Hyland Connect

burner · ‎02-08-2007

Hi

i bought the Alfresco book and hoped, that this helps me with NTLM Passthru but it isnt really explained there how to configure.

In the wiki i read about the ntlm.

Do i have to uncommet the lines in the web.xml when i want to have NTLM passthru?
And then i have to rename the ntlm…sample into ntlm…xml.
I wrote the bean how explained

<beans>

    <bean id="authenticationDao" class="org.alfresco.repo.security.authentication.ntlm.NullMutableAuthenticationDao" />

    <!– The authentication component.                                      –>

    <!– Use the passthru authentication component to authenticate using    –>
    <!– user accounts on one or more Windows servers.                      –>

    <!– Properties that specify the server(s) to use for passthru          –>
    <!– authentication :-                                                  –>
    <!–   useLocalServer   use the local server for authentication         –>
    <!–   domain           use domain controllers from the specified domain–>
    <!–   servers          comma delimted list of server addresses or      –>
    <!–                    names                                           –>

    <bean id="authenticationComponentImpl" class="org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl">
        <property name="domain">
            <value>xxxxxx</value>
        </property>
        <property name="servers">
            <value>xxxxxxx</value>
        </property>

        <property name="useLocalServer">
            <value>false</value>
        </property>
        <property name="personService">
            <ref bean="personService" />
        </property>
        <property name="nodeService">
            <ref bean="nodeService" />
        </property>
        <property name="guestAccess">
            <value>false</value>
        </property>

    </bean>

</beans>

But i aint wotking i got errors of not able bein to create the bean and so on!I use Alfresco 1.4 on a Windows2003 Server.

And by the way waht is the differnce when i use NTLM Passthru and LDAP integration, i mean in both cases i have to connect to the DOmaincontrollers or?

CAn anyone help me please?

ejml · ‎02-22-2007

Comment this line:


<!–
<property name="useLocalServer">
<value>false</value>
</property> 
–>
‍‍‍‍‍‍‍

Greetings

burner · ‎02-22-2007

I tried that but i get this ERROR MEssage:

INFO: Server startup in 40423 ms
22.02.2007 14:55:08 org.apache.catalina.loader.WebappClassLoader loadClass
INFO: Illegal access: this web application instance has been stopped already. Could not load java.io.FileDescriptor. The eventual following stack trace is caused by an error thrown for debugging purposes as well as to attempt to terminate the thread which caused the illegal access, and has no functional impact.

What am i supposed to do!
I commented that line.

ejml · ‎02-22-2007

What alfresco's version you use ?

burner · ‎02-22-2007

Oh hi! I use 1.4!

ejml · ‎02-22-2007

comment the domain:


<bean id="authenticationComponentImpl" class="org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl">
        <!–
        <property name="domain">
            <value>domain</value>
        </property>
        –>
        <property name="servers">
            <value>xxx.xxx.xxx.xxx,xxx.xxx.xxx.xxx</value>
        </property>
        <!–
        <property name="useLocalServer">
            <value>true</value>
        </property>
        –>
        <property name="personService">
            <ref bean="personService" />
        </property>
        <property name="nodeService">
            <ref bean="nodeService" />
        </property>
        <property name="guestAccess">
            <value>false</value>
        </property>
    </bean>
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

You must create the file file-servers-custom.xml with the next content:


<config evaluator="string-compare" condition="Filesystem Security" replace="true"> 
       <authenticator type="passthru"> 
          <Server>xxx.xxx.xxx.xxx</Server> 
       </authenticator> 
   </config>
   
   <config evaluator="string-compare" condition="Filesystems" replace="true">

      <filesystems>
      
          <!– Default share –>
         <filesystem name="Alfresco">
   
            <store>workspace://SpacesStore</store>
            <rootPath>/app:company_home</rootPath>
   
            <!– Enable Web client launch shortcut in all folders –>
            <urlFile>
   
               <!– Change the filename as required, keeping the .url extension –>
               <filename>_Alfresco.url</filename>
   
               <!– Change 'localhost' to the name or IP of the Alfresco server –>
               <webpath>http://localhost:8080/alfresco/</webpath>
   
            </urlFile>
   
         </filesystem>
      </filesystems>
      
   </config>

   <!– Allow guest access to file systems –>
   <config evaluator="string-compare" condition="Filesystem Security">

      <authenticator type="alfresco">
         <allowGuest/>
         <!– Map any unknown user to guest –>
         <!–
         <mapUnknownUserToGuest/>
         –>
      </authenticator>

   </config>

</alfresco-config>
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

burner · ‎02-22-2007

Hi thanx for the reply but in my extension folder i have two file-server-custom.xml.

One is with xml at the and and the other is with sample, so i guess i take the first one.
But what about the domain?when i comment the servers and the domain like you got it and add the servers into the file-custom….
there is no information about the Domain.

And why isnt it explained like that on the wiki?

Well but thank you that youre helping me:-)

ejml · ‎02-22-2007

I followed the wiki's instruction and it doesn't work.

On file-servers-custom.xml you say what server is the DC for passthru, I don't have the domain information and my configuratoin work fine.

Greetings.

burner · ‎02-23-2007

Hi i tried what you told me. I changed the file-server-custom.xml and i adjust the web.xml.But i still got this error:

net.sf.acegisecurity.AuthenticationServiceException: Failed to open passthru auth session

Details verbergen

net.sf.acegisecurity.AuthenticationServiceException: Failed to open passthru auth session
at org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl.authenticatePassthru(NTLMAuthenticationComponentImpl.java:757)
at org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl.authenticate(NTLMAuthenticationComponentImpl.java:514)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:335)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:181)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:148)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:176)
at $Proxy16.authenticate(Unknown Source)
at org.alfresco.web.app.servlet.NTLMAuthenticationFilter.processType1(NTLMAuthenticationFilter.java:507)
at org.alfresco.web.app.servlet.NTLMAuthenticationFilter.doFilter(NTLMAuthenticationFilter.java:385)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868)
at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:663)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)

ejml · ‎02-23-2007

Have you enable NTLMAuthentication in web.xml?
Have you a proxy or firewal between Alfresco Server and Domain Controller?