Hi Juan,

The main error there says "failed_login:no DN found for user [username]".

The DSpace error you are seeing is occurring BEFORE it even checks the 
login...which tends to imply that one of your configurations may be wrong 
(either the "search.user", "search.password", "object_context" or "id_field" 
perhaps?).  Here's the code that returns that error: 
https://github.com/DSpace/DSpace/blob/main/dspace-api/src/main/java/org/dspace/authenticate/LDAPAuthentication.java#L246-L251
(notice that error happens BEFORE DSpace even tries to call 
"ldapAuthenticate()")

So, have you tried similar settings using "ldapsearch" or another basic LDAP 
tool to verify they work from the machine which is running DSpace?

My guess is this may be a configuration issue...but, every LDAP is different 
(and I cannot claim to be an LDAP expert), so it's really hard to tell you 
exactly which configuration may be wrong.

Good luck,

Tim

________________________________
From: [email protected] <[email protected]> on behalf of 
Juan López <[email protected]>
Sent: Tuesday, August 31, 2021 8:58 AM
To: DSpace Technical Support <[email protected]>
Subject: [dspace-tech] Ldap Error:


Hi!

I'm trying to set my LDAP authentication, I've already followed what the 
documentation says here: 
https://wiki.lyrasis.org/display/DSDOC7x/Authentication+Plugins#AuthenticationPlugins-LDAPAuthentication
But, now when I try to log in with my institutional user, Dspace throws this 
error:


2021-08-24 09:29:15,622 INFO org.dspace.authenticate.LDAPAuthentication @ 
anonymous::auth:attempting trivial auth of user=juanfelipe.lopezf 2021-08-24 
09:29:15,626 WARN org.dspace.authenticate.LDAPAuthentication @ 
anonymous::ldap_authentication:type=failed_auth 
javax.naming.AuthenticationException\colon; [LDAP\colon; error code 49 - 
80090308\colon; LdapErr\colon; DSID-0C090439, comment\colon; 
AcceptSecurityContext error, data 52e, v4563] 2021-08-24 09:29:15,626 INFO 
org.dspace.authenticate.LDAPAuthentication @ anonymous::failed_login:no DN 
found for user juanfelipe.lopezf 2021-08-24 09:29:15,626 INFO 
org.dspace.authenticate.PasswordAuthentication @ 
anonymous::authenticate:attempting password auth of user=juanfelipe.lopezf 
2021-08-24 09:29:15,627 INFO 
org.dspace.app.rest.security.EPersonRestAuthenticationProvider @ 
anonymous::failed_login:email=juanfelipe.lopezf, result=2 2021-08-24 
09:29:15,627 ERROR org.dspace.app.rest.security.StatelessLoginFilter @ 
Authentication failed (status:401) 
org.springframework.security.authentication.BadCredentialsException: Login 
failed at 
org.dspace.app.rest.security.EPersonRestAuthenticationProvider.authenticateNewLogin(EPersonRestAuthenticationProvider.java:108)
 ~[classes/:7.0-beta5] at 
org.dspace.app.rest.security.EPersonRestAuthenticationProvider.authenticate(EPersonRestAuthenticationProvider.java:71)
 ~[classes/:7.0-beta5] at 
org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:175)
 ~[spring-security-core-5.2.2.RELEASE.jar:5.2.2.RELEASE] at 
org.dspace.app.rest.security.StatelessLoginFilter.attemptAuthentication(StatelessLoginFilter.java:56)
 [classes/:7.0-beta5] at 
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:212)
 [spring-security-web-5.2.2.RELEASE.jar:5.2.2.RELEASE] at 
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
 [spring-security-web-5.2.2.RELEASE.jar:5.2.2.RELEASE] at 
org.dspace.app.rest.security.StatelessAuthenticationFilter.doFilterInternal(StatelessAuthenticationFilter.java:101)
 [classes/:7.0-beta5] at 
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
 [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE] at 
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
 [spring-security-web-5.2.2.RELEASE.jar:5.2.2.RELEASE] at 
org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:141)
 [spring-security-web-5.2.2.RELEASE.jar:5.2.2.RELEASE] at 
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
 [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE] at 
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
 [spring-security-web-5.2.2.RELEASE.jar:5.2.2.RELEASE] at 
org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:92) 
[spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE] at 
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
 [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE] at 
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
 [spring-security-web-5.2.2.RELEASE.jar:5.2.2.RELEASE] at 
org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:92)
 [spring-security-web-5.2.2.RELEASE.jar:5.2.2.RELEASE] at 
org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:77)
 [spring-security-web-5.2.2.RELEASE.jar:5.2.2.RELEASE] at 
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
 [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE] at 
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
 [spring-security-web-5.2.2.RELEASE.jar:5.2.2.RELEASE] at 
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
 [spring-security-web-5.2.2.RELEASE.jar:5.2.2.RELEASE] at 
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
 [spring-security-web-5.2.2.RELEASE.jar:5.2.2.RELEASE] at 
org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
 [spring-security-web-5.2.2.RELEASE.jar:5.2.2.RELEASE] at 
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
 [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE] at 
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)
 [spring-security-web-5.2.2.RELEASE.jar:5.2.2.RELEASE] at 
org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:215)
 [spring-security-web-5.2.2.RELEASE.jar:5.2.2.RELEASE] at 
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:178)
 [spring-security-web-5.2.2.RELEASE.jar:5.2.2.RELEASE] at 
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:358)
 [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE] at 
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:271)
 [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE] at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
 [catalina.jar:9.0.45] at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
 [catalina.jar:9.0.45] at 
org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93)
 [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE] at 
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
 [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE] at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
 [catalina.jar:9.0.45] at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
 [catalina.jar:9.0.45] at 
org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:128)
 [spring-boot-2.2.6.RELEASE.jar:2.2.6.RELEASE] at 
org.springframework.boot.web.servlet.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66)
 [spring-boot-2.2.6.RELEASE.jar:2.2.6.RELEASE] at 
org.springframework.boot.web.servlet.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:103)
 [spring-boot-2.2.6.RELEASE.jar:2.2.6.RELEASE] at 
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
 [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE] at 
org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:121)
 [spring-boot-2.2.6.RELEASE.jar:2.2.6.RELEASE] at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
 [catalina.jar:9.0.45] at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
 [catalina.jar:9.0.45] at 
org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201)
 [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE] at 
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:119)
 [spring-web-5.2.5.RELEASE.jar:5.2.5.RELEASE] at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
 [catalina.jar:9.0.45] at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
 [catalina.jar:9.0.45] at 
org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71)
 [log4j-web-2.13.3.jar:2.13.3] at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
 [catalina.jar:9.0.45] at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
 [catalina.jar:9.0.45] at 
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
 [catalina.jar:9.0.45] at 
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
 [catalina.jar:9.0.45] at 
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:542)
 [catalina.jar:9.0.45] at 
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143) 
[catalina.jar:9.0.45] at 
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) 
[catalina.jar:9.0.45] at 
org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:687)
 [catalina.jar:9.0.45] at 
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
 [catalina.jar:9.0.45] at 
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:357) 
[catalina.jar:9.0.45] at 
org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:374) 
[tomcat-coyote.jar:9.0.45] at 
org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
 [tomcat-coyote.jar:9.0.45] at 
org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893)
 [tomcat-coyote.jar:9.0.45] at 
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1707)
 [tomcat-coyote.jar:9.0.45] at 
org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) 
[tomcat-coyote.jar:9.0.45] at 
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) 
[?:?] at 
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) 
[?:?] at 
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
 [tomcat-util.jar:9.0.45] at java.lang.Thread.run(Thread.java:829) [?:?]

In my browser console I got a HTTP ERROR 401 when I try to login with my LDAP 
credentials.

To produce this error all I did was:

  1.  Configure LDAP in DSPACE 7.
  2.  Try To login with an user registered in your LDAP.

Hope you guys can guide me through a solution... I asked in the "tech-support" 
slack channel and github, but didn't get a response.

--
All messages to this mailing list should adhere to the Code of Conduct: 
https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx
---
You received this message because you are subscribed to the Google Groups 
"DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to 
[email protected]<mailto:[email protected]>.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/dspace-tech/02d1a9de-1be8-4d5a-9b3c-7defda28fbddn%40googlegroups.com<https://groups.google.com/d/msgid/dspace-tech/02d1a9de-1be8-4d5a-9b3c-7defda28fbddn%40googlegroups.com?utm_medium=email&utm_source=footer>.

-- 
All messages to this mailing list should adhere to the Code of Conduct: 
https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx
--- 
You received this message because you are subscribed to the Google Groups 
"DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/dspace-tech/DM5PR2201MB1148623D43F14A0E59C4A9B4EDCC9%40DM5PR2201MB1148.namprd22.prod.outlook.com.

Reply via email to