So when you submit the login screen, you have a return message on the screen saying that authentication failed, right ?
What is strange is that I don't see any LDAP trace in your log. Can you grep the log for org.nuxeo.ecm.directory.ldap, please ? Have you checked that your configuration fragment is deployed ? - it should be viewable in the log - you should not be anymore able to log as Administrator/Administrator Tiry Le vendredi 08 juin 2007 à 15:46 +0200, Pascal Vuylsteker a écrit : > > > On 6/8/07, Tiry <[EMAIL PROTECTED]> wrote: > Hi, > > When do you get this error ? > - when the login form is displayed ? > - when you submit the login form ? > > Both case > > > If this is case 1 : this error log is "normal", this is > because one of > the seam component is automatically started at session startup > and that > component try to do an ejb call before auth is done. > => It does not prevent you from loging in > > > So the short info is that when I try a new authentification, I get > just the following added to the log : > (and by the way, the LDAP sever is a Sun one) > > 15:41:44,548 ERROR [STDERR] javax.security.auth.login.LoginException : > Authentication Failed > 15:41:44,548 ERROR [STDERR] at > org.nuxeo.ecm.platform.login.NuxeoLoginModule.login(NuxeoLoginModule.java:247) > 15:41:44,548 ERROR [STDERR] at > sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method) > 15:41:44,549 ERROR [STDERR] at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > 15:41:44,549 ERROR [STDERR] at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java > :25) > 15:41:44,549 ERROR [STDERR] at > java.lang.reflect.Method.invoke(Method.java:585) > 15:41:44,549 ERROR [STDERR] at > javax.security.auth.login.LoginContext.invoke(LoginContext.java:769) > 15:41:44,549 ERROR [STDERR] at > javax.security.auth.login.LoginContext.access > $000(LoginContext.java:186) > 15:41:44,549 ERROR [STDERR] at > javax.security.auth.login.LoginContext$4.run(LoginContext.java:683) > 15:41:44,549 ERROR [STDERR] at > java.security.AccessController.doPrivileged (Native Method) > 15:41:44,549 ERROR [STDERR] at > javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680) > 15:41:44,549 ERROR [STDERR] at > javax.security.auth.login.LoginContext.login(LoginContext.java :579) > 15:41:44,549 ERROR [STDERR] at > org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter.doAuthenticate(NuxeoAuthenticationFilter.java:90) > 15:41:44,549 ERROR [STDERR] at > org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter.doFilter > (NuxeoAuthenticationFilter.java:163) > 15:41:44,549 ERROR [STDERR] at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) > 15:41:44,550 ERROR [STDERR] at > org.apache.catalina.core.ApplicationFilterChain.doFilter > (ApplicationFilterChain.java:173) > 15:41:44,550 ERROR [STDERR] at > org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) > 15:41:44,550 ERROR [STDERR] at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter > (ApplicationFilterChain.java:202) > 15:41:44,550 ERROR [STDERR] at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) > 15:41:44,550 ERROR [STDERR] at > org.apache.catalina.core.StandardWrapperValve.invoke > (StandardWrapperValve.java:213) > 15:41:44,550 ERROR [STDERR] at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) > 15:41:44,550 ERROR [STDERR] at > org.jboss.web.tomcat.security.SecurityAssociationValve.invoke > (SecurityAssociationValve.java:175) > 15:41:44,550 ERROR [STDERR] at > org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74) > 15:41:44,550 ERROR [STDERR] at > org.apache.catalina.core.StandardHostValve.invoke > (StandardHostValve.java:126) > 15:41:44,550 ERROR [STDERR] at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) > 15:41:44,550 ERROR [STDERR] at > org.apache.catalina.core.StandardEngineValve.invoke > (StandardEngineValve.java:107) > 15:41:44,550 ERROR [STDERR] at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) > 15:41:44,550 ERROR [STDERR] at > org.apache.coyote.http11.Http11Processor.process > (Http11Processor.java:869) > 15:41:44,551 ERROR [STDERR] at > org.apache.coyote.http11.Http11BaseProtocol > $Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) > 15:41:44,551 ERROR [STDERR] at > org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket > (PoolTcpEndpoint.java:527) > 15:41:44,551 ERROR [STDERR] at > org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112) > 15:41:44,551 ERROR [STDERR] at > java.lang.Thread.run(Thread.java :613) > > > > As a complement, here is the file I am using : > > <?xml version="1.0"?> > > <component name="org.nuxeo.ecm.directory.ldap.storage.users"> > <implementation class=" > org.nuxeo.ecm.directory.ldap.LDAPDirectoryDescriptor" /> > <implementation > class="org.nuxeo.ecm.directory.ldap.LDAPServerDescriptor" /> > <require>org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory > </require> > > <!-- the groups SQL directories are required to make this bundle > work --> > <require>org.nuxeo.ecm.directory.sql.storage</require> > > <extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory > " > point="servers"> > > <!-- Configuration of a server connection > > A single server declaration can point to a cluster of replicated > servers (using OpenLDAP's slapd + sluprd for instance). To > leverage > such a cluster and improve availibility, please provide one > <ldapUrl/> tag for each replica of the cluster. > --> > <server name="default"> > > <!-- modif PVK --> > <ldapUrl>ldap://sunset.ina.fr:389</ldapUrl> > <!-- Optional servers from the same cluster for failover > and load balancing: > <ldapUrl>ldap://ldap.ina.fr:389</ldapUrl> > > <ldapUrl>ldaps://server3:389</ldapUrl> > > "ldaps" means TLS/SSL connection. > --> > > <!-- Credentials used by Nuxeo5 to browse the directory, create > and modify entries. > > Only the authentication of users (bind) use the credentials > entered > through the login form if any. > > --> > <!-- modif PVK > <bindDn>cn=nuxeo5,ou=applications,dc=example,dc=com</bindDn> > <bindPassword>changeme</bindPassword> > --> > > <bindDn>uid=mtest,ou=personnes,o=ina</bindDn> > <bindPassword>achanger</bindPassword> > > </server> > > </extension> > > <extension > target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory" > point="directories"> > > <directory name="userDirectory"> > <server>default</server> > <schema>user</schema> > <idField>username</idField> > <passwordField>password</passwordField> > > <!-- PVK <searchBaseDn>ou=people,dc=example,dc=com</searchBaseDn> > --> > <searchBaseDn>o=ina</searchBaseDn> > <!-- PVK <searchClass>person</searchClass> --> > <!-- PVK <searchClass>*</searchClass> --> > <searchClass>inetOrgPerson</searchClass> > > <!-- > <searchBaseDn>ou=people,dc=example,dc=com</searchBaseDn> > <searchClass>person</searchClass> > --> > > <!-- To additionally restricte entries you can add an > arbitrary search filter such as the following: > > > <searchFilter>(&(sn=toto*)(myCustomAttribute=somevalue))</searchFilter> > > Beware that "&" writes "&" in XML. > --> > > <!-- use subtree if the people branch is nested --> > <!-- PVK <searchScope>onelevel</searchScope> --> > <searchScope>subtree</searchScope> > > <!-- PVK > <creationBaseDn>ou=people,dc=example,dc=com</creationBaseDn> --> > <creationBaseDn>ou=personnes</creationBaseDn> > <creationClass>top</creationClass> > <creationClass>person</creationClass> > <creationClass>organizationalPerson</creationClass> > <creationClass>inetOrgPerson</creationClass> > <rdnAttribute>uid</rdnAttribute> > > <fieldMapping name="username">uid</fieldMapping> > <fieldMapping name="password">userPassword</fieldMapping> > <fieldMapping name="firstName">givenName</fieldMapping> > <fieldMapping name="lastName">sn</fieldMapping> > <fieldMapping name="company">o</fieldMapping> > <fieldMapping name="email">mail</fieldMapping> > > <references> > > <inverseReference field="groups" directory="groupDirectory" > dualReferenceField="members" /> > > </references> > > </directory> > > </extension> > > </component> > _______________________________________________ ECM mailing list [email protected] http://lists.nuxeo.com/mailman/listinfo/ecm
