Status: New
Owner: ----
Labels: Type-Defect Priority-Medium
New issue 1411 by [email protected]: LDAP Referrals Cause Login Problems
http://code.google.com/p/openmeetings/issues/detail?id=1411
OM Version: 1.6.2 r3675
Server: CentOS 5.6 x86_64
Client: OpenSuSE 11.4 x86_64
In my LDAP tree, for various reasons, I have aliases to some of my LDAP
accounts. When I configure OM to support LDAP, and try to log in with an
account that has one or more aliases, I get the following error in the log
file (more output to follow):
Error on Ldap request - more than one result for user nick
The root cause of this is that the LDAP login code blindly follows
referrals, without allowing for configuration of this parameter by the
admin. In the LdapAuthBase.java file, there's a line in the function
authenticateUser:
ldapAuthenticateProperties.put(Context.REFERRAL, "follow");
Rather than this being set statically, as a constant, this should be a
configuration parameter in the om_ldap.cfg file(s). I've attached a couple
of possible patches to make this happen - have not tested, yet, to verify
functionality, but will work on that, soon.
--More Error Info--
Connection to LDAP - Server start (without Server login)
DEBUG 06-22 12:03:23.462 LdapLoginManagement.java 743450 370
org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-1] - Checking
server type...
DEBUG 06-22 12:03:23.463 LdapLoginManagement.java 743451 374
org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-1] - LDAP
server is OpenLDAP
DEBUG 06-22 12:03:23.463 LdapLoginManagement.java 743451 375
org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-1] - LDAP
search base: DC=seakr,DC=com
DEBUG 06-22 12:03:23.490 LdapLoginManagement.java 743478 379
org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-1] -
Authentication with DN: cn=Nick Couchman,ou=People,dc=it,DC=seakr,DC=com
DEBUG 06-22 12:03:23.491 LdapAuthBase.java 743479 83
org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-1] - authenticateUser
DEBUG 06-22 12:03:23.491 LdapAuthBase.java 743479 112
org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-1] -
Connection to LDAP - Server start (without Server login)
DEBUG 06-22 12:03:23.539 Usermanagement.java 743527 1526
org.openmeetings.app.data.user.Usermanagement [NioProcessor-1] -
Usermanagement.getUserByLogin : nick
DEBUG 06-22 12:03:23.549 LdapLoginManagement.java 743537 413
org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-1] - user
doesnt exist local -> create new
DEBUG 06-22 12:03:23.550 LdapAuthBase.java 743538 156
org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-1] - getData
ERROR 06-22 12:03:23.579 LdapLoginManagement.java 743567 448
org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-1] - Error on
Ldap request - more than one result for user nick
--End Log File--
Attachments:
LdapAuthBase.java.patch 1.7 KB
LdapLoginManagement.java.patch 1.4 KB
--
You received this message because you are subscribed to the Google Groups
"OpenMeetings developers" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/openmeetings-dev?hl=en.
