I am trying to enable LDAP Authentication on Fedora 3 , I followed steps
mentioned on
http://www.fedora-commons.org/confluence/display/FCKB/Authenticating+Fedora+2.2+against+LDAP,
but I wasn't able to get it up and running, no exception is thrown, when I try
to login using ldap user I only get "401 Unauthorized Authentication failed"
error message.
Here is my fedora configuration and LDAP configuration.
Fedora:
- I disable FESL, SSL and API authentication.
- Modified web.xml :
<filter>
<filter-name>LdapFilterForAttributes</filter-name>
<filter-class>fedora.server.security.servletfilters.ldap.FilterLdap</filter-class>
<init-param>
<param-name>version</param-name>
<param-value>3</param-value>
</init-param>
<init-param>
<param-name>authenticate</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>security-authentication</param-name>
<param-value>simple</param-value>
</init-param>
<init-param>
<param-name>id-attribute</param-name>
<param-value>abc</param-value>
</init-param>
<init-param>
<param-name>bind-filter</param-name>
<param-value>
OU=Tree,DC=local,DC=organization </param-value>
</init-param>
<init-param>
<param-name>url</param-name>
<param-value>ldap://localhost:389/</param-value>
</init-param>
<init-param>
<param-name>search-base</param-name>
<param-value>
OU=Tree,DC=local,DC=organization </param-value>
</init-param>
<init-param>
<param-name>search-filter</param-name>
<param-value>(xyz={0})</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>LdapFilterForAttributes</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
LDAP:
map_const_attr []: <none>
map_const_val []: <none>
ldap_host : localhost
port_number : 389
person_obj_class : User
group_obj_class : group
per_search_base : OU=Tree,DC=local,DC=organization
grp_search_base : OU=Tree,DC=local,DC=organization
per_search_filter : (xyz= *)
grp_search_filter : !(objectclass= Computer)
bind_dn : organization\admin-user
bind_pwd :
user_subtype : domain_user
rename_user_option : T
deactivate_user_option : T
rename_group_option : T
import_mode : both
bind_type : bind_by_dn
use_ext_auth_prog : F
ssl_mode : 0
ssl_port : 0
certdb_location :
first_time_sync : F
map_rejection [0]: 2
[1]: 2
[2]: 2
[3]: 2
[4]: 2
[5]: 2
retry_count : 3
retry_interval : 3
failover_ldap_config_ids []: <none>
failover_use_interval : 5
acl_domain : domain_admin
acl_name : domain1234567890
language_code :
map_attr [0]: user_name
[1]: user_login_name
[2]: user_address
[3]: group_name
map_val [0]: XYZ
[1]: abc
[2]: mail
[3]: abc
Best regards,
Khaled
------------------------------------------------------------------------------
The Planet: dedicated and managed hosting, cloud storage, colocation
Stay online with enterprise data centers and the best network in the business
Choose flexible plans and management services without long-term contracts
Personal 24x7 support from experience hosting pros just a phone call away.
http://p.sf.net/sfu/theplanet-com
_______________________________________________
Fedora-commons-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
