The stack trace shows an attempt to create a user, but it's failing because there is no creationBaseDn (and other parameters) in your config. Well, there is one, but it's commented out.
Florent On Wed, Sep 23, 2009 at 5:20 PM, Federica Boffa <[email protected]> wrote: > > > Hi everybody, > I have a problem when I create user in Nuxeo interface with ldap. Search and > login works fine. > I'm logging in with the bindDn user and there is my users config file and > virtual config file and groups config file: > > <?xml version="1.0"?> > > <component name="org.nuxeo.ecm.platform.usermanager.VirtualGroups"> > <require>org.nuxeo.ecm.platform.usermanager.UserManagerImpl</require> > > <!-- > Copy the following file in $JBOSS_DIR/nuxeo.ear/config/ in order to make > the user with id 'johndoe' have administration rights and all members of > the > users directory virtually belong to the 'members' group so that thy can > see > all the domains and their contents by default. > --> > > <extension target="org.nuxeo.ecm.platform.usermanager.UserService" > point="userManager"> > > <userManager class="org.nuxeo.ecm.platform.usermanager.UserManagerImpl"> > > <defaultAdministratorId>ldapbindnx</defaultAdministratorId> > <defaultGroup>members</defaultGroup> > > </userManager> > > </extension> > > </component> > > <?xml version="1.0"?> > > <component name="org.nuxeo.ecm.directory.ldap.storage.groups"> > <implementation > class="org.nuxeo.ecm.directory.ldap.LDAPDirectoryDescriptor" /> > <implementation > class="org.nuxeo.ecm.directory.ldap.LDAPServerDescriptor" /> > <require>org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory</require> > > <!-- the groups LDAP directory for users is required to make this bundle > work --> > <require>org.nuxeo.ecm.directory.ldap.storage.users</require> > > <extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory" > point="directories"> > > <directory name="groupDirectory"> > > <!-- Reuse the default server configuration defined for userDirectory > --> > <server>default</server> > > <schema>group</schema> > <idField>groupname</idField> > > <searchBaseDn>ou=groupnuxeo,ou=nuxeo,dc=***,dc=***</searchBaseDn> > <searchFilter>objectClass=group</searchFilter> > <searchScope>subtree</searchScope> > > <readOnly>false</readOnly> > > <!-- comment <cache* /> tags to disable the cache --> > <!-- cache timeout in seconds --> > <cacheTimeout>3600</cacheTimeout> > > <!-- maximum number of cached entries before global invalidation --> > <cacheMaxSize>1000</cacheMaxSize> > > <!-- > <creationBaseDn>ou=groupnuxeo,ou=nuxeo,dc=***,dc=***</creationBaseDn> > <creationClass>top</creationClass> > <creationClass>group</creationClass> > --> > <rdnAttribute>cn</rdnAttribute> > <fieldMapping name="groupname">cn</fieldMapping> > > <references> > > <!-- LDAP reference resolve DNs embedded in uniqueMember attributes > > If the target directory has no specific filtering policy, it is most > of the time not necessary to enable the 'forceDnConsistencyCheck' policy. > > Enabling this option will fetch each reference entry to ensure its > existence in the target directory. > --> > > <ldapReference field="members" directory="userDirectory" > forceDnConsistencyCheck="false" > staticAttributeId="member" /> > > <ldapReference field="subGroups" directory="groupDirectory" > forceDnConsistencyCheck="false" /> > > <inverseReference field="parentGroups" > directory="groupDirectory" dualReferenceField="subGroups" /> > > </references> > > </directory> > > </extension> > > </component> > > <?xml version="1.0"?> > > <component name="org.nuxeo.ecm.directory.ldap.storage.users"> > <implementation > class="org.nuxeo.ecm.directory.ldap.LDAPDirectoryDescriptor" /> > <implementation class="org.nuxeo.ecm.directory.ldap.LDAPServerDescriptor" > /> > <require>org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory</require> > > <!-- the groups SQL directories are required to make this bundle work --> > <require>org.nuxeo.ecm.directory.sql.storage</require> > > <extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory" > point="servers"> > > <!-- Configuration of a server connection > > A single server declaration can point to a cluster of replicated > servers (using OpenLDAP's slapd + sluprd for instance). To leverage > such a cluster and improve availibility, please provide one > <ldapUrl/> tag for each replica of the cluster. > --> > > <server name="default"> > > <ldapUrl>ldap://*****</ldapUrl> > > <!-- Optional servers from the same cluster for failover > and load balancing: > <ldapUrl>ldap://server2:389</ldapUrl> > <ldapUrl>ldaps://server3:389</ldapUrl> > "ldaps" means TLS/SSL connection. > --> > > <!-- Credentials used by Nuxeo5 to browse the directory, create > and modify entries. > Only the authentication of users (bind) use the credentials entered > through the login form if any. > --> > > <bindDn>cn=ldapnuxeo,ou=usernuxeo,ou=nuxeo,dc=***,dc=***</bindDn> > <bindPassword>***</bindPassword> > </server> > > </extension> > > <extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory" > point="directories"> > > <directory name="userDirectory"> > <server>default</server> > <schema>user</schema> > <idField>username</idField> > <passwordField>password</passwordField> > > <searchBaseDn>ou=usernuxeo,ou=nuxeo,dc=***,dc=***</searchBaseDn> > <searchClass>top</searchClass> > > > <!-- To additionally restricte entries you can add an > arbitrary search filter such as the following: > <searchFilter>objectClass=groupOfNames</searchFilter> > Beware that "&" writes "&" in XML. > --> > > <!-- use subtree if the people branch is nested --> > <searchScope>subtree</searchScope> > > <!-- using 'subany', search will match *toto*. use 'subfinal' to > match *toto and 'subinitial' to match toto*. subinitial is the > default behaviour--> > <substringMatchType>subany</substringMatchType> > > <readOnly>false</readOnly> > > <!-- comment <cache* /> tags to disable the cache --> > <!-- cache timeout in seconds --> > <cacheTimeout>3600</cacheTimeout> > > <!-- maximum number of cached entries before global invalidation --> > <cacheMaxSize>1000</cacheMaxSize> > > <!-- > <creationBaseDn>ou=usernuxeo,ou=nuxeo,dc=***,dc=***</creationBaseDn> > <creationClass>top</creationClass> > <creationClass>person</creationClass> > <creationClass>organizationalPerson</creationClass> > <creationClass>user</creationClass> > --> > <rdnAttribute>uid</rdnAttribute> > > <fieldMapping name="username">sAMAccountName</fieldMapping> > <fieldMapping name="firstName">givenName</fieldMapping> > <fieldMapping name="lastName">sn</fieldMapping> > <fieldMapping name="company">o</fieldMapping> > <fieldMapping name="email">mail</fieldMapping> > <fieldMapping name="password">userPassword</fieldMapping> > > <references> > > <inverseReference field="groups" directory="groupDirectory" > dualReferenceField="members" /> > > </references> > > </directory> > > </extension> > > </component> > > > In the image attached, I insert the information about user and then there is > the result: > > Exception: javax.naming.InvalidNameException. message: Invalid name: > sAMAccountName=Pinco,null > > javax.servlet.ServletException: > #{userManagerActions.createUser}: > org.nuxeo.ecm.directory.DirectoryException: createEntry failed > at javax.faces.webapp.FacesServlet.service(FacesServlet.java:277) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at > org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83) > at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:85) > at > org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) > at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64) > at > org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) > at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45) > at > org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) > at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:178) > at org.ajax4jsf.webapp.BaseFilter.handleRequest(BaseFilter.java:290) > at > org.ajax4jsf.webapp.BaseFilter.processUploadsAndHandleRequest(BaseFilter.java:368) > at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:495) > at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:60) > at > org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) > at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:58) > at > org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69) > at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at > org.nuxeo.ecm.platform.ui.web.rest.FancyURLFilter.doFilter(FancyURLFilter.java:131) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at > org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter.doFilter(NuxeoAuthenticationFilter.java:461) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at > org.nuxeo.ecm.platform.web.common.requestcontroller.filter.NuxeoRequestControllerFilter.doFilter(NuxeoRequestControllerFilter.java:133) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at > org.nuxeo.ecm.platform.web.common.exceptionhandling.NuxeoExceptionFilter.doFilter(NuxeoExceptionFilter.java:77) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at > org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230) > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) > at > org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182) > at > org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84) > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) > at > org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157) > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262) > at > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) > at > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583) > at > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446) > at java.lang.Thread.run(Thread.java:595) > Caused by: javax.faces.FacesException: #{userManagerActions.createUser}: > org.nuxeo.ecm.directory.DirectoryException: createEntry failed > at > com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:118) > at javax.faces.component.UICommand.broadcast(UICommand.java:387) > at > org.ajax4jsf.component.AjaxViewRoot.processEvents(AjaxViewRoot.java:321) > at > org.ajax4jsf.component.AjaxViewRoot.broadcastEvents(AjaxViewRoot.java:296) > at > org.ajax4jsf.component.AjaxViewRoot.processPhase(AjaxViewRoot.java:253) > at > org.ajax4jsf.component.AjaxViewRoot.processApplication(AjaxViewRoot.java:466) > at > com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:82) > at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100) > at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118) > at > org.nuxeo.ecm.platform.ui.web.lifecycle.NuxeoLifeCycleImpl.execute(NuxeoLifeCycleImpl.java:83) > at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265) > ... 48 more > Caused by: javax.faces.el.EvaluationException: > org.nuxeo.ecm.directory.DirectoryException: createEntry failed > at > javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:102) > at > com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102) > ... 58 more > Caused by: org.nuxeo.ecm.directory.DirectoryException: createEntry failed > at > org.nuxeo.ecm.directory.ldap.LDAPSession.createEntry(LDAPSession.java:196) > at > org.nuxeo.ecm.directory.ldap.LDAPSession.createEntry(LDAPSession.java:908) > at > org.nuxeo.ecm.platform.usermanager.UserManagerImpl.createUser(UserManagerImpl.java:704) > at > org.nuxeo.ecm.platform.usermanager.ejb.UserManagerBean.createUser(UserManagerBean.java:290) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:592) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:112) > at > org.jboss.ejb3.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:166) > at > org.jboss.ejb3.interceptor.EJB3InterceptorsInterceptor.invoke(EJB3InterceptorsInterceptor.java:63) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) > at > org.jboss.ejb3.entity.TransactionScopedEntityManagerInterceptor.invoke(TransactionScopedEntityManagerInterceptor.java:54) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) > at > org.jboss.ejb3.AllowedOperationsInterceptor.invoke(AllowedOperationsInterceptor.java:47) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) > at org.jboss.aspects.tx.TxPolicy.invokeInCallerTx(TxPolicy.java:126) > at > org.jboss.aspects.tx.TxInterceptor$Required.invoke(TxInterceptor.java:195) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) > at > org.jboss.aspects.tx.TxPropagationInterceptor.invoke(TxPropagationInterceptor.java:95) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) > at > org.jboss.ejb3.stateless.StatelessInstanceInterceptor.invoke(StatelessInstanceInterceptor.java:62) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) > at > org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:77) > at > org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:110) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) > at > org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:46) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) > at > org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106) > at > org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101) > at > org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:240) > at > org.jboss.ejb3.stateless.StatelessContainer.localInvoke(StatelessContainer.java:210) > at > org.jboss.ejb3.stateless.StatelessLocalProxy.invoke(StatelessLocalProxy.java:84) > at $Proxy149.createUser(Unknown Source) > at > org.nuxeo.ecm.webapp.security.UserManagerActionsBean.createUser(UserManagerActionsBean.java:331) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:592) > at org.jboss.seam.util.Reflections.invoke(Reflections.java:21) > at > org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:31) > at > org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56) > at > org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:31) > at > org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) > at > org.jboss.seam.core.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:46) > at > org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) > at > org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:42) > at > org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68) > at > org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107) > at > org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:166) > at > org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:102) > at > org.nuxeo.ecm.webapp.security.UserManagerActionsBean_$$_javassist_50.createUser(UserManagerActionsBean_$$_javassist_50.java) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:592) > at > org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:329) > at > org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:342) > at > org.jboss.el.parser.AstPropertySuffix.invoke(AstPropertySuffix.java:58) > at org.jboss.el.parser.AstValue.invoke(AstValue.java:96) > at > org.jboss.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) > at > com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68) > at > javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:88) > ... 59 more > Caused by: org.nuxeo.ecm.core.api.WrappedException: Exception: > javax.naming.InvalidNameException. message: Invalid name: > sAMAccountName=Pinco,null > at javax.naming.ldap.Rfc2253Parser.doParse(Rfc2253Parser.java:86) > at javax.naming.ldap.Rfc2253Parser.parseDn(Rfc2253Parser.java:49) > at javax.naming.ldap.LdapName.parse(LdapName.java:772) > at javax.naming.ldap.LdapName.(LdapName.java:108) > at com.sun.jndi.ldap.LdapCtx.addRdnAttributes(LdapCtx.java:895) > at com.sun.jndi.ldap.LdapCtx.c_bind(LdapCtx.java:386) > at > com.sun.jndi.toolkit.ctx.ComponentDirContext.p_bind(ComponentDirContext.java:277) > at > com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.bind(PartialCompositeDirContext.java:197) > at > com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.bind(PartialCompositeDirContext.java:186) > at > javax.naming.directory.InitialDirContext.bind(InitialDirContext.java:158) > at > org.nuxeo.ecm.directory.ldap.LDAPSession.createEntry(LDAPSession.java:184) > ... 121 more > > can anyone help me? what modify? field in .xsd or other? thank you > > > ________________________________ > Doretta Doretta ti "cerca"! Vieni a trovarla sul suo Spaces! > ________________________________ > Doretta Doretta ti "cerca"! Vieni a trovarla sul suo Spaces! > _______________________________________________ > ECM mailing list > [email protected] > http://lists.nuxeo.com/mailman/listinfo/ecm > To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm > > -- Florent Guillaume, Head of R&D, Nuxeo Open Source, Java EE based, Enterprise Content Management (ECM) http://www.nuxeo.com http://www.nuxeo.org +33 1 40 33 79 87 _______________________________________________ ECM mailing list [email protected] http://lists.nuxeo.com/mailman/listinfo/ecm To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm
