notepad application                                           –>
                        <!–   CheckInOut - checks files in/out, drag and drop files onto the application           –>
                        <!–   JavaScript - run a server-side script                                                –>
                        <!–   JavaScriptURL - server-side script that generates a URL to the folder using a ticket –>
                        <!–                   to avoid having to logon                                             –>
         </filesystem>

                 <!– AVM virtualization view of all stores/versions for WCM –>
         <avmfilesystem name="AVM">
            <virtualView/>
         </avmfilesystem>

      </filesystems>
   </config>
   <config evaluator="string-compare" condition="Filesystem Security">
        <authenticator type="alfresco">
        </authenticator>
   </config>

</alfresco-config>
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

custom-file-servers.xml

<alfresco-config area="file-servers">

   <!– To override the default Alfresco filesystem use replace="true", to –>
   <!– add additional filesystems remove the replace="true" attribute     –>

   <config evaluator="string-compare" condition="CIFS Server" replace="true">
      <host name="${localname}_A"/>
      <comment>Alfresco CIFS Server</comment>

      <!– Set to the broadcast mask for the subnet –>
      <broadcast>255.255.255.255</broadcast>

      <!– Use Java socket based NetBIOS over TCP/IP and native SMB on linux –>
      <tcpipSMB platforms="linux,solaris,macosx"/>
      <netBIOSSMB platforms="linux,solaris,macosx"/>
      <hostAnnounce interval="5"/>

      <!– Use Win32 NetBIOS interface on Windows –>
      <Win32NetBIOS/>
      <Win32Announce interval="5"/>

      <WINS>
         <primary>10.226.128.46</primary>
      </WINS>

      <sessionDebug flags="Negotiate,Socket"/>
   </config>

   <config evaluator="string-compare" condition="Filesystems">
        <authenticator type="alfresco">
        </authenticator>

      <filesystems>
         <filesystem name="Alfresco">
            <store>workspace://SpacesStore</store>
            <rootPath>/app:company_home</rootPath>

            <!– Add a URL file to each folder that links back to the web client –>
            <urlFile>
               <filename>__AlfrescoClient.url</filename>
               <webpath>http://${localname}:8080/alfresco/</webpath>
            </urlFile>

            <!– Mark locked files as offline –>
            <offlineFiles/>
         </filesystem>

        <!– AVM virtualization view of all stores/versions for WCM –>
        <avmfilesystem name="AVM">
                <virtualView/>
        </avmfilesystem>

      </filesystems>
   </config>
   <config evaluator="string-compare" condition="Filesystem Security" replace="true">
        <authenticator type="alfresco">
        </authenticator>
   </config>
</alfresco-config>

‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

And this is the log sequence:

CompilerOracle: exclude org/apache/lucene/index/IndexReader$1 doBody
CompilerOracle: exclude org/alfresco/repo/search/impl/lucene/index/IndexInfo$Merger mergeIndexes
CompilerOracle: exclude org/alfresco/repo/search/impl/lucene/index/IndexInfo$Merger mergeDeletions
05-mar-2007 11:49:12 org.apache.catalina.core.AprLifecycleListener lifecycleEvent
INFO: The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /usr/local/jdk1.5.0_05/jre/lib/i386/server:/usr/local/jdk1.5.0_05/jre/lib/i386:/usr/local/jdk1.5.0_05/jre/../lib/i386
05-mar-2007 11:49:12 org.apache.coyote.http11.Http11BaseProtocol init
INFO: Inicializando Coyote HTTP/1.1 en puerto http-8080
05-mar-2007 11:49:12 org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 4076 ms
05-mar-2007 11:49:13 org.apache.catalina.core.StandardService start
INFO: Arrancando servicio Catalina
05-mar-2007 11:49:13 org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/5.5.20
05-mar-2007 11:49:13 org.apache.catalina.core.StandardHost start
INFO: Desactivada la validaciÃ³n XML
05-mar-2007 11:49:20 org.apache.catalina.startup.HostConfig deployWAR
INFO: Despliegue del archivo alfresco.war de la aplicaciÃ³n web
11:50:28,333 DEBUG [smb.protocol.auth] Added passthru server [hsantander.ceh.junta-andalucia.es:10.226.138.237:Offline:0,0]
11:50:28,432 DEBUG [smb.protocol.auth] New auth session from hsantander.ceh.junta-andalucia.es_1 to \\10.226.138.237\IPC$\
11:50:30,681 DEBUG [smb.protocol.auth] Passthru offline check failed for hsantander.ceh.junta-andalucia.es
11:50:33,576 WARN  [remoting.rmi.RmiRegistryFactoryBean] Could not detect RMI registry - creating new one
11:50:40,337 INFO  [scheduling.quartz.SchedulerFactoryBean] Starting Quartz scheduler now
11:50:40,926 WARN  [alfresco.util.OpenOfficeConnectionTester] A connection to OpenOffice could not be established.
11:50:43,858 WARN  [authentication.ldap.LDAPInitialDirContextFactoryImpl] LDAP server supports anonymous bind ldap://10.226.128.114:389
11:50:43,867 INFO  [authentication.ldap.LDAPInitialDirContextFactoryImpl] LDAP server does not fall back to anonymous bind for a string uid and password at ldap://10.226.128.114:389
11:50:43,876 INFO  [authentication.ldap.LDAPInitialDirContextFactoryImpl] LDAP server does not fall back to anonymous bind for a simple dn and password at ldap://10.226.128.114:389
11:50:43,927 INFO  [authentication.ldap.LDAPInitialDirContextFactoryImpl] LDAP server does not fall back to anonymous bind for known principal and invalid credentials at ldap://10.226.128.114:389
11:50:52,559 WARN  [repo.admin.ConfigurationChecker] The Alfresco 'dir.root' property is set to a relative path './alf_data'.  'dir.root' should be overridden to point to a specific folder.
11:50:52,560 INFO  [repo.admin.ConfigurationChecker] The Alfresco root data directory ('dir.root') is: ./alf_data
11:50:55,910 INFO  [admin.patch.PatchExecuter] Comprobando si hay parches para aplicar …
11:50:55,960 INFO  [admin.patch.PatchExecuter] No se requieren patches.No patches were required.
11:50:55,967 INFO  [repo.module.ModuleServiceImpl] Found 0 module(s).
11:50:56,549 ERROR [alfresco.smb.protocol] Failed to get local domain/workgroup name, using default of WORKGROUP
11:50:56,549 ERROR [alfresco.smb.protocol] (This may be due to firewall settings or incorrect <broadcast> setting)
11:50:56,579 INFO  [alfresco.smb.protocol] CIFS server started
11:50:56,579 INFO  [alfresco.smb.protocol] FTP server NOT started
11:50:56,580 INFO  [alfresco.smb.protocol] NFS server NOT started
11:50:56,680 INFO  [service.descriptor.DescriptorService] Alfresco JVM - v1.5.0_05-b05; maximum heap size 506,313MB
11:50:56,682 INFO  [service.descriptor.DescriptorService] Alfresco started (Community Network): Current version 2.0.0 (build-185) schema 38 - Installed version 2.0.0 (build-185) schema 38
11:50:57,149 INFO  [alfresco.smb.protocol] SMB Server HSANTANDER_A starting
11:50:57,149 INFO  [alfresco.smb.protocol] GUID 1c281f5d-5353-38bb-bf70-81ff870cc442
11:50:57,150 INFO  [alfresco.smb.protocol] Using authenticator org.alfresco.filesys.server.auth.AlfrescoAuthenticator
11:50:57,150 INFO  [alfresco.smb.protocol] Server timezone Europe/Madrid, offset from UTC = -1hrs
11:50:57,150 INFO  [alfresco.smb.protocol] Shares:
11:50:57,163 INFO  [alfresco.smb.protocol]  [Alfresco,DISK,,[Alfresco,workspace://SpacesStore/80d7ac10-c89d-11db-a251-cd3801c4af7b]] [Alfresco,workspace://SpacesStore/80d7ac10-c89d-11db-a251-cd3801c4af7b]
11:50:57,164 INFO  [alfresco.smb.protocol]  [AVM,DISK,,[AVM,VirtualView]] [AVM,VirtualView]
11:50:57,255 INFO  [alfresco.smb.protocol] Add Share [IPC$,IPC$,,Admin,Hidden] : true
05-mar-2007 11:51:04 org.apache.coyote.http11.Http11BaseProtocol start
INFO: Arrancando Coyote HTTP/1.1 en puerto http-8080
05-mar-2007 11:51:05 org.apache.jk.common.ChannelSocket init
INFO: JK: ajp13 listening on /0.0.0.0:8009
05-mar-2007 11:51:08 org.apache.jk.server.JkMain start
INFO: Jk running ID=0 time=0/2687  config=null
05-mar-2007 11:51:08 org.apache.catalina.storeconfig.StoreLoader load
INFO: Find registry server-registry.xml at classpath resource
05-mar-2007 11:51:08 org.apache.catalina.startup.Catalina start
INFO: Server startup in 115778 ms
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Seems everything is OK, but my Active Directory server is not hsantander.ceh.junta-andalucia.es it's another host. That's the origin of the offline server debug message:

11:50:28,333 DEBUG [smb.protocol.auth] Added passthru server [hsantander.ceh.junta-andalucia.es:10.226.138.237:Offline:0,0]
11:50:28,432 DEBUG [smb.protocol.auth] New auth session from hsantander.ceh.junta-andalucia.es_1 to \\10.226.138.237\IPC$\
11:50:30,681 DEBUG [smb.protocol.auth] Passthru offline check failed for hsantander.ceh.junta-andalucia.es
‍‍‍‍

When I log using CIFS I got a lot of errors like in the previous post. I think because has not set the authentication server. But I can't set the server in custom-ntlm-authentication-context.xml because generate errors.

org.springframework.beans.MethodInvocationException: Property 'servers' threw exception; nested exception is org.alfresco.error.AlfrescoRuntimeException: Passthru server list already configured
org.alfresco.error.AlfrescoRuntimeException: Passthru server list already configured
‍‍‍

Where can I set it?

Thanks

andy · ‎03-05-2007

Hi

Not really the expert on the detail of the NTLM stuff … but I know folk have got this up and running.

It is possible that setting the domain name means the server(s) could be found be broadcast (so you do not need to set the servers - unless the broadcast fails). See http://wiki.alfresco.com/wiki/Configuring_NTLM#NTLM_Passthru_Properties.
Alternatively I think I have just specified the servers list and not the domain.

Regards

Andy

hsantander · ‎03-05-2007

Thanks Andy for your quick response.
I've already been working on this point. Now my custom-ntlm-authentication-context looks like this:


<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>

<beans>

    <bean id="authenticationDao" class="org.alfresco.repo.security.authentication.ntlm.NullMutableAuthenticationDao" />

    <!– The authentication component.                                      –>

    <!– Use the passthru authentication component to authenticate using    –>
    <!– user accounts on one or more Windows servers.                      –>

    <!– Properties that specify the server(s) to use for passthru          –>
    <!– authentication :-                                                  –>
    <!–   useLocalServer   use the local server for authentication         –>
    <!–   domain           use domain controllers from the specified domain–>
    <!–   servers          comma delimted list of server addresses or      –>
    <!–                    names                                           –>

<!–    <bean id="authenticationComponentImpl" class="org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl"> –>
    <bean id="authenticationComponent" class="org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl">
        <property name="personService">
            <ref bean="personService" />
        </property>
        <property name="nodeService">
            <ref bean="nodeService" />
        </property>
        <property name="guestAccess">
            <value>false</value>
        </property>
        <property name="servers">
                <value>10.226.128.114</value>
        </property>
    </bean>

</beans>
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

I have removed the reference to domain in this file.

The configuration at file-servers.xml remain the same with:


   <config evaluator="string-compare" condition="Filesystem Security">
      <authenticator type="alfresco">
      </authenticator>
‍‍‍‍‍

Same for custom-file-servers.xml.

With this configuration the CIFS works without problem and the web client authentication using NTLM trows a different error:


17:25:00,885 DEBUG [app.servlet.NTLMAuthenticationFilter] New NTLM auth request from 10.226.128.70 (10.226.128.70:1877)
17:25:00,893 DEBUG [app.servlet.NTLMAuthenticationFilter] Received type1 [Type1:0xa200b207,Domain:TTTTHACIENDA_DO,Wks:ESTEFANIA]
17:25:00,899 DEBUG [smb.protocol.auth] Open authenticate session to [sfhaclu.ceh.junta-andalucia.es:10.226.128.114:Online:4,Mon Mar 05 17:12:40 CET 2007]
17:25:00,900 DEBUG [smb.protocol.auth] New auth session from hsantander.ceh.junta-andalucia.es_6 to \\10.226.128.114\IPC$\
17:25:00,903 DEBUG [smb.protocol.auth] Trying address 10.226.128.114
17:25:00,911 DEBUG [smb.protocol.auth] Connected to address 10.226.128.114
17:25:00,911 DEBUG [smb.protocol.auth] Connected session, protocol : TCP/IP NetBIOS
17:25:00,913 DEBUG [smb.protocol.auth] SessionFactory: Negotiated SMB dialect NT LM 0.12
17:25:00,919 DEBUG [app.servlet.NTLMAuthenticationFilter] Sending NTLM type2 to client - [Type2:0x80000203,Target:HSANTANDER_A,Ch:32260ad2fb9fbd5f]
17:25:00,927 DEBUG [app.servlet.NTLMAuthenticationFilter] Received type3 [Type3:,LM:28930ae964fe8aa1c3b0cef0cf15b3b07a46d140e9b8afd6,NTLM:e2155c09733ab0064aaaa0200a9e636b6c241f4f7f320e70,Dom:TTTTHACIENDA_DO,User:HSANTANDER,Wks:ESTEFANIA]
17:25:00,937 ERROR [[localhost].[/alfresco].[Faces Servlet]] Servlet.service() para servlet Faces Servlet lanzÃ³ excepciÃ³n
org.alfresco.error.AlfrescoRuntimeException: Transaction must be active and synchronization is required
        at org.alfresco.repo.transaction.AlfrescoTransactionSupport.registerSynchronizations(AlfrescoTransactionSupport.java:371)
        at org.alfresco.repo.transaction.AlfrescoTransactionSupport.getSynchronization(AlfrescoTransactionSupport.java:356)
        at org.alfresco.repo.transaction.AlfrescoTransactionSupport.bindDaoService(AlfrescoTransactionSupport.java:210)
        at org.alfresco.repo.transaction.TransactionalDaoInterceptor.invoke(TransactionalDaoInterceptor.java:66)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:176)
        at $Proxy1.getNode(Unknown Source)
        at org.alfresco.repo.node.db.DbNodeServiceImpl.exists(DbNodeServiceImpl.java:160)
        at sun.reflect.GeneratedMethodAccessor138.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at org.alfresco.repo.service.StoreRedirectorProxyFactory$RedirectorInvocationHandler.invoke(StoreRedirectorProxyFactory.java:221)
        at $Proxy2.exists(Unknown Source)
        at sun.reflect.GeneratedMethodAccessor138.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:335)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:181)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:148)
        at org.alfresco.repo.node.MLPropertyInterceptor.invoke(MLPropertyInterceptor.java:227)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:176)
        at $Proxy3.exists(Unknown Source)
        at org.alfresco.repo.security.person.PersonServiceImpl.getPersonOrNull(PersonServiceImpl.java:202)
        at org.alfresco.repo.security.person.PersonServiceImpl.getPerson(PersonServiceImpl.java:155)
        at org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl.authenticatePassthru(NTLMAuthenticationComponentImpl.java:840)
        at org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl.authenticate(NTLMAuthenticationComponentImpl.java:521)
        at org.alfresco.web.app.servlet.NTLMAuthenticationFilter.processType3(NTLMAuthenticationFilter.java:727)
        at org.alfresco.web.app.servlet.NTLMAuthenticationFilter.doFilter(NTLMAuthenticationFilter.java:400)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
        at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
        at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
        at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
        at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
        at java.lang.Thread.run(Thread.java:595)
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

I remember a similar error, maybe with the Alfresco 2.0preview. Maybe another bug?

Thanks

hsantander · ‎03-05-2007

Well history repeated … we talk about this error on the Alfresco 2.0preview. You said this is a bug on post http://forums.alfresco.com/viewtopic.php?t=5125&start=15.

PostPosted: Thu Feb 22, 2007 3:38 pm Post subject: Reply with quote
Hi

Apologies, that is indeed a bug, which is fixed in the 2.0 release.
A bit of tunnel vision there. See http://issues.alfresco.com/browse/AR-1263

Regards

Andy
_________________
Andy Hind
Alfresco Development

Is this bug still on Alfresco 2.0 release?

Thanks

Hyland Connect

NTLM not working in AlFresco v2.0