Re: [Dspace-tech] Ldap Authentification and profile
On Fri, Feb 28, 2014 at 4:02 PM, Oscar Sanchez Gomez wrote: > I don't know if the eperson have rights to access their own attributes > because the security server y administrated by other IT personnel in my > Institution. You can check that using a tool like ldapsearch. Bind with your own DN and take a look which attributes are you able to see. Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
Helix84, Thank you for your interest. I don't know if the eperson have rights to access their own attributes because the security server y administrated by other IT personnel in my Institution. I hope that the Dspace team development take this in account and revert the changes to Dspace 3.2 functionality, at least for LDAP validation. I am comfortable with Dspace 3.2 but it's important to maintain upgraded to last version. Regards, Ing. Oscar Sánchez G., MAE Profesional en TI Biblioteca José Figueres Ferrer Instituto Tecnológico de Costa Rica I Tel: 2550-2135 Fax: 2591-4820 F Apdo Postal: 159-7050 -Mensaje original- De: helix84 [mailto:heli...@centrum.sk] Enviado el: viernes, 28 de febrero de 2014 08:36 a.m. Para: Stefanie Behnke CC: dspace-tech Asunto: Re: [Dspace-tech] Ldap Authentification and profile On Fri, Feb 28, 2014 at 3:23 PM, Stefanie Behnke wrote: > -- the autoregistered eperson has none of the fields: email_field, > surname_field, givenname_field, phone_field Does the eperson have the right in LDAP to access their own attributes? Because DSpace will attempt to access them as the user (even if you set a search user who has the rights). > -- the eperson is concated from id_field and netid_email_domain even when > the field email_field exists; I would expect that Dspace uses email_field as > user for the eperson. I don't think I can help you with this right now. This requires a bit larger rework of the assumptions in the DSpace auth system. You could try to do some code changes manually. The auth modules are the most self-contained pieces of code in DSpace (i.e. you don't need to edit outside the LDAPAuthentication.java file), so it's a good place to start playing with the code. Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
On Fri, Feb 28, 2014 at 3:23 PM, Stefanie Behnke wrote: > -- the autoregistered eperson has none of the fields: email_field, > surname_field, givenname_field, phone_field Does the eperson have the right in LDAP to access their own attributes? Because DSpace will attempt to access them as the user (even if you set a search user who has the rights). > -- the eperson is concated from id_field and netid_email_domain even when > the field email_field exists; I would expect that Dspace uses email_field as > user for the eperson. I don't think I can help you with this right now. This requires a bit larger rework of the assumptions in the DSpace auth system. You could try to do some code changes manually. The auth modules are the most self-contained pieces of code in DSpace (i.e. you don't need to edit outside the LDAPAuthentication.java file), so it's a good place to start playing with the code. Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
We use DSpace 3.1 and I started with that LDAP Package, then I used the version from Dspace 4.0 and then from 1.8. Then I tried 4.0 again with the change suggested in http://dspace.2283337.n4.nabble.com/DSpace-LDAP-authentication-problem-td4665853.html#a4668861 All with the same result: -- Login is possible -- the autoregistered eperson has none of the fields: email_field, surname_field, givenname_field, phone_field -- the eperson is concated from id_field and netid_email_domain even when the field email_field exists; I would expect that Dspace uses email_field as user for the eperson. If you have any further idea I can try I would be happy. Thanking you in advance Stefanie -Ursprüngliche Nachricht- Von: ivan.ma...@gmail.com [mailto:ivan.ma...@gmail.com] Im Auftrag von helix84 Gesendet: Freitag, 28. Februar 2014 12:37 An: Stefanie Behnke Cc: dspace-tech Betreff: Re: AW: [Dspace-tech] Ldap Authentification and profile On Fri, Feb 28, 2014 at 12:33 PM, Stefanie Behnke wrote: > I have used the LDAP modules from 1.8, but that is also not working in the > way I would expect. Can you be more specific? The conversation is long and it's becoming hard to follow. Which one of the modules are you using and what would you expect that doesn't work? Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
On Fri, Feb 28, 2014 at 12:33 PM, Stefanie Behnke wrote: > I have used the LDAP modules from 1.8, but that is also not working in the > way I would expect. Can you be more specific? The conversation is long and it's becoming hard to follow. Which one of the modules are you using and what would you expect that doesn't work? Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
Hi Helix, I have used the LDAP modules from 1.8, but that is also not working in the way I would expect. Best regards Stefanie -Ursprüngliche Nachricht- Von: ivan.ma...@gmail.com [mailto:ivan.ma...@gmail.com] Im Auftrag von helix84 Gesendet: Montag, 24. Februar 2014 11:48 An: Stefanie Behnke Cc: dspace-tech Betreff: Re: AW: [Dspace-tech] Ldap Authentification and profile Hi Stefanie, as you can see, I don't have a solution for you right now, sorry about that. But if either of the LDAP modules in 1.8 worked for you, you can still use it with DSpace 3 and 4 (along with its corresponding configuration file from 1.8). The auth modules API hasn't changed since at least 1.5. IIRC, the 1.8 modules didn't support mapping LDAP users into more than one group. Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
Hi Stefanie, as you can see, I don't have a solution for you right now, sorry about that. But if either of the LDAP modules in 1.8 worked for you, you can still use it with DSpace 3 and 4 (along with its corresponding configuration file from 1.8). The auth modules API hasn't changed since at least 1.5. IIRC, the 1.8 modules didn't support mapping LDAP users into more than one group. Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Flow-based real-time traffic analytics software. Cisco certified tool. Monitor traffic, SLAs, QoS, Medianet, WAAS etc. with NetFlow Analyzer Customize your own dashboards, set traffic alerts and generate reports. Network behavioral analysis & security monitoring. All-in-one tool. http://pubads.g.doubleclick.net/gampad/clk?id=126839071&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
Dear all, I have used the java file provided by Keir. The result is: When logging in first time with ldap authentication there is -- no name seen in the profile: only a blank (--> see attached image) -- no prefilled formfields, I would expect that they are filled with the values of the Ldap server -- the username is concatenated by the value entered for netid_email_domain, if this is commented out, the username is concatenated with"null" Is that intended? Thanks and best regards Stefanie -Ursprüngliche Nachricht- Von: Keir Vaughan-Taylor [mailto:kei...@optusnet.com.au] Gesendet: Donnerstag, 20. Februar 2014 22:44 An: Stefanie Behnke Cc: heli...@centrum.sk; 'dspace-tech' Betreff: Re: AW: [Dspace-tech] Ldap Authentification and profile The screenshot doesn;t show a user role field, in which case just leave the config changes out. the code should pick up mail, given name and so on. the screenshot may have cut off the other fields On Thu, 2014-02-20 at 11:41 +0100, Stefanie Behnke wrote: > can you please tell me what I should use for especially my case as > values: > > position_field = usydPersonEntitlement > > groupMapping_field = staff:access,enrolled:access > > > > What should I use for “usydPersonEntitlement” and > “staff:access,enrolled:access” > > > > Here is my ldap configuration: > > > > > > > > > > thanking you in advance > > Stefanie > > > > > > -Ursprüngliche Nachricht- > Von: Keir Vaughan-Taylor [mailto:kei...@optusnet.com.au] > Gesendet: Donnerstag, 20. Februar 2014 00:59 > An: heli...@centrum.sk > Cc: Stefanie Behnke; dspace-tech > Betreff: Re: [Dspace-tech] Ldap Authentification and profile > > > > I've ranted in the past about the ldap Authentication code. There is > in my view conflict in anonymous access and having priviledged or root > LDAP access. Most people don't have that kind of access and it has to > be challenge response. That is make an LDAP request as a user and > supply a password and then get only the LDAP information for that > user. Sort of a privacy thing. > > > > In the current version LDAP field contents is assigned in getDNOfUser > and this is the wrong place. I don't think the code assigning attlist > variables (LDAP attributes) ever gets executed even with rootly LDAP > privileges. All the field collections should be done in the > method/routine ldapAuthenticate as was the case in older versions of > DSpace. > > > > I submitted some code to GIT but the code should be rejigged by > someone that properly knows the ins and outs of DSpace java. I have a > more recent version but it is really a a temporary thing for our site > until "DSpace" fixes this. > > > > The current working java code we are using duplicates the field > assignments in ldapAuthenticate and I didn't dare delete the > duplicated code from getDNOfUser. > > > > Attached is the java code that fixes the problem but it is not > esthetically pleasing containing duplicated code and breaks > programming guidelines. It needs a DSpace code guru to streamline it. > Hey it works! > > > > It require two lines in /dspace/config/modules/authentication-ldap.cfg > > to be added. One line defining the ldap field that contains a users > role and one line that allocates the user to a group based on what the > role is. (Helix didn't like this scheme but he will come round > eventually) > > > > e.g. > > position_field = usydPersonEntitlement > > groupMapping_field = staff:access,enrolled:access > > > > > > > > On Wed, 2014-02-19 at 15:38 +0100, helix84 wrote: > > > On Wed, Feb 19, 2014 at 3:22 PM, Stefanie Behnke > wrote: > > > > It does work so far, although I am not really happy. > > > > > > OK, now I'm a bit lost. Can you tell me again what your problem was > > > before you set email_field = uid and what your problem is now? > > > > > > You're testing in JSPUI, right? Can you also always try the same > thing > > > in XMLUI? It should be the same, I just want to confirm it. > > > > > > > Any chance to get the fields surname_field =sn, givenname_field > =givenName, phone_field =telephoneNumber and mail? > > > > > > I've seen a situation where there was a null appended to the value > of > > > these fields but I'm not sure I've heard of a situation where they > > > would be empty (it certainly works for me). If you bind with LDAP
Re: [Dspace-tech] Ldap Authentification and profile
The screenshot doesn;t show a user role field, in which case just leave the config changes out. the code should pick up mail, given name and so on. the screenshot may have cut off the other fields On Thu, 2014-02-20 at 11:41 +0100, Stefanie Behnke wrote: > can you please tell me what I should use for especially my case as > values: > > position_field = usydPersonEntitlement > > groupMapping_field = staff:access,enrolled:access > > > > What should I use for “usydPersonEntitlement” and > “staff:access,enrolled:access” > > > > Here is my ldap configuration: > > > > > > > > > > thanking you in advance > > Stefanie > > > > > > -Ursprüngliche Nachricht- > Von: Keir Vaughan-Taylor [mailto:kei...@optusnet.com.au] > Gesendet: Donnerstag, 20. Februar 2014 00:59 > An: heli...@centrum.sk > Cc: Stefanie Behnke; dspace-tech > Betreff: Re: [Dspace-tech] Ldap Authentification and profile > > > > I've ranted in the past about the ldap Authentication code. There is > in my view conflict in anonymous access and having priviledged or root > LDAP access. Most people don't have that kind of access and it has to > be challenge response. That is make an LDAP request as a user and > supply a password and then get only the LDAP information for that > user. Sort of a privacy thing. > > > > In the current version LDAP field contents is assigned in getDNOfUser > and this is the wrong place. I don't think the code assigning attlist > variables (LDAP attributes) ever gets executed even with rootly LDAP > privileges. All the field collections should be done in the > method/routine ldapAuthenticate as was the case in older versions of > DSpace. > > > > I submitted some code to GIT but the code should be rejigged by > someone that properly knows the ins and outs of DSpace java. I have a > more recent version but it is really a a temporary thing for our site > until "DSpace" fixes this. > > > > The current working java code we are using duplicates the field > assignments in ldapAuthenticate and I didn't dare delete the > duplicated code from getDNOfUser. > > > > Attached is the java code that fixes the problem but it is not > esthetically pleasing containing duplicated code and breaks > programming guidelines. It needs a DSpace code guru to streamline it. > Hey it works! > > > > It require two lines in /dspace/config/modules/authentication-ldap.cfg > > to be added. One line defining the ldap field that contains a users > role and one line that allocates the user to a group based on what the > role is. (Helix didn't like this scheme but he will come round > eventually) > > > > e.g. > > position_field = usydPersonEntitlement > > groupMapping_field = staff:access,enrolled:access > > > > > > > > On Wed, 2014-02-19 at 15:38 +0100, helix84 wrote: > > > On Wed, Feb 19, 2014 at 3:22 PM, Stefanie Behnke > wrote: > > > > It does work so far, although I am not really happy. > > > > > > OK, now I'm a bit lost. Can you tell me again what your problem was > > > before you set email_field = uid and what your problem is now? > > > > > > You're testing in JSPUI, right? Can you also always try the same > thing > > > in XMLUI? It should be the same, I just want to confirm it. > > > > > > > Any chance to get the fields surname_field =sn, givenname_field > =givenName, phone_field =telephoneNumber and mail? > > > > > > I've seen a situation where there was a null appended to the value > of > > > these fields but I'm not sure I've heard of a situation where they > > > would be empty (it certainly works for me). If you bind with LDAP > with > > > the same user you're trying to log in to DSpace with, does that > user > > > see these attributes? My thinking here is that this might be a > problem > > > with your LDAP setup, not in DSpace. If this is the case, it might > be > > > worked around using the initial bind (with a user who has access to > > > these attributes). > > > > > > > > > Regards, > > > ~~helix84 > > > > > > Compulsory reading: DSpace Mailing List Etiquette > > > https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette > > > > > > > -- > > > Managing the Performance of Cloud-Based App
Re: [Dspace-tech] Ldap Authentification and profile
On Thu, Feb 20, 2014 at 11:41 AM, Stefanie Behnke wrote: > can you please tell me what I should use for especially my case as values: > > position_field = usydPersonEntitlement > > groupMapping_field = staff:access,enrolled:access I don't think you need to use these config options at all. I see nothing in your LDAP record that could be used to tell group membership (well, there's gid, but that's your primary group which essentially doesn't tell us more than your username). This is optional. It's only for when you want to put your user into a DSpace group based on information stored in LDAP. I didn't look at Keir's code but it's probably safe to leave it commented out (it definitely is safe with the groupmap option in the DSpace code). Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
On Thu, Feb 20, 2014 at 12:58 AM, Keir Vaughan-Taylor wrote: > It require two lines in /dspace/config/modules/authentication-ldap.cfg > to be added. One line defining the ldap field that contains a users role > and one line that allocates the user to a group based on what the role > is. (Helix didn't like this scheme but he will come round eventually) > > e.g. > position_field = usydPersonEntitlement > groupMapping_field = staff:access,enrolled:access Umm, I only wanted to reply to this one part right now. We already have mapping of groups specified by a LDAP attribute to DSpace groups since DSpace 4: https://github.com/DSpace/DSpace/blob/dspace-4_x/dspace/config/modules/authentication-ldap.cfg#L158 Sorry, it's late here now and I might be missing something, so correct me if your approach does something different. Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
I've ranted in the past about the ldap Authentication code. There is in my view conflict in anonymous access and having priviledged or root LDAP access. Most people don't have that kind of access and it has to be challenge response. That is make an LDAP request as a user and supply a password and then get only the LDAP information for that user. Sort of a privacy thing. In the current version LDAP field contents is assigned in getDNOfUser and this is the wrong place. I don't think the code assigning attlist variables (LDAP attributes) ever gets executed even with rootly LDAP privileges. All the field collections should be done in the method/routine ldapAuthenticate as was the case in older versions of DSpace. I submitted some code to GIT but the code should be rejigged by someone that properly knows the ins and outs of DSpace java. I have a more recent version but it is really a a temporary thing for our site until "DSpace" fixes this. The current working java code we are using duplicates the field assignments in ldapAuthenticate and I didn't dare delete the duplicated code from getDNOfUser. Attached is the java code that fixes the problem but it is not esthetically pleasing containing duplicated code and breaks programming guidelines. It needs a DSpace code guru to streamline it. Hey it works! It require two lines in /dspace/config/modules/authentication-ldap.cfg to be added. One line defining the ldap field that contains a users role and one line that allocates the user to a group based on what the role is. (Helix didn't like this scheme but he will come round eventually) e.g. position_field = usydPersonEntitlement groupMapping_field = staff:access,enrolled:access On Wed, 2014-02-19 at 15:38 +0100, helix84 wrote: > On Wed, Feb 19, 2014 at 3:22 PM, Stefanie Behnke wrote: > > It does work so far, although I am not really happy. > > OK, now I'm a bit lost. Can you tell me again what your problem was > before you set email_field = uid and what your problem is now? > > You're testing in JSPUI, right? Can you also always try the same thing > in XMLUI? It should be the same, I just want to confirm it. > > > Any chance to get the fields surname_field =sn, givenname_field =givenName, > > phone_field =telephoneNumber and mail? > > I've seen a situation where there was a null appended to the value of > these fields but I'm not sure I've heard of a situation where they > would be empty (it certainly works for me). If you bind with LDAP with > the same user you're trying to log in to DSpace with, does that user > see these attributes? My thinking here is that this might be a problem > with your LDAP setup, not in DSpace. If this is the case, it might be > worked around using the initial bind (with a user who has access to > these attributes). > > > Regards, > ~~helix84 > > Compulsory reading: DSpace Mailing List Etiquette > https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette > > -- > Managing the Performance of Cloud-Based Applications > Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. > Read the Whitepaper. > http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk > ___ > DSpace-tech mailing list > DSpace-tech@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/dspace-tech > List Etiquette: > https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette /** * The contents of this file are subject to the license and copyright * detailed in the LICENSE and NOTICE files at the root of the source * tree and available online at * * http://www.dspace.org/license/ */ package org.dspace.authenticate; import java.sql.SQLException; import java.util.Hashtable; import java.util.HashSet; import java.util.Set; import javax.naming.NamingEnumeration; import javax.naming.NamingException; import javax.naming.directory.*; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringUtils; import org.apache.log4j.Logger; import org.dspace.authorize.AuthorizeException; import org.dspace.core.ConfigurationManager; import org.dspace.core.Context; import org.dspace.core.LogManager; import org.dspace.eperson.EPerson; import org.dspace.eperson.Group; /** * This combined LDAP authentication method supersedes both the 'LDAPAuthentication' * and the 'LDAPHierarchicalAuthentication' methods. It's capable of both: * - authenticaton against a flat LDAP tree where all users are in the same unit * (if search.user or search.password is not set) * - authentication against structured hierarchical LDAP trees of users. * An initial bind is required using a user name and password in order to * search the tree and find the DN of the user. A second bind is then required to * check the credentials of the user by binding directly to their DN. *
Re: [Dspace-tech] Ldap Authentification and profile
The difference between AD and other LDAP servers is that AD uses an email address format for username, while others usually don't. In DSpace, this is configured using netid_email_domain (e.g. @netid_email_domain = example.com) which is then appended to netid (so in this case email is not taken from an LDAP attribute) to form the email address that DSpace uses as username. It's quite difficult to test all the possible configurations. You fix one thing, some other configuration breaks... and if you can't test that configuration, it's a problem. Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
Hi All, I am using Windows Active Directory to validate user in Dspace versions 1.8, 3.1 and 3.2 and it works fine. I use a special bind user account to validate users in AD. When user is new it create, Dspace creates the account using the email so the user can receive alerts and notifications. I proof this in Dspace 4.0 and the results are different, if user is new the account in Dspace is created with the uid instead of email and the email was lost, so the user cannot receive alerts and notifications. The authenticate-ldap.conf file is the same for all installations. Is this a change direction in Dspace 4.0 to validate users using LDAP? I appreciate your help to solve this problem in Dspace 4.0 Cheers, Ing. Oscar Sánchez G., MAE Profesional en TI Biblioteca José Figueres Ferrer Instituto Tecnológico de Costa Rica I Tel: 2550-2135 Fax: 2591-4820 F Apdo Postal: 159-7050 -Mensaje original- De: helix84 [mailto:heli...@centrum.sk] Enviado el: miércoles, 19 de febrero de 2014 08:38 a.m. Para: Stefanie Behnke CC: dspace-tech Asunto: Re: [Dspace-tech] Ldap Authentification and profile On Wed, Feb 19, 2014 at 3:22 PM, Stefanie Behnke wrote: > It does work so far, although I am not really happy. OK, now I'm a bit lost. Can you tell me again what your problem was before you set email_field = uid and what your problem is now? You're testing in JSPUI, right? Can you also always try the same thing in XMLUI? It should be the same, I just want to confirm it. > Any chance to get the fields surname_field =sn, givenname_field =givenName, > phone_field =telephoneNumber and mail? I've seen a situation where there was a null appended to the value of these fields but I'm not sure I've heard of a situation where they would be empty (it certainly works for me). If you bind with LDAP with the same user you're trying to log in to DSpace with, does that user see these attributes? My thinking here is that this might be a problem with your LDAP setup, not in DSpace. If this is the case, it might be worked around using the initial bind (with a user who has access to these attributes). Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
On Wed, Feb 19, 2014 at 3:22 PM, Stefanie Behnke wrote: > It does work so far, although I am not really happy. OK, now I'm a bit lost. Can you tell me again what your problem was before you set email_field = uid and what your problem is now? You're testing in JSPUI, right? Can you also always try the same thing in XMLUI? It should be the same, I just want to confirm it. > Any chance to get the fields surname_field =sn, givenname_field =givenName, > phone_field =telephoneNumber and mail? I've seen a situation where there was a null appended to the value of these fields but I'm not sure I've heard of a situation where they would be empty (it certainly works for me). If you bind with LDAP with the same user you're trying to log in to DSpace with, does that user see these attributes? My thinking here is that this might be a problem with your LDAP setup, not in DSpace. If this is the case, it might be worked around using the initial bind (with a user who has access to these attributes). Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
Hi helix84, first thanks for your effort, I really appreciate it. It does work so far, although I am not really happy. Any chance to get the fields surname_field =sn, givenname_field =givenName, phone_field =telephoneNumber and mail? Thanks again Stefanie -Ursprüngliche Nachricht- Von: ivan.ma...@gmail.com [mailto:ivan.ma...@gmail.com] Im Auftrag von helix84 Gesendet: Mittwoch, 19. Februar 2014 13:41 An: Stefanie Behnke Cc: Seun Ojedeji; dspace-tech Betreff: Re: [Dspace-tech] Ldap Authentification and profile Hi Stefanie, I tried reproducing the problem with nulls but couldn't, neither with flat nor hierarchical LDAP. The only thing that I see potentially wrong with your config is that you set email_field = mail, while it needs to be email_field = uid. This is an unfortunate assumption of the DSpace authn system (login=email) that doesn't sit well with LDAP, but fixing it would be quite an extensive change, so try this workaround for now. The consequence is that your LDAP users won't have a valid email address in DSpace, so subscriptions won't work for them. Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
Hi Stefanie, I tried reproducing the problem with nulls but couldn't, neither with flat nor hierarchical LDAP. The only thing that I see potentially wrong with your config is that you set email_field = mail, while it needs to be email_field = uid. This is an unfortunate assumption of the DSpace authn system (login=email) that doesn't sit well with LDAP, but fixing it would be quite an extensive change, so try this workaround for now. The consequence is that your LDAP users won't have a valid email address in DSpace, so subscriptions won't work for them. Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
Hello, I also tried other settings with search level and user, the same result. I can confirm that the user is from ldap. Best regards Stefanie -Ursprüngliche Nachricht- Von: Seun Ojedeji [mailto:seun.ojed...@gmail.com] Gesendet: Mittwoch, 19. Februar 2014 09:45 An: Stefanie Behnke Cc: heli...@centrum.sk; dspace-tech Betreff: Re: [Dspace-tech] Ldap Authentification and profile Hello, I am wodering how you were able to connect with ldap with the current setting in your ldap config file (search level no defined and the DN for the search user is commented out) Kindly confirm the user you are using is indeed from ldap. Cheers! On 2/18/14, Stefanie Behnke wrote: > Dear helix84, > > > > I have now copied the file from > > https://raw2.github.com/DSpace/DSpace/dspace-4_x/dspace-api/src/main/j > ava/org/dspace/authenticate/LDAPAuthentication.java > > into > > /usr/src/dspace-3.1-src-release/dspace-api/src/main/java/org/dspace/au > thenticate > > > > Then I rebuilt Maven: > > cd /usr/src/dspace-3.1-src-release/dspace/ > > mvn package > > > > updated ant: > > cd /usr/src/dspace-3.1-src-release/dspace/target/dspace-3.1-build > > ant update > > > > and restarted Tomcat. > > > > Logging in results in: > > > > where the data from the ldap server are not used. > > > > Here is the ldap view: > > > > > > > > and I have attached the "authentication-ldap.cfg". > > > > What am I doing wrong? Where is the problem? > > > > Your help is very appreciated. > > > > Best regards > > Stefanie > > > > > > > > -Ursprüngliche Nachricht- > Von: ivan.ma...@gmail.com [mailto:ivan.ma...@gmail.com] Im Auftrag von > helix84 > Gesendet: Montag, 10. Februar 2014 10:57 > An: Stefanie Behnke > Cc: dspace-tech > Betreff: Re: [Dspace-tech] Ldap Authentification and profile > > > > Hi Stefanie, > > > > you can now just copy the file from here to your dspace-src: > > > > <https://raw2.github.com/DSpace/DSpace/dspace-4_x/dspace-api/src/main/ > java/org/dspace/authenticate/LDAPAuthentication.java> > https://raw2.github.com/DSpace/DSpace/dspace-4_x/dspace-api/src/main/j > ava/org/dspace/authenticate/LDAPAuthentication.java > > > > Then rebuild and redeploy DSpace as usual (follow the docs if you're > in doubt). > > > > > > Regards, > > ~~helix84 > > > > Compulsory reading: DSpace Mailing List Etiquette > <https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette> > https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette > > -- *Seun Ojedeji, Federal University Oye-Ekiti web: http://www.fuoye.edu.ng Mobile: +2348035233535 **alt email: <http://goog_1872880453>seun.ojed...@fuoye.edu.ng* -- Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
Hello, I am wodering how you were able to connect with ldap with the current setting in your ldap config file (search level no defined and the DN for the search user is commented out) Kindly confirm the user you are using is indeed from ldap. Cheers! On 2/18/14, Stefanie Behnke wrote: > Dear helix84, > > > > I have now copied the file from > > https://raw2.github.com/DSpace/DSpace/dspace-4_x/dspace-api/src/main/java/org/dspace/authenticate/LDAPAuthentication.java > > into > > /usr/src/dspace-3.1-src-release/dspace-api/src/main/java/org/dspace/authenticate > > > > Then I rebuilt Maven: > > cd /usr/src/dspace-3.1-src-release/dspace/ > > mvn package > > > > updated ant: > > cd /usr/src/dspace-3.1-src-release/dspace/target/dspace-3.1-build > > ant update > > > > and restarted Tomcat. > > > > Logging in results in: > > > > where the data from the ldap server are not used. > > > > Here is the ldap view: > > > > > > > > and I have attached the "authentication-ldap.cfg". > > > > What am I doing wrong? Where is the problem? > > > > Your help is very appreciated. > > > > Best regards > > Stefanie > > > > > > > > -Ursprüngliche Nachricht- > Von: ivan.ma...@gmail.com [mailto:ivan.ma...@gmail.com] Im Auftrag von > helix84 > Gesendet: Montag, 10. Februar 2014 10:57 > An: Stefanie Behnke > Cc: dspace-tech > Betreff: Re: [Dspace-tech] Ldap Authentification and profile > > > > Hi Stefanie, > > > > you can now just copy the file from here to your dspace-src: > > > > <https://raw2.github.com/DSpace/DSpace/dspace-4_x/dspace-api/src/main/java/org/dspace/authenticate/LDAPAuthentication.java> > https://raw2.github.com/DSpace/DSpace/dspace-4_x/dspace-api/src/main/java/org/dspace/authenticate/LDAPAuthentication.java > > > > Then rebuild and redeploy DSpace as usual (follow the docs if you're in > doubt). > > > > > > Regards, > > ~~helix84 > > > > Compulsory reading: DSpace Mailing List Etiquette > <https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette> > https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette > > -- *Seun Ojedeji, Federal University Oye-Ekiti web: http://www.fuoye.edu.ng Mobile: +2348035233535 **alt email: <http://goog_1872880453>seun.ojed...@fuoye.edu.ng* -- Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
Hi I have the same problem, amongst others, for DSpace 3.2 on Ubuntu 12.04. See: http://wiki.lib.sun.ac.za/index.php/SUNScholar/Upgrading/DSpace/Release_Notes/3.2 Cheers hg *Hilton Gibson* Ubuntu Linux Systems Administrator JS Gericke Library Room 1025D Stellenbosch University Private Bag X5036 Stellenbosch 7599 South Africa Tel: +27 21 808 4100 | Cell: +27 84 646 4758 http://scholar.sun.ac.za http://bit.ly/goodir http://library.sun.ac.za http://za.linkedin.com/in/hiltongibson On 18 February 2014 18:30, Stefanie Behnke wrote: > Dear helix84, > > > > I have now copied the file from > > > https://raw2.github.com/DSpace/DSpace/dspace-4_x/dspace-api/src/main/java/org/dspace/authenticate/LDAPAuthentication.java > > into > > > /usr/src/dspace-3.1-src-release/dspace-api/src/main/java/org/dspace/authenticate > > > > Then I rebuilt Maven: > > cd /usr/src/dspace-3.1-src-release/dspace/ > > mvn package > > > > updated ant: > > cd /usr/src/dspace-3.1-src-release/dspace/target/dspace-3.1-build > > ant update > > > > and restarted Tomcat. > > > > Logging in results in: > > where the data from the ldap server are not used. > > > > Here is the ldap view: > > > > > > and I have attached the “authentication-ldap.cfg”. > > > > What am I doing wrong? Where is the problem? > > > > Your help is very appreciated. > > > > Best regards > > Stefanie > > > > > > > > -----Ursprüngliche Nachricht- > Von: ivan.ma...@gmail.com [mailto:ivan.ma...@gmail.com] Im Auftrag von > helix84 > Gesendet: Montag, 10. Februar 2014 10:57 > An: Stefanie Behnke > Cc: dspace-tech > Betreff: Re: [Dspace-tech] Ldap Authentification and profile > > > > Hi Stefanie, > > > > you can now just copy the file from here to your dspace-src: > > > > > https://raw2.github.com/DSpace/DSpace/dspace-4_x/dspace-api/src/main/java/org/dspace/authenticate/LDAPAuthentication.java > > > > Then rebuild and redeploy DSpace as usual (follow the docs if you're in > doubt). > > > > > > Regards, > > ~~helix84 > > > > Compulsory reading: DSpace Mailing List Etiquette > https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette > > > -- > Managing the Performance of Cloud-Based Applications > Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. > Read the Whitepaper. > > http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk > ___ > DSpace-tech mailing list > DSpace-tech@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/dspace-tech > List Etiquette: > https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette > <><>-- Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121054471&iu=/4140/ostg.clktrk___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
Hi Stefanie, you can now just copy the file from here to your dspace-src: https://raw2.github.com/DSpace/DSpace/dspace-4_x/dspace-api/src/main/java/org/dspace/authenticate/LDAPAuthentication.java Then rebuild and redeploy DSpace as usual (follow the docs if you're in doubt). Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
Dear Helix, thanks for your answer. I can change the file dspace-api/src/main/java/org/dspace/authenticate/LDAPAuthentication.java but what are the steps I should do then? Thanking you in advance Stefanie -Ursprüngliche Nachricht- Von: ivan.ma...@gmail.com [mailto:ivan.ma...@gmail.com] Im Auftrag von helix84 Gesendet: Dienstag, 26. November 2013 17:02 An: Stefanie Behnke Cc: dspace-tech Betreff: Re: [Dspace-tech] Ldap Authentification and profile Hi Stefanie, yes, I submitted the fix in this Pull request: https://github.com/DSpace/DSpace/pull/366/files It is meant to be merged for DSpace 4.0, but it seems nobody else reviewed it yet. If you want to to try it, it would help if you can report back that it worked, either in GitHub or in Jira: https://jira.duraspace.org/browse/DS-1739 Let me know if you don't know how to apply the patch. Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
Hi Stefanie, yes, I submitted the fix in this Pull request: https://github.com/DSpace/DSpace/pull/366/files It is meant to be merged for DSpace 4.0, but it seems nobody else reviewed it yet. If you want to to try it, it would help if you can report back that it worked, either in GitHub or in Jira: https://jira.duraspace.org/browse/DS-1739 Let me know if you don't know how to apply the patch. Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
Hi helix84, is there any progress concerning this question? Perhaps I miss something? Thank you Stefanie -Ursprüngliche Nachricht- Von: ivan.ma...@gmail.com [mailto:ivan.ma...@gmail.com] Im Auftrag von helix84 Gesendet: Dienstag, 22. Oktober 2013 12:36 An: Stefanie Behnke Cc: dspace-tech Betreff: Re: [Dspace-tech] Ldap Authentification and profile Hi Stefanie, I'm sorry about that, it's a known bug. I'll try to make a fix later this week. For now, you can use the LDAPAuthentication or LDAPHierarchicalAuthentication class from DSpace 1.8 (along with authentication-ldap.cfg from 1.8). Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
Re: [Dspace-tech] Ldap Authentification and profile
Hi Stefanie, I'm sorry about that, it's a known bug. I'll try to make a fix later this week. For now, you can use the LDAPAuthentication or LDAPHierarchicalAuthentication class from DSpace 1.8 (along with authentication-ldap.cfg from 1.8). Regards, ~~helix84 Compulsory reading: DSpace Mailing List Etiquette https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette -- October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60135991&iu=/4140/ostg.clktrk ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
