Hi , SECURITY.XML attached . This is the version that authenticates against LDAp but retrieves userrights from rollerdb I have put 2 small comments in :
http://www.nabble.com/file/4477/security.xml security.xml -Thomas zeldamo wrote: > > Could you attach your security.xml file to help me? > Thanks > Eric > > ---- > HI, > > after finally getting my installation to work and having looked at those > lofile messages for quite a while .... > > Using the Acegi LDAP implementation the tasks to get user access is split > into two parts. > > -Authentication - thus identifying the user by username/password > credentials -Autorisation - retrieving the users rights > > it looks like your configuration does not have an Autorisation bean set up > in the Acegi LDAP section. > > It really depends if your user roles are held in the LDAP or in rollerdb > to tell how the configuration should look like. > > -Thomas > > > zeldamo wrote: >> >> >> Hi all, >> I was trying to connect my roller 3.0 to LDAP. >> I've all set up correctly (i think), and there is something strange in >> the logs : >> >> DEBUG 2006-12-04 17:35:32,288 AbstractProcessingFilter:doFilter - >> Request is to process authentication DEBUG 2006-12-04 17:35:32,290 >> ProviderManager:doAuthentication - Authentication attempt using >> org.acegisecurity.providers.ldap.LdapAuthenticationProvider >> DEBUG 2006-12-04 17:35:32,299 EhCacheBasedUserCache:getUserFromCache - >> Cache hit: false; username: ebardoux DEBUG 2006-12-04 17:35:32,301 >> LdapAuthenticationProvider:retrieveUser - Retrieving user ebardoux >> DEBUG >> 2006-12-04 17:35:32,304 DefaultInitialDirContextFactory:connect - >> Creating InitialDirContext with environment >> {java.naming.provider.url=ldap://ldap.pasteur.aventis.com:389/DC=paste >> ur >> ,DC=aventis,DC=com, >> java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, >> java.naming.security.principal=FRMS-WEBPLATFORM, >> com.sun.jndi.ldap.connect.pool=true, >> java.naming.security.authentication=simple, >> java.naming.security.credentials=******, java.naming.referral=follow} >> DEBUG 2006-12-04 17:35:32,476 ProviderManager:doAuthentication - >> Authentication attempt using >> org.acegisecurity.providers.dao.DaoAuthenticationProvider >> >> >> As you can see, Roller tries first to authenticate through LDAP, but >> there is no information about what came back from ldap, and it goes on >> dao authentification (which will fail because i don't use the right >> password...) >> >> Any idea? >> >> Eric >> ---------------------------------------------------------------------- >> --------------------- "Cette communication (y compris les pieces >> jointes) est reservee a l'usage exclusif du destinataire (des >> destinataires) et peut contenir des informations privilegiees, >> confidentielles, exemptees de divulgation selon la loi ou protegees >> par les droits d'auteur. Si vous n'etes pas un destinataire, toute >> utilisation, divulgation, distribution, reproduction, examen ou copie >> (totale ou partielle) est non-autorisee et peut etre illegale. Tout >> message electronique est susceptible d'alteration et son integrite ne >> peut etre assuree. Sanofi Pasteur decline toute responsabilite au >> titre de ce message s'il a ete modifie ou falsifie. Si vous n'etes pas >> destinataire de ce message, merci de le detruire immediatement et >> d'avertir l'expediteur de l'erreur de distribution et de la >> destruction du message. Merci. >> This transmission (including any attachments) is intended solely for >> the use of the addressee(s) and may contain confidential information >> including trade secrets which are privileged, confidential, exempt >> from disclosure under applicable law and/or subject to copyright. If >> you are not an intended recipient, any use, disclosure, distribution, >> reproduction, review or copying (either whole or partial) is >> unauthorized and may be unlawful. E-mails are susceptible to >> alteration and their integrity cannot be guaranteed.Sanofi Pasteur >> shall not be liable for this e-mail if modified or falsified. If you >> are not the intended recipient of this e-mail, please delete it >> immediately from your system and notify the sender of the wrong delivery >> and the mail deletion. Thank you." >> ********************************************************************** >> >> >> > > -- > View this message in context: > http://www.nabble.com/TR%3A-Problem-with-LDAP-tf2761760s12275.html#a7716217 > Sent from the Roller - Dev mailing list archive at Nabble.com. > > ------------------------------------------------------------------------------------------- > "Cette communication (y compris les pieces jointes) est reservee a l'usage > exclusif du destinataire (des destinataires) et peut contenir des > informations privilegiees, confidentielles, exemptees de divulgation selon > la loi ou protegees par les droits d'auteur. Si vous n'etes pas un > destinataire, toute utilisation, divulgation, distribution, reproduction, > examen ou copie (totale ou partielle) est non-autorisee et peut etre > illegale. Tout message electronique est susceptible d'alteration et son > integrite ne peut etre assuree. Sanofi Pasteur decline toute > responsabilite au titre de ce message s'il a ete modifie ou falsifie. Si > vous n'etes pas destinataire de ce message, merci de le detruire > immediatement et d'avertir l'expediteur de l'erreur de distribution et de > la destruction du message. Merci. > This transmission (including any attachments) is intended solely for the > use of the addressee(s) and may contain confidential information including > trade secrets which are privileged, confidential, exempt from disclosure > under applicable law and/or subject to copyright. If you are not an > intended recipient, any use, disclosure, distribution, reproduction, > review or copying (either whole or partial) is unauthorized and may be > unlawful. E-mails are susceptible to alteration and their integrity cannot > be guaranteed.Sanofi Pasteur shall not be liable for this e-mail if > modified or falsified. If you are not the intended recipient of this > e-mail, please delete it immediately from your system and notify the > sender of the wrong delivery and the mail deletion. Thank you." > ********************************************************************** > > > -- View this message in context: http://www.nabble.com/TR%3A-Problem-with-LDAP-tf2761760s12275.html#a7717509 Sent from the Roller - Dev mailing list archive at Nabble.com.
