cancel
Showing results for 
Search instead for 
Did you mean: 

NTLM configuration problem with WCM2.0preview

lgr
Champ in-the-making
Champ in-the-making
Hi,

With the old versions of Alfresco, adding these lines in shared/file-servers-custom.xml worked.
   
   <config evaluator="string-compare" condition="Filesystem Security" replace="true">
       <authenticator type="passthru">
          <Server>192.168.0.1</Server>
       </authenticator>
   </config>

Since v2.0 preview, i've got an error under windows 2k3 FR:
14:03:52,828 ERROR [alfresco.smb.protocol] CIFS server configuration error, Wrong authentication setup for passthru authenticator (can only be used with LDAP/JAAS auth component)
org.alfresco.error.AlfrescoRuntimeException: Wrong authentication setup for passthru authenticator (can only be used with LDAP/JAAS auth component)
        at org.alfresco.filesys.server.config.ServerConfiguration.processSecurit
yConfig(ServerConfiguration.java:2247)
        at org.alfresco.filesys.server.config.ServerConfiguration.init(ServerCon
figuration.java:626)
        at org.alfresco.filesys.server.config.ServerConfiguration.onBootstrap(Se
rverConfiguration.java:3985)

I haven't found any change documented since v1.4 in the forum, documentation (wiki), nor the jira issues.

Is there a bug or something i did not notice ?

Laurent.
37 REPLIES 37

hsantander
Champ in-the-making
Champ in-the-making
Hello again

Reading other of your I disvovered that is a bug reported at http://issues.alfresco.com/browse/AR-1263.

This is the same bug we detected in the Alfresco 2.0preview, so it seems not been solved.
I'll try the Alfresco version compiled from repository and check if it is really solved.

Thanks

hsantander
Champ in-the-making
Champ in-the-making
Hi again
This weekend I tried get the new classes compiled from the .java in the svn repository. I Got the same error. Is this bug resolved in the .java files from the svn repository?

Thanks

andy
Champ on-the-rise
Champ on-the-rise
Hi

I have checked back. This bug was fixed after the 2.0 community release. There is a patch available for enterprise users. This will make its way into the community version in the next release. Sorry, I don't know exactly when.

(There is another bug which displays a similar error when people are auto-created after NTLM authentication. )

Andy

hsantander
Champ in-the-making
Champ in-the-making
Hi again

I tried the same configuration on Alfresco 2.0.1 Enterprise but still got errors.

17:57:59,968 DEBUG [app.servlet.NTLMAuthenticationFilter] New NTLM auth request from 127.0.0.1 (127.0.0.1:42690)
17:57:59,980 DEBUG [app.servlet.NTLMAuthenticationFilter] Received type1 [Type1:0x88207,Domain:<NotSet>,Wks:<NotSet>]
17:57:59,995 DEBUG [app.servlet.NTLMAuthenticationFilter] Sending NTLM type2 to client - [Type2:0x203,Target:HSANTANDER_A,Ch:63e375158086ea1a]
17:57:59,999 DEBUG [app.servlet.NTLMAuthenticationFilter] Received type3 [Type3:,LM:2e998c3b322d1c6453a3e092851ba37596a0a4289208102c,NTLM:2e998c3b322d1c6453a3e092851ba37596a0a4289208102c,Dom:,User:sbh000,Wks:hsantander]
17:58:00,027 WARN  [orm.hibernate3.HibernateTransactionManager] Should roll back transaction but cannot - no transaction available
17:58:00,028 ERROR [[localhost].[/alfresco].[Faces Servlet]] Servlet.service() para servlet Faces Servlet lanzó excepción
java.lang.NullPointerException
        at org.alfresco.repo.security.authentication.InMemoryTicketComponentImpl.getTicket(InMemoryTicketComponentImpl.java:65)
        at org.alfresco.repo.security.authentication.AuthenticationServiceImpl.getCurrentTicket(AuthenticationServiceImpl.java:156)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:585)
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:335)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:181)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:148)
        at org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:116)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170)
        at net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:80)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170)
        at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:49)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170)
        at org.alfresco.repo.audit.AuditComponentImpl.auditImpl(AuditComponentImpl.java:228)
        at org.alfresco.repo.audit.AuditComponentImpl.audit(AuditComponentImpl.java:166)
        at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:69)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170)
        at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:170)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:176)
        at $Proxy20.getCurrentTicket(Unknown Source)
        at org.alfresco.web.app.servlet.NTLMAuthenticationFilter.processType3(NTLMAuthenticationFilter.java:769)
        at org.alfresco.web.app.servlet.NTLMAuthenticationFilter.doFilter(NTLMAuthenticationFilter.java:400)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
        at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
        at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
        at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
        at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
        at java.lang.Thread.run(Thread.java:595)

At this moment I'm not sure that Alfresco could work with NTLM configuration.

Thanks

invantix
Champ in-the-making
Champ in-the-making
Hi

I have checked back. This bug was fixed after the 2.0 community release. There is a patch available for enterprise users. This will make its way into the community version in the next release. Sorry, I don't know exactly when.

(There is another bug which displays a similar error when people are auto-created after NTLM authentication. )

Andy

I have been seeing this type of comment a lot. I am starting to wonder if this is really open source.  2.01 is maintenace fixes that only went out to enterprise cuatomers and "will be comming soon" to the community.

We were contemplating an enterprise license but I can't get this working enough for a demo to management.  They don't want to see anything without integrated security.  I am starting to look elswhere.  It is a shame because I like the technologies used in alfresco.

andy
Champ on-the-rise
Champ on-the-rise
Hi

You can register for the 30 day trial of the enterprise version here http://www.alfresco.com/products/ecm/enttrial/register and run you demo with the fixes.

Both new developments and bug fixes go into the community product.
When bug fixes appear depends on the community release cycle, when bugs are merged and which bug fixes can be merged due to other changes.

Andy

andy
Champ on-the-rise
Champ on-the-rise
Hi

This was a bug in the NTLMAuthenticationFilter which has been fixed.

Andy

hsantander
Champ in-the-making
Champ in-the-making
Hi Andy
Could you give me the JIRA link?

Thanks