Re: 1.1-beta-3 LDAP

[ossi petz]

hallo

hopefully this does not end up in thread-stealing...
i'd like to provide some ldap feedback on beta-3 too.
i've managed to configred authentication against our active directory. 
users can login to continuum. thats already something!

so lets switch quickly to the problems part :)

documentation. if this should be tested give people more than a dead 
link in applicaiton.xml:
http://svn.codehaus.org/plexus/plexus-redback/trunk/redback-site/src/site/apt/integration/ldap.apt

as mentiond by bryan madsen there is a requirement for a guest account. 
please remove that one. a guest is a guest. so no authentication against 
any other system should be required. there a billions of guest auth 
requests against the ldap server that serve no purpose.

the security.properties contains the name of an admin. this user can see 
all project groups in continuum. any other user seems to be equal to a 
guest. when i try to edit a user only the users admin and guest exist. 
both from continuum, none of these  are ldap accounts.
so i cant reconfigure project access rights for ldap users at the moment?
also the created admin account in continuum does no longer work. i would 
like some fallback authentication: if a user is not found in ldap try in 
local database. we often have external users we dont create in our 
active directory as they only need access to certain tools (bugzilla, 
continuum, etc). in bugzilla this can be configured (ldap only, local 
only, ldap->local, local->ldap). i did like that feature very much.

notifications cannot be assigned to ldap users (well those may never 
where assigned to continuum accounts anyway? not sure).

usernames with special characters (mmüller, tkühn) cause a server error 
(stacktrace see below). the user mmüller can login with 'mmuller', after 
that the username 'mmüller' appears in the logged in bar :)

usernames that are not found in ldap cause a 500 server error too.


thats about my report. if you require any mor information please tell :)

thanks for doing ldap integration!


regards

ossi




Stacktrace for special usernames:
Oct 12, 2007 4:20:36 PM org.mortbay.jetty.servlet.ServletHandler handle
WARNING: /continuum/security/login.action:
java.lang.NullPointerException
        at 
org.codehaus.plexus.redback.authentication.users.UserManagerAuthenticator.authenticate(UserManagerAuthenticator.java:85)
        at 
org.codehaus.plexus.redback.authentication.DefaultAuthenticationManager.authenticate(DefaultAuthenticationManager.java:74)
        at 
org.codehaus.plexus.redback.system.DefaultSecuritySystem.authenticate(DefaultSecuritySystem.java:98)
        at 
org.codehaus.plexus.redback.xwork.action.LoginAction.webLogin(LoginAction.java:317)
        at 
org.codehaus.plexus.redback.xwork.action.LoginAction.login(LoginAction.java:130)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invokeAction(DefaultActionInvocation.java:358)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invokeActionOnly(DefaultActionInvocation.java:218)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:192)
        at 
org.codehaus.plexus.redback.xwork.interceptor.SecureActionInterceptor.intercept(SecureActionInterceptor.java:114)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
org.codehaus.plexus.redback.xwork.interceptor.PolicyEnforcementInterceptor.intercept(PolicyEnforcementInterceptor.java:100)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
org.codehaus.plexus.redback.xwork.interceptor.AutoLoginInterceptor.intercept(AutoLoginInterceptor.java:156)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
org.codehaus.plexus.redback.xwork.interceptor.ForceAdminUserInterceptor.intercept(ForceAdminUserInterceptor.java:76)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
org.codehaus.plexus.redback.xwork.interceptor.EnvironmentCheckInterceptor.intercept(EnvironmentCheckInterceptor.java:122)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
com.opensymphony.xwork.interceptor.DefaultWorkflowInterceptor.doIntercept(DefaultWorkflowInterceptor.java:175)
        at 
com.opensymphony.xwork.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:86)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
com.opensymphony.xwork.validator.ValidationInterceptor.doIntercept(ValidationInterceptor.java:115)
        at 
com.opensymphony.xwork.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:86)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:31)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:31)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:31)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
com.opensymphony.webwork.interceptor.FileUploadInterceptor.intercept(FileUploadInterceptor.java:174)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:31)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
com.opensymphony.webwork.interceptor.debugging.DebuggingInterceptor.intercept(DebuggingInterceptor.java:169)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:31)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
com.opensymphony.xwork.interceptor.I18nInterceptor.intercept(I18nInterceptor.java:151)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:31)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:31)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInterceptor.java:31)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
com.opensymphony.xwork.interceptor.ExceptionMappingInterceptor.intercept(ExceptionMappingInterceptor.java:186)
        at 
com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvocation.java:190)
        at 
com.opensymphony.xwork.DefaultActionProxy.execute(DefaultActionProxy.java:116)
        at 
com.opensymphony.webwork.dispatcher.DispatcherUtils.serviceAction(DispatcherUtils.java:273)
        at 
com.opensymphony.webwork.dispatcher.FilterDispatcher.doFilter(FilterDispatcher.java:202)
        at 
org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821)
        at 
com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:118)
        at 
com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:52)
        at 
org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821)
        at 
com.opensymphony.webwork.dispatcher.ActionContextCleanUp.doFilter(ActionContextCleanUp.java:88)
        at 
org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821)
        at 
org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:471)
        at 
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
        at org.mortbay.http.HttpContext.handle(HttpContext.java:1530)
        at 
org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
        at org.mortbay.http.HttpContext.handle(HttpContext.java:1482)
        at org.mortbay.http.HttpServer.service(HttpServer.java:909)
        at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
        at 
org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:982)
        at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
        at 
org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
        at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
        at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
Oct 12, 2007 4:20:36 PM org.mortbay.jetty.servlet.ServletHttpResponse 
sendError
WARNING: EXCEPTION
org.apache.jasper.JasperException: Exception in JSP: 
/WEB-INF/jsp/redback/include/securityLinks.jsp:27

24:
25: <ww:i18n name="localization.Continuum">
26: <html>
27: <head>
28:   <title>
29:     <c:choose>
30:       <c:when test="${param.errorCode == 403 || param.errorCode == 
404 || param.errorCode == 500}">


Stacktrace:
        at 
org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:504)
        at 
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:393)
        at 
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
        at 
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
        at 
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:428)
        at 
org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:473)
        at 
org.mortbay.jetty.servlet.Dispatcher.dispatch(Dispatcher.java:286)
        at org.mortbay.jetty.servlet.Dispatcher.error(Dispatcher.java:179)
        at 
org.mortbay.jetty.servlet.ServletHttpResponse.sendError(ServletHttpResponse.java:415)
        at 
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:611)
        at org.mortbay.http.HttpContext.handle(HttpContext.java:1530)
        at 
org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
        at org.mortbay.http.HttpContext.handle(HttpContext.java:1482)
        at org.mortbay.http.HttpServer.service(HttpServer.java:909)
        at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
        at 
org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:982)
        at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
        at 
org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
        at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
        at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
2007-10-12 16:20:36,030 [SocketListener0-2] INFO  Authenticator:ldap 
         - Searching for users with filter: 
'(&(objectClass=*)(sAMAccountName=mm?ller))' from base dn: OU=USER,dc=local
2007-10-12 16:20:36,036 [SocketListener0-2] INFO  Authenticator:ldap 
         - Found user?: false