Simeon Walker wrote:
Hi,
Hi Simeon,
I am trying to get hippo-repository to use our ldap server for
authentication. I have downloaded Release_HREP_1_2_14 from svn and
enabled ldap in server/build.properties. I am using hippo-cms-v6.05.02
from the binary download.
Ok.
The repository and cms start fine and work with the root user. I can't
login using any ldap username. I have looked at the packets with
wireshark and can see communication with the ldap server. I can also see
that a bind with my username is working, however the login still fails
and I can't see anything in the logs.
What do you see if you go to /users directly in the repository as root
user? Eg. go with your browser to http://localhost:60000/default/users.
How do I enable debugging for LDAP? I can see the debug statements in
JNDISlideRealmFilter.java but I don't know how to activate them. Is it
in logkit.xconf or log4j.xml?
IIRC you can set the domain to debug. Did you see any warnings or errors
in the logs?
The config files below look ok. Did you also configure the nodestore in
the definition.xml? See also:
http://wiki.hippocms.org/display/CMS/5.+Hippo+Repository+Configure+LDAP+Authentication+and+Authorization
Regards,
Bart
Regards,
Simeon Walker
P.S. My ldap config files are below
ldap-realm.xml:
<realms>
<namespace name="default">
<!-- cache time in milliseconds -->
<cache-time>5000</cache-time>
<!-- connection setup, super-user needs complete distinguished name!
-->
<super-user>cn=ldapadmincn,o=bangor.ac.uk</super-user>
<super-user-password>thepassword</super-user-password>
<provider-url>ldap://ldap-server:389</provider-url>
<authentication>simple</authentication>
<!-- user discovery -->
<username-attribute>uid</username-attribute>
<password-attribute>userPassword</password-attribute>
<distinguished-name-attribute>dn</distinguished-name-attribute>
<user-search-root>ou=people,o=bangor.ac.uk</user-search-root>
<method>bind</method>
<!--
Location limiting filters to restrict allowed users.
They will be or'ed together.
-->
<filters>
</filters>
</namespace>
</realms>
ldap-users.xml:
<users>
<search dn="ou=people,o=bangor.ac.uk">
</search>
<user name="root" pass="password"/>
<user name="siteuser" pass="siteuser"/>
</users>
ldap-roles.xml:
<groups>
<group name="root">
<member>/users/admin</member>
<member>/users/root</member>
</group>
<group name="editors">
<search dn="ou=group,o=bangor.ac.uk">
<filter>(cn=editors-group)</filter>
<search dn="uid={memberUid},ou=people,o=bangor.ac.uk">
</search>
</search>
</group>
<group name="user">
<search dn="ou=group,o=bangor.ac.uk">
<filter>(cn=users-group)</filter>
<search dn="uid={memberUid},ou=people,o=bangor.ac.uk">
</search>
</search>
</group>
<group name="administrators">
<member>/users/admin</member>
</group>
</groups>
--
Hippo
Oosteinde 11
1017WT Amsterdam
The Netherlands
Tel +31 (0)20 5224466
-------------------------------------------------------------
[EMAIL PROTECTED] / http://www.hippo.nl
-------------------------------------------------------------
********************************************
Hippocms-dev: Hippo CMS development public mailinglist
