Hi Max, After making the change you need to re-build tomcat, and redeploy it. You can do this by following steps 7, 8, and 9 in the installation guide:
- http://www.dspace.org/1_6_0Documentation/ch03.html#N108B6 But at step 8, as this is not a new installation, you need to run 'ant update' instead of 'ant fresh_install'. Thanks, Stuart Lewis IT Innovations Analyst and Developer Te Tumu Herenga The University of Auckland Library Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand Ph: +64 (0)9 373 7599 x81928 On 27/04/2010, at 8:57 AM, Max McGrath wrote: > Stuart - > > I made the change and then restarted Tomcat and it still is not working for > people that do not have their e-mail address in LDAP. > > Should I have done more than just restarting Tomcat? > > Thanks for all the help! > -- > Max McGrath > Asst. Network Admin/Systems Specialist > Carthage College > 262-552-5512 > [email protected] > > > On Mon, Apr 26, 2010 at 3:46 PM, Stuart Lewis <[email protected]> wrote: > Hi Max, > > Yes - that's right. > > Change: > > if ((ldap.ldapEmail!=null)&&(!ldap.ldapEmail.equals(""))) > > > to > > > if (ldap.ldapEmail == null) ldap.ldapEmail = ""; > if (true) > > > (I've added an extra line there to hopefully catch another error that could > occur.) > > Thanks, > > > Stuart Lewis > IT Innovations Analyst and Developer > Te Tumu Herenga The University of Auckland Library > Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand > Ph: +64 (0)9 373 7599 x81928 > > > > On 27/04/2010, at 4:15 AM, Max McGrath wrote: > > > Hi Stuart - > > > > Here is the code I am looking at: > > > > if ((ldap.ldapEmail!=null)&&(!ldap.ldapEmail.equals(""))) You want me to > > change this to if (true) and then leave everything else the same??? > > { > > try > > { > > eperson = > > EPerson.findByEmail(context, ldap.ldapEmail); > > if (eperson!=null) > > { > > > > log.info(LogManager.getHeader(context, > > > > "type=ldap-login", "type=ldap_but_already_email")); > > > > context.setIgnoreAuthorization(true); > > > > eperson.setNetid(netid.toLowerCase()); > > eperson.update(); > > context.commit(); > > > > context.setIgnoreAuthorization(false); > > > > context.setCurrentUser(eperson); > > return SUCCESS; > > } > > else > > { > > if > > (canSelfRegister(context, request, netid)) > > { > > // > > TEMPORARILY turn off authorisation > > try > > { > > > > context.setIgnoreAuthorization(true); > > > > eperson = EPerson.create(context); > > if > > ((ldap.ldapEmail != null) && (!ldap.ldapEmail.equals(""))) > > { > > > > eperson.setEmail(ldap.ldapEmail); > > } > > else > > { > > > > eperson.setEmail(netid + > > ConfigurationManager.getProperty("ldap.netid_email_domain")); > > } > > if > > ((ldap.ldapGivenName!=null) && (!ldap.ldapGivenName.equals(""))) > > { > > > > eperson.setFirstName(ldap.ldapGivenName); > > } > > if > > ((ldap.ldapSurname!=null) && (!ldap.ldapSurname.equals(""))) > > { > > > > eperson.setLastName(ldap.ldapSurname); > > } > > if > > ((ldap.ldapPhone!=null)&&(!ldap.ldapPhone.equals(""))) > > { > > > > eperson.setMetadata("phone", ldap.ldapPhone); > > } > > > > eperson.setNetid(netid.toLowerCase()); > > > > eperson.setCanLogIn(true); > > > > AuthenticationManager.initEPerson(context, request, eperson); > > > > eperson.update(); > > > > context.commit(); > > > > context.setCurrentUser(eperson); > > } > > catch > > (AuthorizeException e) > > { > > > > return NO_SUCH_USER; > > } > > finally > > { > > > > context.setIgnoreAuthorization(false); > > } > > > > > > log.info(LogManager.getHeader(context, "authenticate", > > > > "type=ldap-login, created ePerson")); > > return > > SUCCESS; > > } > > else > > { > > // No > > auto-registration for valid certs > > > > log.info(LogManager.getHeader(context, > > > > "failed_login", "type=ldap_but_no_record")); > > return > > NO_SUCH_USER; > > } > > } > > } > > > > -- > > Max McGrath > > Asst. Network Admin/Systems Specialist > > Carthage College > > 262-552-5512 > > [email protected] > > > > > > On Thu, Apr 22, 2010 at 9:28 PM, Stuart Lewis <[email protected]> > > wrote: > > Hi Max, > > > > Yes - looks like there's a bit of a logic flow problem going on there - the > > check for an empty email is being performed twice, and the first is not > > needed. Try looking at > > [dsapce-src]/dspace-api/src/main/java/org/dspace/authenticate/LDAPHierarchicalAuthentication.java > > and find the line: > > > > if ((ldap.ldapEmail!=null)&&(!ldap.ldapEmail.equals(""))) > > > > (about line 254) and change it to: > > > > if (true) > > > > Rebuild, redeploy etc. If may throw a null pointer exception, if so, add > > just before the if statement: > > > > if (ldap.ldapEmail == null) ldap.ldapEmail = ""; > > > > If this fixes the problem, we'll look at getting it corrected in the next > > release. > > > > Thanks, > > > > > > Stuart Lewis > > IT Innovations Analyst and Developer > > Te Tumu Herenga The University of Auckland Library > > Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand > > Ph: +64 (0)9 373 7599 x81928 > > > > > > > > On 23/04/2010, at 2:19 PM, Max McGrath wrote: > > > > > That could very well be the case as we do not have the e-mail address > > > field populated in LDAP. But I thought the following code would take > > > care of that: > > > > > > # If your LDAP server does not hold an email address for a user, you can > > > use > > > # the following field to specify your email domain. This value is appended > > > # to the netid in order to make an email address. E.g. a netid of 'user' > > > and > > > # ldap.netid_email_domain as '@example.com' would set the email of the > > > user > > > # to be '[email protected] > > > ldap.netid_email_domain = @carthage.edu > > > -- > > > Max McGrath > > > Asst. Network Admin/Systems Specialist > > > Carthage College > > > 262-552-5512 > > > [email protected] > > > > > > > > > On Thu, Apr 22, 2010 at 9:12 PM, Stuart Lewis <[email protected]> > > > wrote: > > > Hi Max, > > > > > > This code has been stable for a while and is working in a lot of > > > installations, so hopefully there is no bug. One possible cause is that > > > the email address is not being returned from the LDAP query. If there is > > > no email address then an eperson record cannot be created. > > > > > > Check that the following setting is correctly configured in dspace.cfg: > > > > > > ldap.email_field = mail > > > > > > Thanks, > > > > > > > > > Stuart Lewis > > > IT Innovations Analyst and Developer > > > Te Tumu Herenga The University of Auckland Library > > > Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand > > > Ph: +64 (0)9 373 7599 x81928 > > > > > > > > > On 23/04/2010, at 1:48 PM, Max McGrath wrote: > > > > > > > Yes, I do have that set to true and the ePersons are still not being > > > > created. > > > > -- > > > > Max McGrath > > > > Asst. Network Admin/Systems Specialist > > > > Carthage College > > > > 262-552-5512 > > > > [email protected] > > > > > > > > > > > > On Thu, Apr 22, 2010 at 1:33 PM, <[email protected]> wrote: > > > > Hi, Max. I'm glad you have LDAP auth working now. > > > > > > > > Do you have webui.ldap.autoregister = true in your dspace.cfg? > > > > > > > > We don't have webui.ldap.autoregister set to true, currently, and we do > > > > create all e-person accounts manually for those faculty and staff that > > > > need to access DSpace to add or edit objects. We were hoping to turn on > > > > webui.ldap.autoregister this summer. > > > > > > > > -- > > > > Stacy Pennington > > > > Rhodes College > > > > [email protected] > > > > (901) 843-3968 > > > > > > > > > > > > --------------------------- > > > > From: Max McGrath [mailto:[email protected]] > > > > Sent: Thursday, April 22, 2010 11:57 AM > > > > To: Pennington_Stacy > > > > Cc: [email protected] > > > > Subject: Re: [Dspace-tech] LDAP with DSpace > > > > > > > > Thanks again Stacy! > > > > > > > > You, however, have been unsuccessful at getting this to automatically > > > > create a new ePerson, correct? > > > > > > > > I don't have access to my logs right now, but I can see that LDAP > > > > authentication is working, but creating a new ePerson is failing and > > > > therefore, not letting me login! > > > > > > > > Is my only option to manually create an ePerson for every person who > > > > could potentially login? > > > > -- > > > > Max McGrath > > > > Asst. Network Admin/Systems Specialist > > > > Carthage College > > > > 262-552-5512 > > > > [email protected] > > > > > > > > > > > > <ATT00001..txt><ATT00002..txt> > > > > > > > > > > > > > > > > > > > > > > ------------------------------------------------------------------------------ _______________________________________________ DSpace-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dspace-tech
