[Dspace-devel] [DuraSpace JIRA] Commented: (DS-835) DSpace 1.7.0 cannot search LDAP's subtree (OU) on openldap

Thu, 03 Mar 2011 12:24:39 -0800 

    [ 
https://jira.duraspace.org/browse/DS-835?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=19172#action_19172
 ] 

Stuart Lewis commented on DS-835:
---------------------------------

Hi Daniel,

Thanks for this bug report.  I've tested 1.7 with openldap (non-TLS) and it 
worked fine.  For a test server you can use, see: 
http://blog.stuartlewis.com/2008/08/18/test-ldap-service-upgraded-now-with-branches/

In your settings:

ldap.object_context / ldap.search.context = ou=users,ou=users,dc=company,dc=br 

Is the repeated 'ou=users,ou=users' correct?

Thanks,


Stuart

> DSpace 1.7.0 cannot search LDAP's subtree (OU) on openldap
> ----------------------------------------------------------
>
>                 Key: DS-835
>                 URL: https://jira.duraspace.org/browse/DS-835
>             Project: DSpace
>          Issue Type: Bug
>    Affects Versions: 1.7.0
>         Environment: Ubuntu Server Ubuntu 10.04.2 LTS, slapd 2.4.21 using 
> ldaps, Tomcat  6.0.24-2ubuntu1.6
>            Reporter: Daniel Ettore
>            Priority: Blocker
>
> DSpace cannot search on ldap's subtree (OUs).
> My dspace.cfg - ldap is:
> ldap.enable = true
> ldap.provider_url = ldaps://IPADDRESS:636/
> ldap.id_field = uid
> ldap.object_context = ou=users,ou=users,dc=company,dc=br
> ldap.search_context = ou=users,ou=users,dc=company,dc=br   # (we have others 
> OU under this, exemple: ou=student,ou=users,ou=users,dc=company,dc=br - 
> ou=abc,ou=users,dc=company,dc=br,ou=br and others)
> ldap.email_field = mail
> ldap.surname_field = sn
> ldap.givenname_field = givenName
> #ldap.phone_field = telephoneNumber
> webui.ldap.autoregister = true
> ldap.search_scope = 2
> ldap.search.user = uid=read-only,ou=users,dc=company,dc=br
> ldap.search.password = password
>   plugin.sequence.org.dspace.authenticate.AuthenticationMethod = \
>        org.dspace.authenticate.LDAPHierarchicalAuthentication ,\
>        org.dspace.authenticate.PasswordAuthentication
> Log from LDAP
> Mar  3 15:38:16 ldap slapd[3541]: conn=1772 fd=19 ACCEPT from 
> IP=IPADDRESS:35681 (IP=0.0.0.0:636)
> Mar  3 15:38:16 ldap slapd[3541]: conn=1772 fd=19 TLS established tls_ssf=128 
> ssf=128
> Mar  3 15:38:16 ldap slapd[3541]: conn=1772 op=0 BIND 
> dn="uid=read-only,ou=users,dc=company,dc=br" method=128
> Mar  3 15:38:16 ldap slapd[3541]: conn=1772 op=0 BIND 
> dn="uid=read-only,ou=users,dc=company,dc=br" mech=SIMPLE ssf=0
> Mar  3 15:38:16 ldap slapd[3541]: conn=1772 op=0 RESULT tag=97 err=0 text=
> Mar  3 15:38:16 ldap slapd[3541]: conn=1772 op=1 SRCH 
> base="ou=users,ou=users,dc=company,dc=br" scope=2 deref=3 
> filter="(&(uid=LOGIN))" ---> at this point, the user LOGIN is on 
> ou=student,ou=users,ou=users,dc=company,dc=br
> Mar  3 15:38:16 ldap slapd[3541]: conn=1772 op=1 SEARCH RESULT tag=101 err=32 
> nentries=0 text=
> Mar  3 15:38:16 ldap slapd[3541]: conn=1772 op=2 UNBIND
> Mar  3 15:38:16 ldap slapd[3541]: conn=1772 fd=19 closed
> Mar  3 15:38:16 ldap slapd[3541]: conn=1771 op=1 UNBIND
> Mar  3 15:38:16 ldap slapd[3541]: conn=1771 fd=18 closed
> Log from DSpace:
> 2011-03-03 16:47:50,078 INFO  
> org.dspace.authenticate.LDAPHierarchicalAuthentication @ 
> anonymous:session_id=8B6701643D44F55673C0F04B07C733E7:ip_addr=200.136.207.231:auth:attempting
>  trivial auth of user=LOGIN
> 2011-03-03 16:47:50,165 WARN  
> org.dspace.authenticate.LDAPHierarchicalAuthentication @ 
> anonymous:session_id=8B6701643D44F55673C0F04B07C733E7:ip_addr=200.136.207.231:ldap_attribute_lookup:type=failed_search
>  javax.naming.NameNotFoundException\colon; [LDAP\colon; error code 32 - No 
> Such Object]; remaining name 'ou=users,ou=users,dc=company,dc=br'
> 2011-03-03 16:47:50,166 INFO  
> org.dspace.authenticate.LDAPHierarchicalAuthentication @ 
> anonymous:session_id=8B6701643D44F55673C0F04B07C733E7:ip_addr=200.136.207.231:failed_login:no
>  DN found for user LOGIN
> 2011-03-03 16:47:50,166 INFO  org.dspace.authenticate.PasswordAuthentication 
> @ 
> anonymous:session_id=8B6701643D44F55673C0F04B07C733E7:ip_addr=200.136.207.231:authenticate:attempting
>  password auth of user=LOGIN
> 2011-03-03 16:47:50,167 INFO  org.dspace.app.webui.servlet.PasswordServlet @ 
> anonymous:session_id=8B6701643D44F55673C0F04B07C733E7:ip_addr=200.136.207.231:failed_login:email=LOGIN,
>  result=2

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
https://jira.duraspace.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

------------------------------------------------------------------------------
Free Software Download: Index, Search & Analyze Logs and other IT data in 
Real-Time with Splunk. Collect, index and harness all the fast moving IT data 
generated by your applications, servers and devices whether physical, virtual
or in the cloud. Deliver compliance at lower cost and gain new business 
insights. http://p.sf.net/sfu/splunk-dev2dev 
_______________________________________________
Dspace-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-devel

Reply via email to