I have installed Dspace 1.4.1 on windows 2003 server. We are trying to
use Windows Active directory ldap authentication for logging to Dspace
using domain supplied user ID/Password from within and outside the
campus.
The Dspace LDAP Authentication Configuration Settings are:
ldap.enable = true
ldap.provider_url = ldap://X.Y.ntu.edu.sg/o=ntu.edu.sg
ldap.id_field = uid
ldap.object_context = ou= X.Y,o=ntu.edu.sg
ldap.search_context = ou= X.Y
ldap.email_field = mail
ldap.surname_field = sn
ldap.givenname_field = givenName
ldap.phone_field = telephoneNumber
When a valid user log in to Dspace through the "myDspace" option, the
following error message is received from the log file.
2007-02-09 13:09:01,655 INFO org.dspace.eperson.PasswordAuthentication
@
anonymous:session_id=3557F0C69F8F0BEA409C2835BBA20BDC:ip_addr=155.69.24.
193:authenticate:attempting password auth of [EMAIL PROTECTED]
2007-02-09 13:09:01,655 INFO
org.dspace.app.webui.servlet.PasswordServlet @
anonymous:session_id=3557F0C69F8F0BEA409C2835BBA20BDC:ip_addr=155.69.24.
193:failed_login:email= [EMAIL PROTECTED], result=4
The LDAPServlet.java file was modified to include
env.put(javax.naming.Context.PROVIDER_URL, "ldap://X.Y.ntu.edu.sg";);
env.put(javax.naming.Context.SECURITY_AUTHENTICATION, "simple");
env.put(javax.naming.Context.SECURITY_PRINCIPAL,
"[EMAIL PROTECTED]");
env.put(javax.naming.Context.SECURITY_CREDENTIALS, "************");
Still it gives the same error mentioned above. I just tried logging
directly using
"http://dspacedev1:8080/dspace/ldap-login"; and gave a user name and
password registered with the domain. It created the user with no
submission privileges. But this user cannot login from the main
"myDspace" option. From the log file, it seems the user is automatically
registered and ldap has failed.
2007-02-09 15:48:01,797 WARN org.dspace.app.webui.servlet.LDAPServlet @
anonymous:session_id=C5DBB32D95BF99F2B0C8908D0F202FF6:ip_addr=155.69.104
.75:ldap_attribute_lookup:type=failed_search
javax.naming.NamingException: [LDAP: error code 1 - 000020D6: SvcErr:
DSID-031006CC, problem 5012 (DIR_ERROR), data 0
]; remaining name 'ou=X,ou=Y'
2007-02-09 15:48:01,797 INFO org.dspace.app.webui.servlet.LDAPServlet @
anonymous:session_id=C5DBB32D95BF99F2B0C8908D0F202FF6:ip_addr=155.69.104
.75:autoregister:[EMAIL PROTECTED]
2007-02-09 15:48:01,813 INFO org.dspace.eperson.EPerson @
anonymous:session_id=C5DBB32D95BF99F2B0C8908D0F202FF6:ip_addr=155.69.104
.75:create_eperson:eperson_id=44
2007-02-09 15:48:01,844 INFO org.dspace.eperson.EPerson @
anonymous:session_id=C5DBB32D95BF99F2B0C8908D0F202FF6:ip_addr=155.69.104
.75:update_eperson:eperson_id=44
2007-02-09 15:48:01,906 INFO org.dspace.app.webui.servlet.LDAPServlet @
[EMAIL PROTECTED]:session_id=C5DBB32D95BF99F2B0C8908D0F202FF6:
ip_addr=155.69.104.75:login:type=ldap-login
2007-02-09 15:48:01,906 INFO
org.dspace.app.webui.servlet.MyDSpaceServlet @
[EMAIL PROTECTED]:session_id=C5DBB32D95BF99F2B0C8908D0F202FF6:ip_addr
=155.69.104.75:view_mydspace:
Could any one please help regarding this. Is there any other file that
needs to be modified to make LDAP work and access Dspace from the
"myDSpace" option.
Thanks,
Jayan
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier.
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
DSpace-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-tech
