that is some great feedback, I was looking for something to wedge things into a real environment and get some information.
thanks! jesse On 10/12/07, ossi petz <[EMAIL PROTECTED]> wrote: > > hallo > > hopefully this does not end up in thread-stealing... > i'd like to provide some ldap feedback on beta-3 too. > > i've managed to configred authentication against our active directory. > users can login to continuum. thats already something! > > so lets switch quickly to the problems part :) > > documentation. if this should be tested give people more than a dead > link in applicaiton.xml: > > http://svn.codehaus.org/plexus/plexus-redback/trunk/redback-site/src/site/apt/integration/ldap.apt > > as mentiond by bryan madsen there is a requirement for a guest account. > please remove that one. a guest is a guest. so no authentication against > any other system should be required. there a billions of guest auth > requests against the ldap server that serve no purpose. > > the security.properties contains the name of an admin. this user can see > all project groups in continuum. any other user seems to be equal to a > guest. when i try to edit a user only the users admin and guest exist. > both from continuum, none of these are ldap accounts. > so i cant reconfigure project access rights for ldap users at the moment? > also the created admin account in continuum does no longer work. i would > like some fallback authentication: if a user is not found in ldap try in > local database. we often have external users we dont create in our > active directory as they only need access to certain tools (bugzilla, > continuum, etc). in bugzilla this can be configured (ldap only, local > only, ldap->local, local->ldap). i did like that feature very much. > > notifications cannot be assigned to ldap users (well those may never > where assigned to continuum accounts anyway? not sure). > > usernames with special characters (mmüller, tkühn) cause a server error > (stacktrace see below). the user mmüller can login with 'mmuller', after > that the username 'mmüller' appears in the logged in bar :) > > usernames that are not found in ldap cause a 500 server error too. > > > thats about my report. if you require any mor information please tell :) > > thanks for doing ldap integration! > > > regards > > ossi > > > > > Stacktrace for special usernames: > Oct 12, 2007 4:20:36 PM org.mortbay.jetty.servlet.ServletHandler handle > WARNING: /continuum/security/login.action: > java.lang.NullPointerException > at > > org.codehaus.plexus.redback.authentication.users.UserManagerAuthenticator.authenticate > (UserManagerAuthenticator.java:85) > at > > org.codehaus.plexus.redback.authentication.DefaultAuthenticationManager.authenticate > (DefaultAuthenticationManager.java:74) > at > org.codehaus.plexus.redback.system.DefaultSecuritySystem.authenticate( > DefaultSecuritySystem.java:98) > at > org.codehaus.plexus.redback.xwork.action.LoginAction.webLogin( > LoginAction.java:317) > at > org.codehaus.plexus.redback.xwork.action.LoginAction.login( > LoginAction.java:130) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java > :39) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke( > DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) > at > com.opensymphony.xwork.DefaultActionInvocation.invokeAction( > DefaultActionInvocation.java:358) > at > com.opensymphony.xwork.DefaultActionInvocation.invokeActionOnly( > DefaultActionInvocation.java:218) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:192) > at > > org.codehaus.plexus.redback.xwork.interceptor.SecureActionInterceptor.intercept > (SecureActionInterceptor.java:114) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > > org.codehaus.plexus.redback.xwork.interceptor.PolicyEnforcementInterceptor.intercept > (PolicyEnforcementInterceptor.java:100) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > > org.codehaus.plexus.redback.xwork.interceptor.AutoLoginInterceptor.intercept > (AutoLoginInterceptor.java:156) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > > org.codehaus.plexus.redback.xwork.interceptor.ForceAdminUserInterceptor.intercept > (ForceAdminUserInterceptor.java:76) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > > org.codehaus.plexus.redback.xwork.interceptor.EnvironmentCheckInterceptor.intercept > (EnvironmentCheckInterceptor.java:122) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > com.opensymphony.xwork.interceptor.DefaultWorkflowInterceptor.doIntercept( > DefaultWorkflowInterceptor.java:175) > at > com.opensymphony.xwork.interceptor.MethodFilterInterceptor.intercept( > MethodFilterInterceptor.java:86) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > com.opensymphony.xwork.validator.ValidationInterceptor.doIntercept( > ValidationInterceptor.java:115) > at > com.opensymphony.xwork.interceptor.MethodFilterInterceptor.intercept( > MethodFilterInterceptor.java:86) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > com.opensymphony.xwork.interceptor.AroundInterceptor.intercept( > AroundInterceptor.java:31) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > com.opensymphony.xwork.interceptor.AroundInterceptor.intercept( > AroundInterceptor.java:31) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > com.opensymphony.xwork.interceptor.AroundInterceptor.intercept( > AroundInterceptor.java:31) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > com.opensymphony.webwork.interceptor.FileUploadInterceptor.intercept( > FileUploadInterceptor.java:174) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > com.opensymphony.xwork.interceptor.AroundInterceptor.intercept( > AroundInterceptor.java:31) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > > com.opensymphony.webwork.interceptor.debugging.DebuggingInterceptor.intercept > (DebuggingInterceptor.java:169) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > com.opensymphony.xwork.interceptor.AroundInterceptor.intercept( > AroundInterceptor.java:31) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > com.opensymphony.xwork.interceptor.I18nInterceptor.intercept( > I18nInterceptor.java:151) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > com.opensymphony.xwork.interceptor.AroundInterceptor.intercept( > AroundInterceptor.java:31) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > com.opensymphony.xwork.interceptor.AroundInterceptor.intercept( > AroundInterceptor.java:31) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > com.opensymphony.xwork.interceptor.AroundInterceptor.intercept( > AroundInterceptor.java:31) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > com.opensymphony.xwork.interceptor.ExceptionMappingInterceptor.intercept( > ExceptionMappingInterceptor.java:186) > at > com.opensymphony.xwork.DefaultActionInvocation.invoke( > DefaultActionInvocation.java:190) > at > com.opensymphony.xwork.DefaultActionProxy.execute(DefaultActionProxy.java > :116) > at > com.opensymphony.webwork.dispatcher.DispatcherUtils.serviceAction( > DispatcherUtils.java:273) > at > com.opensymphony.webwork.dispatcher.FilterDispatcher.doFilter( > FilterDispatcher.java:202) > at > org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter( > WebApplicationHandler.java:821) > at > com.opensymphony.module.sitemesh.filter.PageFilter.parsePage( > PageFilter.java:118) > at > com.opensymphony.module.sitemesh.filter.PageFilter.doFilter( > PageFilter.java:52) > at > org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter( > WebApplicationHandler.java:821) > at > com.opensymphony.webwork.dispatcher.ActionContextCleanUp.doFilter( > ActionContextCleanUp.java:88) > at > org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter( > WebApplicationHandler.java:821) > at > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch( > WebApplicationHandler.java:471) > at > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1530) > at > org.mortbay.jetty.servlet.WebApplicationContext.handle( > WebApplicationContext.java:633) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1482) > at org.mortbay.http.HttpServer.service(HttpServer.java:909) > at org.mortbay.http.HttpConnection.service(HttpConnection.java > :816) > at > org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:982) > at org.mortbay.http.HttpConnection.handle(HttpConnection.java > :833) > at > org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244) > at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java > :357) > at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java > :534) > Oct 12, 2007 4:20:36 PM org.mortbay.jetty.servlet.ServletHttpResponse > sendError > WARNING: EXCEPTION > org.apache.jasper.JasperException: Exception in JSP: > /WEB-INF/jsp/redback/include/securityLinks.jsp:27 > > 24: > 25: <ww:i18n name="localization.Continuum"> > 26: <html> > 27: <head> > 28: <title> > 29: <c:choose> > 30: <c:when test="${param.errorCode == 403 || param.errorCode == > 404 || param.errorCode == 500}"> > > > Stacktrace: > at > org.apache.jasper.servlet.JspServletWrapper.handleJspException( > JspServletWrapper.java:504) > at > org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java > :393) > at > org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314) > at > org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) > at > org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:428) > at > org.mortbay.jetty.servlet.WebApplicationHandler.dispatch( > WebApplicationHandler.java:473) > at > org.mortbay.jetty.servlet.Dispatcher.dispatch(Dispatcher.java:286) > at org.mortbay.jetty.servlet.Dispatcher.error(Dispatcher.java > :179) > at > org.mortbay.jetty.servlet.ServletHttpResponse.sendError( > ServletHttpResponse.java:415) > at > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:611) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1530) > at > org.mortbay.jetty.servlet.WebApplicationContext.handle( > WebApplicationContext.java:633) > at org.mortbay.http.HttpContext.handle(HttpContext.java:1482) > at org.mortbay.http.HttpServer.service(HttpServer.java:909) > at org.mortbay.http.HttpConnection.service(HttpConnection.java > :816) > at > org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:982) > at org.mortbay.http.HttpConnection.handle(HttpConnection.java > :833) > at > org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244) > at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java > :357) > at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java > :534) > 2007-10-12 16:20:36,030 [SocketListener0-2] INFO Authenticator:ldap > - Searching for users with filter: > '(&(objectClass=*)(sAMAccountName=mm?ller))' from base dn: > OU=USER,dc=local > 2007-10-12 16:20:36,036 [SocketListener0-2] INFO Authenticator:ldap > - Found user?: false > > > > -- jesse mcconnell [EMAIL PROTECTED]
