Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

NTLM configuration problem with WCM2.0preview

lgr
Champ in-the-making
Champ in-the-making

‎02-06-2007 08:07 AM

Hi,

With the old versions of Alfresco, adding these lines in shared/file-servers-custom.xml worked.
   
   <config evaluator="string-compare" condition="Filesystem Security" replace="true">
       <authenticator type="passthru">
          <Server>192.168.0.1</Server>
       </authenticator>
   </config>

Since v2.0 preview, i've got an error under windows 2k3 FR: 
14:03:52,828 ERROR [alfresco.smb.protocol] CIFS server configuration error, Wrong authentication setup for passthru authenticator (can only be used with LDAP/JAAS auth component)
org.alfresco.error.AlfrescoRuntimeException: Wrong authentication setup for passthru authenticator (can only be used with LDAP/JAAS auth component)
        at org.alfresco.filesys.server.config.ServerConfiguration.processSecurit
yConfig(ServerConfiguration.java:2247)
        at org.alfresco.filesys.server.config.ServerConfiguration.init(ServerCon
figuration.java:626)
        at org.alfresco.filesys.server.config.ServerConfiguration.onBootstrap(Se
rverConfiguration.java:3985)

I haven't found any change documented since v1.4 in the forum, documentation (wiki), nor the jira issues.

Is there a bug or something i did not notice ?

Laurent.
Labels:
0 Kudos
37 REPLIES 37

hsantander
Champ in-the-making
Champ in-the-making

‎02-16-2007 08:16 AM

Hello again:
There is a wiki reference to this problem: http://wiki.alfresco.com/wiki/Upgrading_to_2.0
I tried to download the sample configuration files but I don't know where can I find it? The prevew available has the same date (19 January 2007) so it's supposed to have the same sample configuration files.
Maybe the new sample files could help me to solve my problem, but where can I find it?

Thanks
0 Kudos

andy
Champ on-the-rise
Champ on-the-rise

‎02-16-2007 11:40 AM

Hi

1) re-name any bean called authenticationComponentImpl to authenticationComponent.

2) Auto creation of people when you log in via CIFS/FTP and WebDav is not working at the moment - this is the issue in the stack trace.

See http://issues.alfresco.com/browse/AR-1245

When the user does exist - via LDAP import or from log in via the client - all should be well.

Regards

Andy
0 Kudos

hsantander
Champ in-the-making
Champ in-the-making

‎02-19-2007 07:13 AM

Hi Andy
I already make this changes and my users are created via ldap sync, but I got the error I posted a few post before.

org.alfresco.error.AlfrescoRuntimeException: Transaction must be active and synchronization is required

It's not working even if I make the changes you comment in the files at the extension directory and in the webapp/alfresco/WEB-INF/classes/alfresco/*

What else can I do or configure?

Thanks
0 Kudos

andy
Champ on-the-rise
Champ on-the-rise

‎02-20-2007 02:19 PM

Hi

Wait for the user to be imported.

Set auto creation of people false (personServiceImpl bean in authentication-services-context.xml). Then you will have to wait!

Regards

Andy
0 Kudos

hsantander
Champ in-the-making
Champ in-the-making

‎02-21-2007 06:18 AM

Hi Andy:
Thanks for your post.
Sorry, but I already have the automatic user creation set to false from the beginning and wait until the user import before trying the log in.
Here is my definition of personService bean in the custom-authentication-services-context.xml:

    <bean id="personService" class="org.alfresco.repo.security.person.PersonServiceImpl">
                <property name="nodeService">
                    <ref bean="nodeService" />
                </property>
                <property name="searchService">
                    <ref bean="searchService" />
                </property>
                <property name="permissionServiceSPI">
                        <ref bean="permissionServiceImpl" />
                </property>
        <property name="authorityService">
           <ref bean="authorityService" />
        </property>
                <property name="namespacePrefixResolver">
                        <ref bean="namespaceService" />
                </property>
        <!– Configurable properties.                                 –>
        <!–                                                          –>
        <!– TODO:                                                    –>
        <!– Add support for creating real home spaces adn setting    –>
        <!– permissions on the hame space and people created.        –>
        <!–                                                          –>
        <!– The store in which people are persisted.                 –>
        <property name="storeUrl">
           <value>${spaces.store}</value>
        </property>
        <!– Some authentication mechanisms may need to create people –>
        <!– in the repository on demand. This enables that feature.  –>
        <!– If dsiabled an error will be generated for missing       –>
        <!– people. If enabled then a person will be created and     –>
        <!– persisted.                                               –>
        <!– Valid values are                                         –>
        <!–     ${server.transaction.allow-writes}                   –>
        <!–     false                                                –>
        <property name="createMissingPeople">
                <value>false</value>
        </property>
                <property name="userNamesAreCaseSensitive">
          <value>${user.name.caseSensitive}</value>
        </property>
        <!– New properties after 1.4.0 to deal with duplicate user ids when found –>
        <property name="processDuplicates">
            <value>true</value>
        </property>
        <!– one of:  LEAVE, SPLIT, DELETE –>
        <property name="duplicateMode">
            <value>SPLIT</value>
        </property>
        <property name="lastIsBest">
            <value>true</value>
        </property>
        <property name="includeAutoCreated">
            <value>false</value>
        </property>
    </bean>


I think the definition of this bean is correct, even when I have the problem with the users imported, I never configured the automatic user creation because I want all the Alfresco users been imported.
Anyway, I delete the entire repository and database and start Alfresco again. Same results and NTLM authentication not working. Well, thats not a surprise to me.

Thanks
0 Kudos

andy
Champ on-the-rise
Champ on-the-rise

‎02-22-2007 10:38 AM

Hi

Apologies, that is indeed a bug, which is fixed in the 2.0 release.
A bit of tunnel vision there. See http://issues.alfresco.com/browse/AR-1263

Regards

Andy
0 Kudos

hsantander
Champ in-the-making
Champ in-the-making

‎02-22-2007 10:53 AM

Hi Andy.

Thanks for your quick reply. I suppossed this could be a bug. I'm waiting impatiently for the 2.0 release (when?) and see the NTLM authentication problem solved (I really hope this!).

Thanks
0 Kudos

andy
Champ on-the-rise
Champ on-the-rise

‎02-23-2007 11:55 AM

Hi

The community 2.0 final release has been available for a day or so.

Andy
0 Kudos

hsantander
Champ in-the-making
Champ in-the-making

‎02-26-2007 08:26 AM

Hi  Andy

I download and installled the new Alfresco 2.0 release, wondering my problems dissapear with this release.
But things goes wrong from the begining. The first errors are abot CIFS. Where the previous versions haven't problems, new version prints:
14:11:14,308 ERROR [smb.protocol.auth] No valid CIFS authentication combination available
14:11:14,308 ERROR [smb.protocol.auth] Either enable Kerberos support or use an authentication component that supports MD4 hashed passwords
14:11:14,314 ERROR [alfresco.smb.protocol] CIFS server configuration error, Invalid CIFS authenticator configuration
org.alfresco.error.AlfrescoRuntimeException: Invalid CIFS authenticator configuration
        at org.alfresco.filesys.server.auth.EnterpriseCifsAuthenticator.initialize(EnterpriseCifsAuthenticator.java:348)
        at org.alfresco.filesys.server.config.ServerConfiguration.setAuthenticator(ServerConfiguration.java:3310)
        at org.alfresco.filesys.server.config.ServerConfiguration.processSecurityConfig(ServerConfiguration.java:2310)
        at org.alfresco.filesys.server.config.ServerConfiguration.init(ServerConfiguration.java:634)
        at org.alfresco.filesys.server.config.ServerConfiguration.onBootstrap(ServerConfiguration.java:4007)
        at org.alfresco.util.AbstractLifecycleBean.onApplicationEvent(AbstractLifecycleBean.java:62)
        at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:45)
        at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:225)
        at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:323)
        at org.springframework.web.context.support.AbstractRefreshableWebApplicationContext.refresh(AbstractRefreshableWebApplicationContext.java:134)
        at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:246)
        at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:184)
        at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:49)
        at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3763)
        at org.apache.catalina.core.StandardContext.start(StandardContext.java:4211)
        at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:759)
        at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:739)
        at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:524)
        at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:809)
        at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:698)
        at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:472)
        at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1122)
        at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:310)
        at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1021)
        at org.apache.catalina.core.StandardHost.start(StandardHost.java:718)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1013)
        at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442)
        at org.apache.catalina.core.StandardService.start(StandardService.java:450)
        at org.apache.catalina.core.StandardServer.start(StandardServer.java:709)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:294)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)

I used the same custom-file-servers.xml than previous version.

But this is only the beginning. When uncommented the NTLM configuration lines at web.xml, this is the error I got:
14:22:58,772 ERROR [[Catalina].[localhost].[/alfresco]] Excepción arrancando filtro WebDAV Authentication Filter
javax.servlet.ServletException: Required authentication mode not available
        at org.alfresco.repo.webdav.auth.NTLMAuthenticationFilter.init(NTLMAuthenticationFilter.java:173)
        at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:223)
        at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:304)
        at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:77)
        at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3634)
        at org.apache.catalina.core.StandardContext.start(StandardContext.java:4217)
        at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:759)
        at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:739)
        at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:524)
        at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:809)
        at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:698)
        at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:472)
        at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1122)
        at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:310)
        at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1021)
        at org.apache.catalina.core.StandardHost.start(StandardHost.java:718)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1013)
        at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442)
        at org.apache.catalina.core.StandardService.start(StandardService.java:450)
        at org.apache.catalina.core.StandardServer.start(StandardServer.java:709)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:294)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
14:22:58,785 ERROR [[Catalina].[localhost].[/alfresco]] Excepción arrancando filtro Authentication Filter
javax.servlet.ServletException: Required authentication mode not available
        at org.alfresco.web.app.servlet.NTLMAuthenticationFilter.init(NTLMAuthenticationFilter.java:188)
        at org.apache.catalina.core.ApplicationFilterConfig.getFilter(ApplicationFilterConfig.java:223)
        at org.apache.catalina.core.ApplicationFilterConfig.setFilterDef(ApplicationFilterConfig.java:304)
        at org.apache.catalina.core.ApplicationFilterConfig.<init>(ApplicationFilterConfig.java:77)
        at org.apache.catalina.core.StandardContext.filterStart(StandardContext.java:3634)
        at org.apache.catalina.core.StandardContext.start(StandardContext.java:4217)
        at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:759)
        at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:739)
        at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:524)
        at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:809)
        at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:698)
        at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:472)
        at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1122)
        at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:310)
        at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:119)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1021)
        at org.apache.catalina.core.StandardHost.start(StandardHost.java:718)
        at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1013)
        at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:442)
        at org.apache.catalina.core.StandardService.start(StandardService.java:450)
        at org.apache.catalina.core.StandardServer.start(StandardServer.java:709)
        at org.apache.catalina.startup.Catalina.start(Catalina.java:551)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:294)
        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:432)
26-feb-2007 14:22:58 org.apache.catalina.core.StandardContext start
GRAVE: Error filterStart
26-feb-2007 14:22:58 org.apache.catalina.core.StandardContext start
GRAVE: Falló en arranque del Contexto [/alfresco] debido a errores previos

This is a fatal error, so the application didn't start.

Where is the problem now?

Thanks
0 Kudos

andy
Champ on-the-rise
Champ on-the-rise

‎02-26-2007 10:02 AM

Hi

The clue is:

Either enable Kerberos support or use an authentication component that supports MD4 hashed passwords

You have got enterprise configuration configured for CIFS. As the error says, this only supports Kerberos and MD4 based authentication. I assume you want to use the NTLM authentication component. In custom-file-servers.xml, or similar, you will ned to specify "alfresco" instead of "enterprise". This version works with NTLM. Alternatively, you can set up Kerberos as described on the wiki.

Regards

Andy
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC