OK, I finally managed to set up a up2.6 install against the same LDAP source, and it worked fine. There do seem to be a new properties in up3's ldap connection. Also, the URL seems to be of the form ldap:port/basePath, rather than ldap:port.
New props: java.naming.ldap.version=3, org.springframework.ldap.base.path=cn=Users, dc=unicon, dc=net, java.naming.factory.object=org.springframework.ldap.core.support.DefaultDirObjectFactory - Jen On Tue, May 6, 2008 at 10:49 AM, Jen Bourey <[EMAIL PROTECTED]> wrote: > Unfortunately, no, I don't have a uPortal 2 configuration. > > Thanks for the documentation on the caching contexts! That all makes > sense. > > - Jen > > > > On Tue, May 6, 2008 at 10:42 AM, Eric Dalquist < > [EMAIL PROTECTED]> wrote: > >> Hrm, >> >> Some good questions, I did a little testing with LDAP but I don't have >> much in the way of services to test against. Do you have a functional >> uPortal 2 ldap config we could look at to try and figure out where the >> problem is? >> >> As for why those classes are gone, >> http://ja-sig.org/wiki/display/UPC/uPortal+3+API+Changes documents them >> as they should be used via chaining with the CacheSecurityContext. >> >> -Eric >> >> Jen Bourey wrote: >> >> Hi all, >> >> I've been having some trouble getting LDAP authentication to an Active >> Directory server working in uPortal 3.0. I've been able to configure the >> packaged CAS instance to successfully authenticate against the AD server >> using LDAP with simple authentication, and I can also get uPortal to grab >> person directory information from this AD server. I was hoping that since >> I'd already done the configuration in ldapContext.xml to allow the person >> directory lookup to happen, all I'd need to do to enable portal >> authentication to the AD server would be to add the following line to >> security.properties: >> >> >> root.ldap=org.jasig.portal.security.provider.SimpleLdapSecurityContextFactory >> >> Currently, this leads to the following stack trace in the portal log: >> >> ERROR [TP-Processor23] provider.SimpleLdapSecurityContext.[] May/06 >> 06:34:18 - SimpleLdapSecurityContext: LDAP Error with user: myusername; >> javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: >> NameErr: DSID-031001BD, problem 2001 (NO_OBJECT), data 0, best match of >> : >> 'CN=Users,DC=unicon,DC=net' >> [EMAIL PROTECTED]; remaining name 'cn=Users, dc=unicon, dc=net' >> at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3010) >> at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931) >> at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2737) >> at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1808) >> at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1731) >> at >> com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368) >> at >> com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338) >> at >> com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:321) >> at >> javax.naming.directory.InitialDirContext.search(InitialDirContext.java:248) >> at >> org.jasig.portal.security.provider.SimpleLdapSecurityContext.authenticate(SimpleLdapSecurityContext.java:133) >> at >> org.jasig.portal.security.provider.ChainingSecurityContext.authenticate(ChainingSecurityContext.java:87) >> at >> org.jasig.portal.security.provider.UnionSecurityContext.authenticate(UnionSecurityContext.java:33) >> at >> org.jasig.portal.services.Authentication.authenticate(Authentication.java:83) >> at org.jasig.portal.LoginServlet.service(LoginServlet.java:140) >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269) >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) >> at >> edu.yale.its.tp.cas.client.filter.StaticCasReceiptCacherFilter.doFilter(StaticCasReceiptCacherFilter.java:67) >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215) >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) >> at >> edu.yale.its.tp.cas.client.filter.CASValidateFilter.doFilter(CASValidateFilter.java:337) >> at >> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215) >> at >> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188) >> at >> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210) >> at >> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174) >> at >> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) >> at >> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117) >> at >> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108) >> at >> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151) >> at >> org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200) >> at >> org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283) >> at >> org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773) >> at >> org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703) >> at >> org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:895) >> at >> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685) >> at java.lang.Thread.run(Thread.java:595) >> >> After turning debugging on, right above this trace the expected principal >> and context information is printed out, so it must be getting at least some >> correct LDAP configuration information. >> >> Is there a step I maybe missed somewhere? Is anyone currently >> successfully using LDAP authentication in uPortal 3? >> >> On a somewhat-related note, it appears that the CacheLdapSecurityContext >> and CacheLdapSecurityContextFactory disappeared in uPortal 3.0. Was this >> intentional? Is there a reason those classes would not be expected to work >> in up3? >> >> Thanks! >> >> - Jen >> >> -- >> >> >> Join your friends and colleagues at JA-SIG 2008 - "Higher Education >> Solutions: The Community Source Way!" >> April 27th - 30th, 2008 in St. Paul, Minnesota USA >> >> Featuring CAS, DSpace, Fedora, Fluid, Internet2, Kuali, Sakai, uPortal, and >> more! >> Information/Registration at: >> http://www.ja-sig.org/conferences/08spring/index.html >> >> Subscribe to the conference blog, The Community Source >> Wayhttp://jasig2008.blogspot.com, for news and updates about the event. >> >> Join the Conference networking site at http://ja-sigspring08.crowdvine.com/ >> >> You are currently subscribed to uportal-dev@lists.ja-sig.org as: [EMAIL >> PROTECTED] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/uportal-dev >> >> > -- You are currently subscribed to uportal-dev@lists.ja-sig.org as: [EMAIL PROTECTED] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/uportal-dev
