The Group LDAP functionality was initially developped by a group of users of Jahia, so it does work for them.
Now the administrators/guest and user groups should *never* been looked for in the LDAP. Have you properly uncommented all the comments in the group-router-config.xml, including the criteria one ? What you want is for the DB provider to be of higher priority than the LDAP one, so that requests first get routed to Jahia. You can *not* remove the DB provider, or Jahia will not work properly.
Regards,
Serge Huber.
At 11:38 27.05.2004, you wrote:
When we try to connect Jahia to our LDAP Server, the site returns a 403 error:
/******* Error : 403 Access forbidden, 403 Access forbidden
URL : <http://localhost:8080/jahia/jsp/index.jsp> Method : GET
************ /
After working on the class org.jahia.services.usermanager.JahiaGroupManagerLDAPProvider, we
found problems in the source code:
nonExistentGroups = new Vector ();
nonExistentGroups.add ("administrators");
nonExistentGroups.add ("guest");
nonExistentGroups.add ("users");
private JahiaLDAPGroup lookupGroupInLDAP (String groupKey) {
JahiaLDAPGroup group = null;
Enumeration enum = nonExistentGroups.elements ();
while (enum.hasMoreElements ()) {
if (groupKey.indexOf (enum.nextElement () + ":") != -1){
return group; // group == null
}
}
.....
If the groupKey variable = "guest" , (and that's the case), the method returns null, and then the method
private void processCore (JahiaData jData) in org.jahia.engines.core.Core_Engine throws an execption
JahiaForbiddenAccessException
/***/
if (!jData.params().getContentPage().checkReadAccess(jData.params().
getUser())) {
throw new JahiaForbiddenAccessException();
}
/ ***/
The following methods return null as well :
public JahiaGroup getAdministratorGroup (int siteID)
public JahiaGroup getGuestGroup (int siteID)
public JahiaGroup getUsersGroup (int siteID)
because the attributes
public static final String USERS_GROUPNAME = null; // "users"
public static final String ADMINISTRATORS_GROUPNAME = null; // "administrators"
public static final String GUEST_GROUPNAME = null; // "guest"
are not initialized.
So we had to make some changes :
1 - Initialization of attributes
public static final String USERS_GROUPNAME = "users";
public static final String ADMINISTRATORS_GROUPNAME = "administrators";
public static final String GUEST_GROUPNAME = "guest";
2 - Modification of method private JahiaLDAPGroup lookupGroupInLDAP (String groupKey)
while (enum.hasMoreElements ()) {
if (groupKey.indexOf (enum.nextElement () + ":") != -1){
// return group;
groupKey = removeKeySufix(groupKey); //supprimer la partie ":num"
break;
}
}
We'd like to know if it's normal that we had to do this to make it work? Or did we miss something? ;-)
Has anyone managed to make an LDAP connection work without having to make changes to the source code?
Also, we would like to know how to make the user/rights/groups management work? (since a lot of methods are
not implemented in the class org.jahia.services.usermanager.JahiaGroupManagerLDAPProvider)
Thanks a lot,
Laurent
Jahia : A collaborative source CMS and Portal Server
www.jahia.org Community and product web site
www.jahia.com Commercial services company
