Yes, i have used this svn url But i was using : ldap_use_lower_case=yes not TRUE !!! :-( Sorry about that) below is my current ldap.cfg file : ldap_server_type=OpenLDAP ldap_conn_url=ldap://xxx.xxx.x.xx:389 ldap_admin_dn=CN:xxxxxxxxxxxxx,OU:xxxxx,O:xxx ldap_passwd=xxxxxxxxxxx ldap_search_base=OU:xxxxx,O:xxx field_user_principal=uid ldap_auth_type=SIMPLE ldap_use_lower_case=true ldap_sync_password_to_om=no ldap_user_attr_lastname=sn ldap_user_attr_firstname=givenName ldap_user_attr_mail=mail ldap_user_attr_street=streetAddress ldap_user_attr_fax=facsimileTelephoneNumber ldap_user_attr_zip=postalCode ldap_user_attr_country=co ldap_user_attr_town=l ldap_user_attr_phone=telephoneNumber
And yes this configuration file was working before. The only problem was that we had to use the exact username (lower/upper case). Now Next step ... See logs below : _____________________________________________ DEBUG 01-26 16:38:16.355 LdapLoginManagement.java 15215477 393 org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - LDAP server is OpenLDAP DEBUG 01-26 16:38:16.355 LdapLoginManagement.java 15215477 394 org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - LDAP search base: OU=xxxxx,O=xxx DEBUG 01-26 16:38:16.437 LdapLoginManagement.java 15215559 400 org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - Authentication with DN: cn=totoa,OU=xxxxx,O=xxx DEBUG 01-26 16:38:16.438 LdapAuthBase.java 15215560 101 org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-6] - authenticateUser DEBUG 01-26 16:38:16.438 LdapAuthBase.java 15215560 117 org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-6] - Authentification to LDAP - Server start DEBUG 01-26 16:38:16.438 LdapAuthBase.java 15215560 151 org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-6] - loginToLdapServer DEBUG 01-26 16:38:16.615 Usermanagement.java 15215737 1521 org.openmeetings.app.data.user.Usermanagement [NioProcessor-6] - Usermanagement.getUserByLogin : totoa DEBUG 01-26 16:38:16.620 LdapLoginManagement.java 15215742 435 org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - user doesnt exist local -> create new DEBUG 01-26 16:38:16.620 LdapAuthBase.java 15215742 174 org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-6] - getData DEBUG 01-26 16:38:16.701 LdapLoginManagement.java 15215823 485 org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - Synching Ldap user to OM DB with RANDOM password: vhgoawbo0nah DEBUG 01-26 16:38:16.702 LdapLoginManagement.java 15215824 582 org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - LdapLoginmanagement.createUserFromLdapData DEBUG 01-26 16:38:16.711 Emailmanagement.java 15215833 123 org.openmeetings.app.data.user.Emailmanagement [NioProcessor-6] - checkUserMail: [email protected] DEBUG 01-26 16:38:16.712 Emailmanagement.java 15215834 129 org.openmeetings.app.data.user.Emailmanagement [NioProcessor-6] - size: 0 DEBUG 01-26 16:38:16.712 ManageCryptStyle.java 15215834 40 org.openmeetings.utils.crypt.ManageCryptStyle [NioProcessor-6] - getInstanceOfCrypt: org.openmeetings.utils.crypt.ManageCryptStyle@15dead1 DEBUG 01-26 16:38:16.712 ManageCryptStyle.java 15215834 42 org.openmeetings.utils.crypt.ManageCryptStyle [NioProcessor-6] - getInstanceOfCrypt: org.openmeetings.app.data.basic.Configurationmanagement@19c371e DEBUG 01-26 16:38:16.713 ManageCryptStyle.java 15215835 49 org.openmeetings.utils.crypt.ManageCryptStyle [NioProcessor-6] - configKeyCryptClassName: org.openmeetings.utils.crypt.MD5Implementation DEBUG 01-26 16:38:16.714 OpenXGHttpClient.java 15215836 112 org.openmeetings.app.sip.xmlrpc.OpenXGHttpClient [NioProcessor-6] - SIP is disabled DEBUG 01-26 16:38:16.715 ManageCryptStyle.java 15215837 40 org.openmeetings.utils.crypt.ManageCryptStyle [NioProcessor-6] - getInstanceOfCrypt: org.openmeetings.utils.crypt.ManageCryptStyle@15dead1 DEBUG 01-26 16:38:16.715 ManageCryptStyle.java 15215837 42 org.openmeetings.utils.crypt.ManageCryptStyle [NioProcessor-6] - getInstanceOfCrypt: org.openmeetings.app.data.basic.Configurationmanagement@19c371e DEBUG 01-26 16:38:16.716 ManageCryptStyle.java 15215838 49 org.openmeetings.utils.crypt.ManageCryptStyle [NioProcessor-6] - configKeyCryptClassName: org.openmeetings.utils.crypt.MD5Implementation ERROR 01-26 16:38:16.718 Usermanagement.java 15215840 1130 org.openmeetings.app.data.user.Usermanagement [NioProcessor-6] - [registerUser] ... ... DEBUG 01-26 16:38:16.719 Usermanagement.java 15215841 1006 org.openmeetings.app.data.user.Usermanagement [NioProcessor-6] - Added user-Id null DEBUG 01-26 16:38:16.719 LdapLoginManagement.java 15215841 705 org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - User Created! DEBUG 01-26 16:38:16.720 LdapLoginManagement.java 15215842 711 org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - Adding user '-111' to organization '1' DEBUG 01-26 16:38:16.721 Organisationmanagement.java 15215843 511 org.openmeetings.app.data.user.Organisationmanagement [NioProcessor-6] - getOrganisation_UserByUserAndOrganisation -111 1 INFO 01-26 16:38:16.722 UsersDaoImpl.java 15215844 73 org.openmeetings.app.data.user.dao.UsersDaoImpl [NioProcessor-6] - [getUser] Info: No USER_ID given ERROR 01-26 16:38:16.725 Organisationmanagement.java 15215847 503 org.openmeetings.app.data.user.Organisationmanagement [NioProcessor-6] - [addUserToOrganisation] ... ... DEBUG 01-26 16:38:16.741 LdapLoginManagement.java 15215863 494 org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - New User ID : -111 DEBUG 01-26 16:38:16.741 Sessionmanagement.java 15215863 179 org.openmeetings.app.data.basic.Sessionmanagement [NioProcessor-6] - updateUser User: -111 || 593ee2b78ee8ca2ff1d2ea44a40d313d DEBUG 01-26 16:38:16.743 Sessionmanagement.java 15215865 199 org.openmeetings.app.data.basic.Sessionmanagement [NioProcessor-6] - Found session to update: 593ee2b78ee8ca2ff1d2ea44a40d313d userId: -111 DEBUG 01-26 16:38:16.749 Usermanagement.java 15215871 1470 org.openmeetings.app.data.user.Usermanagement [NioProcessor-6] - Usermanagement.getUserById DEBUG 01-26 16:38:16.893 ErrorService.java 15216015 60 org.openmeetings.app.remote.ErrorService [NioProcessor-6] - errorid, language_id: -1|4 DEBUG 01-26 16:38:16.894 ErrorService.java 15216016 64 org.openmeetings.app.remote.ErrorService [NioProcessor-6] - eValues.getFieldvalues_id() = 334 DEBUG 01-26 16:38:16.895 ErrorService.java 15216017 66 org.openmeetings.app.remote.ErrorService [NioProcessor-6] - eValues.getErrorType() = org.openmeetings.app.persistence.beans.basic.ErrorType@caeabe _______________________________________________ And finally the browser give me an error message : Unknown Error Regards. Benoit >>> Le Jeudi 26 Janvier 2012 à 15:43, "[email protected]" <[email protected]> a écrit dans le message <CACeMiA--6S4+amYHE0VGCbVgnuBg=ir-hjtggmqsgyvbf91...@mail.gmail.com> : Hi Benoit, I am afraid there are some misunderstandings in our conversation, cause your log just does not seem to fit with the code I am looking at. You've checked out this code here, yes ? https://svn.apache.org/repos/asf/incubator/openmeetings/trunk/singlewebapp/ I see that you have this log here: DEBUG 01-26 14:36:25.000 LdapLoginManagement.java 7904122 375 org.openmeetings.app.ldap. LdapLoginManagement [NioProcessor-6] - Searching userdata with LDAP Search Filter :(uid=tOTOa) So either you did not set the param in the config or the value is false? Did you really set ldap_use_lower_case=true in your config file? what is your "ldap_admin_dn" ? Did that configuration file work ever before ? Sebastian 2012/1/26 Benoit Vautrin <[email protected]> I did network packet capture. With the new code the ldap Bind Request sended by OM is : DN=tOTOa So of course the ldap server answer invalidSyntax ... A correct Bind Request will be : DN=CN=tOTOa,OU=xxxxxx,O=xxx morever it sends " DN=tOTOa ", but it should be in lowercase (totoa) after your modifications, i guess. Benoit >>> "[email protected]" <[email protected]> 26/01/2012 14:51 >>> Yes, okay but I don#t know how this option should fix that, actually all it does is to make the string "TotoA" (or whatever string) to lowercase and send it to the LDAP server. I cannot instruct the LDAP server to ignore lower/upper case. So this option will be no solution to your problem. Sebastian 2012/1/26 Benoit Vautrin <[email protected]> > Sorry, > My username in ldap directory is TotoA and i've used tOTOa in the OM login > screen. > See below the logs : > > ___________________________________________________________ > WARN 01-26 14:36:24.997 MainService.java 7904119 338 > org.openmeetings.app.remote.MainService [NioProcessor-6] - loginUser: > 593ee2b78ee8ca2ff1d2ea44a40d313d tOTOa > DEBUG 01-26 14:36:24.997 MainService.java 7904119 349 > org.openmeetings.app.remote.MainService [NioProcessor-6] - Ldap Login > DEBUG 01-26 14:36:24.999 LdapLoginManagement.java 7904121 238 > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - > LdapLoginmanagement.doLdapLogin > DEBUG 01-26 14:36:24.999 LdapLoginManagement.java 7904121 194 > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - > LdapLoginmanagement.getLdapConfigData > DEBUG 01-26 14:36:24.999 LdapLoginManagement.java 7904121 213 > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - > LdapLoginmanagement.readConfig : > /home/openmeet/red5/webapps/openmeetings/conf/om_XXXXX_ldap.cfg > DEBUG 01-26 14:36:25.000 LdapLoginManagement.java 7904122 134 > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - > isValidAuthType > DEBUG 01-26 14:36:25.000 LdapLoginManagement.java 7904122 375 > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - Searching > userdata with LDAP Search Filter :(uid=tOTOa) > DEBUG 01-26 14:36:25.001 LdapAuthBase.java 7904123 84 > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-6] - LdapAuthBase > DEBUG 01-26 14:36:25.001 LdapLoginManagement.java 7904123 386 > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - > authenticating admin... > DEBUG 01-26 14:36:25.002 LdapAuthBase.java 7904124 101 > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-6] - authenticateUser > DEBUG 01-26 14:36:25.002 LdapAuthBase.java 7904124 117 > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-6] - > > Authentification to LDAP - Server start > DEBUG 01-26 14:36:25.002 LdapAuthBase.java 7904124 151 > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-6] - loginToLdapServer > DEBUG 01-26 14:36:25.392 LdapLoginManagement.java 7904514 389 > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - Checking > server type... > DEBUG 01-26 14:36:25.392 LdapLoginManagement.java 7904514 393 > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - LDAP > server is OpenLDAP > DEBUG 01-26 14:36:25.393 LdapLoginManagement.java 7904515 394 > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-6] - LDAP > search base: OU=xxxxxx,O=xxx > DEBUG 01-26 14:36:25.510 LdapAuthBase.java 7904632 101 > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-6] - authenticateUser > DEBUG 01-26 14:36:25.511 LdapAuthBase.java 7904633 117 > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-6] - > > Authentification to LDAP - Server start > DEBUG 01-26 14:36:25.511 LdapAuthBase.java 7904633 151 > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-6] - loginToLdapServer > ERROR 01-26 14:36:25.826 LdapAuthBase.java 7904948 123 > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-6] - > > Authentification on LDAP Server failed : [LDAP: error code 34 - Invalid DN > Syntax] > ERROR 01-26 14:36:25.829 LdapAuthBase.java 7904951 124 > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-6] - [Authentification > on LDAP Server failed] > > javax.naming.InvalidNameException: [LDAP: error code 34 - Invalid DN > Syntax] > ___________________________________________________________________________ > > > Regards > > Benoit > > > >>> Le Jeudi 26 Janvier 2012 à 14:30, "[email protected]" < > [email protected]> a écrit dans le message < > cacemia8qjthyh_aft2i1gosvb6yyc3qoftvtyhiqvzhkswg...@mail.gmail.com> : > Hi benoit, > > what error message do you see? Cause the one you've posted has nothing to > do with "Invalid DN Syntax". > > Sebastian > > 2012/1/26 Benoit Vautrin <[email protected]> > >> Hi, >> >> I've ran SVN and ant yesterday evening, re-install Openmeeting from >> scratch, but i've still exactly the same behaviours. >> >> When i try to login without enforce lower/upper case as it is in my >> ldap directory I see an Invalid DN Syntax error message in logs. >> >> Regards. >> >> Benoit >> >> >> >>> "[email protected]" <[email protected]> 25/01/2012 15:13 >> >>> >> *by downloading the nightly build* >> => Sorry but the Nightly Builds are currently pointing to the wrong >> SVN >> (and Apache Infrastructure is not set up yet) >> You will have to download the code from the SVN by yourself and compile >> it >> using ANT. >> >> Sebastian >> >> 2012/1/25 Benoit Vautrin <[email protected]> >> >> > Hi, >> > >> > I've tested your new code (by downloading the nightly build). I have >> > added the option in my ldap config file : >> > ldap_use_lower_case=yes >> > >> > When i try to login without enforce lower/upper case as it is in my >> > ldap directory see below the error : >> > >> > >> > >> >> ------------------------------------------------------------------------------------- >> > WARN 01-25 14:25:03.012 MainService.java 135125 320 >> > org.openmeetings.app.remote.MainService [NioProcessor-3] - >> loginUser: >> > d308a786fd74abf52609b39222d8f8c5 xXXXXXx >> > DEBUG 01-25 14:25:03.013 MainService.java 135126 331 >> > org.openmeetings.app.remote.MainService [NioProcessor-3] - Ldap >> Login >> > DEBUG 01-25 14:25:03.018 LdapLoginManagement.java 135131 217 >> > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-3] - >> > LdapLoginmanagement.doLdapLogin >> > DEBUG 01-25 14:25:03.019 LdapLoginManagement.java 135132 173 >> > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-3] - >> > LdapLoginmanagement.getLdapConfigData >> > DEBUG 01-25 14:25:03.019 LdapLoginManagement.java 135132 192 >> > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-3] - >> > LdapLoginmanagement.readConfig : >> > /home/openmeet/red5/webapps/openmeetings/conf/om_XXXXX_ldap.cfg >> > DEBUG 01-25 14:25:03.020 LdapLoginManagement.java 135133 113 >> > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-3] - >> > isValidAuthType >> > DEBUG 01-25 14:25:03.021 LdapLoginManagement.java 135134 348 >> > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-3] - >> > Searching userdata with LDAP Search Filter :(uid=xXXXXXx) >> > DEBUG 01-25 14:25:03.024 LdapAuthBase.java 135137 66 >> > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-3] - >> LdapAuthBase >> > DEBUG 01-25 14:25:03.024 LdapLoginManagement.java 135137 359 >> > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-3] - >> > authenticating admin... >> > DEBUG 01-25 14:25:03.025 LdapAuthBase.java 135138 83 >> > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-3] - >> > authenticateUser >> > DEBUG 01-25 14:25:03.026 LdapAuthBase.java 135139 99 >> > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-3] - >> > >> > Authentification to LDAP - Server start >> > DEBUG 01-25 14:25:03.026 LdapAuthBase.java 135139 133 >> > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-3] - >> > loginToLdapServer >> > DEBUG 01-25 14:25:03.871 LdapLoginManagement.java 135984 362 >> > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-3] - >> > Checking server type... >> > DEBUG 01-25 14:25:03.872 LdapLoginManagement.java 135985 366 >> > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-3] - >> LDAP >> > server is OpenLDAP >> > DEBUG 01-25 14:25:03.872 LdapLoginManagement.java 135985 367 >> > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-3] - >> LDAP >> > search base: OU=XXXXXX,O=XXX >> > DEBUG 01-25 14:25:04.147 LdapAuthBase.java 136260 83 >> > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-3] - >> > authenticateUser >> > DEBUG 01-25 14:25:04.147 LdapAuthBase.java 136260 99 >> > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-3] - >> > >> > Authentification to LDAP - Server start >> > DEBUG 01-25 14:25:04.147 LdapAuthBase.java 136260 133 >> > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-3] - >> > loginToLdapServer >> > ERROR 01-25 14:25:05.025 LdapAuthBase.java 137138 105 >> > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-3] - >> > >> > Authentification on LDAP Server failed : [LDAP: error code 34 - >> Invalid >> > DN Syntax] >> > ERROR 01-25 14:25:05.033 LdapAuthBase.java 137146 106 >> > org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-3] - >> > [Authentification on LDAP Server failed] >> > javax.naming.InvalidNameException: [LDAP: error code 34 - Invalid DN >> > Syntax] >> > >> > >> >> ------------------------------------------------------------------------------------------------ >> > >> > When i use the exact correct username as it is in my ldap directory >> i >> > have an Error message box : "Unknow error. Please report this to the >> > administrator". >> > In the log i can see that the ldap authentication is working >> properly. >> > I see an other error : >> > >> > >> >> ----------------------------------------------------------------------------------------------- >> > DEBUG 01-25 14:41:40.697 Usermanagement.java 1132810 988 >> > org.openmeetings.app.data.user.Usermanagement [NioProcessor-3] - >> Added >> > user-Id null >> > DEBUG 01-25 14:41:40.698 LdapLoginManagement.java 1132811 678 >> > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-3] - >> User >> > Created! >> > DEBUG 01-25 14:41:40.699 LdapLoginManagement.java 1132812 684 >> > org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-3] - >> Adding >> > user '-111' to organization '1' >> > DEBUG 01-25 14:41:40.700 Organisationmanagement.java 1132813 493 >> > org.openmeetings.app.data.user.Organisationmanagement >> [NioProcessor-3] - >> > getOrganisation_UserByUserAndOrganisation -111 1 >> > INFO 01-25 14:41:40.703 UsersDaoImpl.java 1132816 55 >> > org.openmeetings.app.data.user.dao.UsersDaoImpl [NioProcessor-3] - >> > [getUser] Info: No USER_ID given >> > ERROR 01-25 14:41:40.707 Organisationmanagement.java 1132820 485 >> > org.openmeetings.app.data.user.Organisationmanagement >> [NioProcessor-3] - >> > [addUserToOrganisation] >> > java.lang.NullPointerException: null >> > >> > >> >> ------------------------------------------------------------------------------------------------ >> > >> > Regards >> > >> > Benoit >> > >> > >>> "Benoit Vautrin" <[email protected]> 24/01/2012 14:34 >>> >> > Hi, >> > >> > I've not be able to use SVN yet. I plan to wait the nighly build and >> > test tomorrow morning ... >> > >> > I would like to explain me much better :-( >> > in my example: >> > in my ldap server, username = TotoA >> > if i use " TotoA " in the OM login window, the bind request is >> correct >> > " DN=CN=TotoA,ou=users,o=corp " >> > if i use " totoa" in the login window, the bind request is not >> correct >> > " DN=totoa " >> > >> > After your modifications this morning, the username will be always >> in >> > lowercase (this is that we want), but i guess the result will be the >> > same... a wrong ldap request without OU=, O= ? >> > I don't understand what are doing lines 377 to 382 ... Is it >> possible >> > if the IF condition(line 379) is not true the ldap request will be >> > only >> > DN=user ??? >> > >> > But ok, let me test tomorrow morning your new code and i will tell >> you >> > that i see on the network interface... >> > >> > Thank you very much, >> > >> > Benoit >> > >> > >> > >>> "[email protected]" <[email protected]> 24/01/2012 14:06 >> > >>> >> > Hi Benoit, >> > >> > sorry I don't get it now. What version of OpenMeetings are you >> > testing? >> > >> > *when i did a request without respecting uppercase/lowercase* >> > => Why should TotoA by automatically lowercased' ?! Did you checkout >> > OpenMeetings SVN version from the Apache Repository testing the new >> > feature >> > that I have commited 2 hours ago ? >> > >> > Sebastian >> > >> > 2012/1/24 Benoit Vautrin <[email protected]> >> > >> > > Hi Sebastian, >> > > >> > > So maybe the problem is somewhere else ... I did some packet >> network >> > > capture : >> > > when i did a request with the exact username (respecting >> > > uppercase/lowercase) the bind request is " >> > DN=CN=TotoA,ou=users,o=corp " >> > > (so it works and i can login) >> > > when i did a request without respecting uppercase/lowercase the >> bind >> > > request is " DN=totoa " and my ldap server answer : InvalidSyntax >> > (i'm >> > > not able to login) >> > > >> > > Maybe this is something wrong when the ldap request is build ? >> > (arround >> > > ligne 377 ???) >> > > >> > > >> > >> > >> >> http://svn.apache.org/viewvc/incubator/openmeetings/trunk/singlewebapp/src/app/org/openmeetings/app/ldap/LdapLoginManagement.java?revision=1235166&view=markup >> >> > >> > >> > > >> > > >> > > Benoit >> > > >> > > >>> "[email protected]" <[email protected]> 24/01/2012 >> 13:38 >> > > >>> >> > > So to sum up: >> > > All the option does is to convert the username to lowercase, >> > expecting >> > > your >> > > ldap server to either ignore the upper/lowercase or actually >> having >> > > the >> > > names really in lowercase in ldap. >> > > >> > > Sebastian >> > > >> > > 2012/1/24 [email protected] <[email protected]> >> > > >> > > > No I don't convert anything like that, there is no such >> > possibility >> > > I >> > > > don't get any user from LDAP. >> > > > All I do is search the LDAP Server for a user, if the >> > > ldap_use_lower_case >> > > > is true, the user that searchs the LDAP server is transformed to >> > > lowercase. >> > > > OpenMeetings itself will also use the lowercase username >> > internally >> > > for >> > > > that user if that option is set to true. >> > > > >> > > > I cannot influence the way the ldap server itself compares the >> > > strings. >> > > > Maybe there is an ignoreCase setting in the LDAP server. >> > > > However, actually OpenMeetings does no string comparisson of >> Users >> > > and >> > > > matches to results, its the other way round: The username is >> taken >> > > and an >> > > > LDAP search is started with that username. >> > > > Line 353 the ldap_search_base is defined with the specified user >> > from >> > > the >> > > > login. >> > > > >> > > > And in >> > > > >> > > >> > > >> > >> > >> >> http://svn.apache.org/viewvc/incubator/openmeetings/trunk/singlewebapp/src/app/org/openmeetings/app/ldap/LdapAuthBase.java?view=markup >> >> > >> > >> > > >> > > > Line 82 you can see how the user+pwd is send to LDAP to >> > > authentificate. >> > > > >> > > > I cannot find any "equals" method that compares LDAP user to >> > > usernames of >> > > > OpenMeetings, as there is none. >> > > > >> > > > Sebastian >> > > > >> > > > >> > > > 2012/1/24 Benoit Vautrin <[email protected]> >> > > > >> > > >> Hi Sebastian, >> > > >> >> > > >> I'm not a good developer but i try to understand your new code. >> > If >> > > the >> > > >> new param ldap_use_lower_case is added to the config file, you >> > > convert >> > > >> in lower case the value fill-in by users in the Openmeetings >> > login >> > > >> window ? am i right ? >> > > >> >> > > >> But i don't see where you convert also in lower case the answer >> > of >> > > the >> > > >> ldap request (username field only of course) ... To be sure >> both >> > > string >> > > >> will be the same. >> > > >> Maybe i've not seen it. >> > > >> >> > > >> Thank you very much for your quick answers on issues, that's >> > really >> > > >> great ! >> > > >> >> > > >> Regards. >> > > >> >> > > >> Benoit >> > > >> >> > > >> >>> "[email protected]" <[email protected]> 24/01/2012 >> > > 09:51 >> > > >> >>> >> > > >> I've resolved the issue: >> > > >> >> > > >> there is a new param ldap_use_lower_case that you can add in >> the >> > > >> config >> > > >> file. >> > > >> If the param is true, the username is converted to lowercase >> > before >> > > >> validating the username. >> > > >> This has no effect on how the password is verified. >> > > >> >> > > >> >> > > >> >> > > >> > > >> > >> > >> >> https://issues.apache.org/jira/browse/OPENMEETINGS-27?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel#issue-tabs >> >> > >> > >> > > >> > > >> >> > > >> >> > > >> Sebastian >> > > >> >> > > >> 2012/1/23 Jeff Schoby <[email protected]> >> > > >> >> > > >> > LDAP usernames, as I understand it, should be case >> > insensitive. >> > > >> > On Jan 23, 2012 3:19 PM, "Norbert Haag" >> > > <[email protected]> >> > > >> > wrote: >> > > >> > >> > > >> >> Quite frankly I think that this behavior is an not an issue >> > but >> > > a >> > > >> >> feature. Unix system have a strict distinction between caps >> > and >> > > >> non-caps >> > > >> >> for a good reason. So please don't change that "issue" but >> try >> > > to >> > > >> educate >> > > >> >> users, that ABC does not equal Abc does not equal aBc etc. >> > > >> >> >> > > >> >> Cheers >> > > >> >> >> > > >> >> -----Ursprüngliche Nachricht----- >> > > >> >> Von: BBS Technik [mailto:[email protected]] >> > > >> >> Gesendet: Montag, 23. Januar 2012 17:30 >> > > >> >> An: [email protected] >> > > >> >> Betreff: Re: Username in ldap authentication is case >> sensitive >> > > >> >> >> > > >> >> Hi, >> > > >> >> I did also run onto this problem and I would be happy when >> > this >> > > >> issue >> > > >> >> could be resolved. >> > > >> >> In the moment we have to instruct our users, but we often >> > have >> > > >> >> helpdesk-requests. >> > > >> >> >> > > >> >> Greetings >> > > >> >> Ed >> > > >> >> >> > > >> >> -------- Original-Nachricht -------- >> > > >> >> > Datum: Mon, 23 Jan 2012 10:08:19 +0100 >> > > >> >> > Von: "Benoit Vautrin" <[email protected]> >> > > >> >> > An: [email protected] >> > > >> >> > Betreff: Username in ldap authentication is case sensitive >> > > >> >> >> > > >> >> > Hi guys, >> > > >> >> > >> > > >> >> > I would like to know if some of you have already run onto >> > this >> > > >> problem : >> > > >> >> > Authentication using OpenLDAP option check the exact >> > > 'username' >> > > >> string >> > > >> >> > between ldap answer and the username field in >> authentication >> > > >> message >> > > >> >> box. So, >> > > >> >> > for example, if your ldap username attribute contains >> > "TotoA" >> > > and >> > > >> user >> > > >> >> key >> > > >> >> > in "totoa", application returns : Invalid Username. >> > > >> >> > >> > > >> >> > I think most of authentication systems are case sensitive >> > only >> > > >> for >> > > >> >> > password, not on the username. >> > > >> >> > >> > > >> >> > The code checking for ldap authentication in Openmeetings >> is >> > > there >> > > >> : >> > > >> >> > >> > > >> >> >> > > >> >> > > >> >> > > >> > > >> > >> > >> >> http://svn.apache.org/viewvc/incubator/openmeetings/trunk/singlewebapp/src/app/org/openmeetings/app/ldap/LdapLoginManagement.java >> >> > >> > >> > > >> > > >> >> > > >> >> > >> > > >> >> > Sebastian has proposed this solution : >> > > >> >> > "we could add an option "ignoreUpperLowerCase" to the ldap >> > > >> >> configuration. >> > > >> >> > Making it generally "ignore" would need verification on >> ADS, >> > > >> OpenLDAP et >> > > >> >> > cetera how they behave regarding upper/lowercase." >> > > >> >> > I've opened this ticket : >> > > >> >> > https://issues.apache.org/jira/browse/OPENMEETINGS-27 >> > > >> >> > Please vote for it if you are interested to change the way >> > > >> username is >> > > >> >> > manage. >> > > >> >> > >> > > >> >> > Have a nice day. >> > > >> >> > >> > > >> >> > Benoit >> > > >> >> > >> > > >> >> >> > > >> >> -- >> > > >> >> Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir >> > > >> >> belohnen Sie mit bis zu 50,- Euro! >> > > >> https://freundschaftswerbung.gmx.de >> > > >> >> >> > > >> >> >> > > >> >> > > >> >> > > >> -- >> > > >> Sebastian Wagner >> > > >> http://www.openmeetings.de >> > > >> http://incubator.apache.org/openmeetings/ >> > > >> http://www.webbase-design.de >> > > >> http://www.wagner-sebastian.com >> > > >> [email protected] >> > > >> >> > > > >> > > > >> > > > >> > > > -- >> > > > Sebastian Wagner >> > > > http://www.openmeetings.de >> > > > http://incubator.apache.org/openmeetings/ >> > > > http://www.webbase-design.de >> > > > http://www.wagner-sebastian.com >> > > > [email protected] >> > > > >> > > >> > > >> > > >> > > -- >> > > Sebastian Wagner >> > > http://www.openmeetings.de >> > > http://incubator.apache.org/openmeetings/ >> > > http://www.webbase-design.de >> > > http://www.wagner-sebastian.com >> > > [email protected] >> > > >> > >> > >> > >> > -- >> > Sebastian Wagner >> > http://www.openmeetings.de >> > http://incubator.apache.org/openmeetings/ >> > http://www.webbase-design.de >> > http://www.wagner-sebastian.com >> > [email protected] >> > >> >> >> >> -- >> Sebastian Wagner >> http://www.openmeetings.de >> http://incubator.apache.org/openmeetings/ >> http://www.webbase-design.de >> http://www.wagner-sebastian.com >> [email protected] >> > > > > -- > Sebastian Wagner > http://www.openmeetings.de > http://incubator.apache.org/openmeetings/ > http://www.webbase-design.de > http://www.wagner-sebastian.com > [email protected] > -- Sebastian Wagner http://www.openmeetings.de http://incubator.apache.org/openmeetings/ http://www.webbase-design.de http://www.wagner-sebastian.com [email protected] -- Sebastian Wagner http://www.openmeetings.de http://incubator.apache.org/openmeetings/ http://www.webbase-design.de http://www.wagner-sebastian.com [email protected]
