Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Using LDAP with Nuxeo

Yohann2012_
Champ in-the-making
Champ in-the-making

‎07-20-2012 01:18 PM

How many files does I have to create in order to allow users to connect to Nuxeo with LDAP login/pwd ?

I follow the documentation here http://doc.nuxeo.com/display/ADMINDOC/Using+a+LDAP+directory .

I am using the Ubuntu VM Nuxeo/tomcat 5.5.

So I created a file called default-ldap-users-directory-config.xml in /var/lib/nuxeo/server/nxserver/config with my LDAP information and reboot the server.

During the server startup, there is no error nor success message in the server.log saying that the mapping LDAP is OK or that the XML as been found or anything (...).

And when I try to login I got the following error :

2012-07-20 14:08:05,895 INFO  [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Login failed for yohann
2012-07-20 14:46:21,308 ERROR [org.nuxeo.ecm.directory.ldap.LDAPDirectory] javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1ateIdentity(NuxeoLoginModule.java:299)
at org.nuxeo.ecm.platform.login.NuxeoLoginModule.validateUserIdentity(NuxeoLoginModule.java:359)
at org.nuxeo.ecm.platform.login.NuxeoLoginModule.getPrincipal(NuxeoLoginModule.java:209)
at org.nuxeo.ecm.platform.login.NuxeoLoginModule.login(NuxeoLoginModule.java:262)
at org.nuxeo.runtime.api.LoginModuleWrapper.login(LoginModuleWrapper.java:77)
at sun.reflect.GeneratedMethodAccessor100.invoke(Unknown Source)
...
Caused by: org.nuxeo.ecm.core.api.WrappedException: Exception: javax.naming.AuthenticationException. message: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1rnCode(LdapCtx.java:2780)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2694)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:306)
...

I do not know where is the problem, if nuxeo succesfully access the LDAP but didn't find my name OR if nuxeo failed to connect to the LDAP ...

I spend the entire day trying different settings in the xml i created, searching through the few documentation available (apparently for nuxeo/jboss, it needs more than one xml (http://community.nuxeo.com/5.3/books/nuxeo-book/html/admin-ldap-configuration.html) maybe it is the same on tomcat for the 5.5 ? ).

Thank you for your help.

0 Kudos
4 REPLIES 4

Not applicable

‎07-21-2012 10:46 AM

The "data 52e" means "invalid credentials", ie incorrect username or password.

0 Kudos

Yohann2012_
Champ in-the-making
Champ in-the-making

‎07-30-2012 06:01 AM

This information is not really helpfull because as I said

0 Kudos

delphine_
Star Contributor
Star Contributor

‎07-30-2012 10:47 AM

Hello, I'm not an expert Nuxeo but I try help you because I had the same problem some days ago. I want connection with LDAP and Nuxeo base.
/> Here the files I create in nuxeo/templates/common/config :
/>

  • default-sql-directories-bundle.xml : define your sqlUserDirectory and your sqlGroupDirectory
    />
  • default-ldap-users-directory-bundle.xml : define your ldapUserDirectory
    />
  • default-ldap-groups-directory-bundle.xml : define your ldapGroupDirectory
    />
  • default-multi-users-directory-bundle.xml : define your userDirectory and groupDirectory with sqlUserDirectory+ldapUserDirectory and sqlGroupDirectory+ldapGroupDirectory
    /> I try to create virtual group but it doesn't work. So if someone has a solution ...
    /> Last question : what is the difference Group and Virtual Group ? Thanks for help !
    />

ps: sorry for my bad english ...

0 Kudos

Julien_Carsique
Elite Collaborator
Elite Collaborator

‎09-10-2012 11:07 AM

Look at the Debug information chapter on the page you linked: activating the DEBUG logs will allow you to follow in details what is done and which step fails (connection, name search, ...).

0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC