My issue is to make LDAP authentication. So no hope? Best Wishes, Reza Toghraee
Sent from my BlackBerry -----Original Message----- From: Matt Mencel <[email protected]> Sender: [email protected] Date: Tue, 17 Jan 2012 14:31:34 To: Matterhorn Users<[email protected]> Reply-To: Matterhorn Users <[email protected]> Subject: Re: [Matterhorn-users] Status of LDAP? I have it working on my 1.2.0 test system. CAS for authentication(login) and LDAP for authorization (roles). I can't say whether LDAP for authentication (login) works or not. It was a bit ugly to get working, but sometimes I make things harder then they really should be, so YMMV. A couple things I will point out. If you are continually modifying your LDAP config in factories/org.opencastproject.userdirectory.ldap.LdapUserProvider.properties, Felix likes to cache your old settings even after you've deleted/modified them. The workaround for me was to always rm -rf the felix-cache directory if I made changes to the LDAP config. Matterhorn takes forever to restart when you do this, but it was the only way to guarantee (for me) a clean LDAP config in Felix. Watch your LDAP logs for connections and to make sure you're query is setup correctly in matterhorn. If all that works (you see good connections in your LDAP logs), than the issue may be in mh_default_org.xml. I had everything working correctly, but didn't have the LDAP attribute ROLE set on the right patterns to get me access to all the URLs. Matt ----- Original Message ----- From: "Hank Magnuski" <[email protected]> To: "Matterhorn Users" <[email protected]> Sent: Tuesday, January 17, 2012 2:14:52 PM Subject: [Matterhorn-users] Status of LDAP? There have been quite a few posts on this topic and I'm really confused about the current status of LDAP (in particular on 1.3.x) from these messages. Some people are using CAS + LDAP, some use it for authorization but not authentication, etc. It's hard to sort out what works. My earlier experiments to use it for authentication were complete failures. So can anyone report, definitively and without compromise: 1. LDAP is working with MH for authentication (login). 2. LDAP is working with MH for authorization (user roles). Not in theory, but on an installed or test system. Thanks for the update, Hank _______________________________________________ Matterhorn-users mailing list [email protected] http://lists.opencastproject.org/mailman/listinfo/matterhorn-users _______________________________________________ Matterhorn-users mailing list [email protected] http://lists.opencastproject.org/mailman/listinfo/matterhorn-users _______________________________________________ Matterhorn-users mailing list [email protected] http://lists.opencastproject.org/mailman/listinfo/matterhorn-users
