Hi Eivinn,
Actually I am not the programmer behind LDAP in
Jetspeed, but I am currently reading a book for Java
LDAP programming, therefore my knowledge is completely
theoretical...
What I read from the message:
"Unable to create the role"
"object class 'jetspeed-2-group' requires attribute 'uniqueMember'"
In the Object Class definition it says that there must be an Attribute
"uniqueMember", and I guess also the value of this field must be given
when creating the "jetspeed-2-group" object class.
To also the uid=admin_group looks a bit strange...
is admin_group a group or a user?
Also look into this class which throws the exception..
org.apache.jetspeed.security.impl.GroupManagerImpl
Best regards,
Marky
Eivinn Hustveit schrieb:
Hi Marky,
Thanks for answering!
We have only used the jetspeed.schema from HEAD so it should not have
any problems to my knowledge. Could it be due to a not fully
implemented LdapGroupSecurityHandler in the 2.0 installer?
Here is a small bit of jetspeed.log:
-------
2006-03-09 10:30:21,934 [http-11080-Processor25] ERROR
org.apache.jetspeed.security.impl.GroupManagerImpl - Unable to create
the role.
org.apache.jetspeed.security.SecurityException:
javax.naming.directory.SchemaViolationException: [LDAP: error code 65
- object class 'jetspeed-2-group' requires attribute 'uniqueMember'];
remaining name 'uid=admin_group,ou=groups'
at
org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDaoImpl.create(LdapPrincipalDaoImpl.java:113)
at
org.apache.jetspeed.security.spi.impl.LdapGroupSecurityHandler.setGroupPrincipal(LdapGroupSecurityHandler.java:133)
at
org.apache.jetspeed.security.impl.GroupManagerImpl.addGroup(GroupManagerImpl.java:115)
-------
As for included schemas, this is the list from slapd.conf:
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/java.schema
include /etc/openldap/schema/jetspeed.schema
Any pointers would be very much apreciated.
Sincerely
Eivinn Hustveit
System Manager
http://www.mobiletech.no
On 09/03/2006, at 6:10 AM, Marky Goldstein wrote:
Hi Eivinn,
As the exception says there is a Schema Violation... did somebody,
something change the Schema? Read about LDAP Schema and you might
be able to understand..
Best regards,
Marky Goldstein
Eivinn Hustveit schrieb:
From: [EMAIL PROTECTED]
Subject: Jetspeed2 LDAP
Date: 8 March 2006 4:41:50 PM
To: [email protected]
Hi,
We are currently trying to merge our Jetspeed2-M3 server over to
Jetspeed2.0-Final and OpenLDAP. Currently we have gotten Jetspeed to
use user authentication through LDAP.
Our steps to get so far was installing Jetspeed2 with the installer.
Fixing up jetspeed.war from that server to include LDAP specific
assembly files and deploying on our linux server.
The latest advancement is adding LdapGroupSecurityHandler to
security-spi-atz.xml but this is somewhat unsuccessful. When using
Group Manager to add a new group I get the exception:
-----
javax.naming.directory.SchemaViolationException: [LDAP: error code
65 - object class 'jetspeed-2-group' requires attribute
'uniqueMember']; remaining name 'uid=ldap_eivinn,ou=groups'
-----
I have also been reading up on the LDAP threads from 3rd of February
which seem to conclude that by using the Jetspeed source we could
get full LDAP support. Is this correct? Will the
LdapSecurityMappingHandler etc be used with LDAP for groups, roles,
and encrypted user authentication if I build Jetspeed from source?
Are there any steps to produce the same result with a patch?
Sincerely
Eivinn Hustveit
System Manager http://www.mobiletech.no
--R.Ø.S.A.
Identity: Marky Goldstein
E-Mail: [EMAIL PROTECTED]
Task: Managing Director, Product & Strategy
R.Ø.S.A. Creation. Technology. Intelligence. AG
Seefeldstrasse 231, 8008 Zurich, Switzerland
Phone: +41 1 389 63 33
Fax: +41 1 389 63 30
URL: http://www.rosa.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
R.Ø.S.A.
Identity: Marky Goldstein
E-Mail: [EMAIL PROTECTED]
Task: Managing Director, Product & Strategy
R.Ø.S.A. Creation. Technology. Intelligence. AG
Seefeldstrasse 231, 8008 Zurich, Switzerland
Phone: +41 1 389 63 33
Fax: +41 1 389 63 30
URL: http://www.rosa.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
