Re: [xwiki-users] ldap + xwiki.authentication.ldap.user_group
Fixed now. It was a wrong log in fact: if (LOG.isDebugEnabled()) { LOG.debug("LDAP authentication succeed with principal [" + principal.getName() + "]"); } was executed even when the auth failed meaning that the principal was null in this case. On Wed, Dec 17, 2008 at 2:58 PM, Bartłomiej Radziszewski wrote: > Thomas Mortagne wrote: >> Hi, >> >> 2008/12/17 Bartłomiej Radziszewski : >> >>> hello, >>> >>> >>> I want to add access to xwiki only for users from special posixGroup in >>> ldap. So I have added option: >>> >>> >>> #-# only members of the following group will be verified in the LDAP >>> #-# otherwise only users that are found after searching starting from >>> the base_DN >>> xwiki.authentication.ldap.user_group=cn=xwiki,ou=services,dc=xxx,dc=com >>> >>> >>> >>> all works fine but in logs i get exeption when i dont have some user in >>> this group: >>> >>> com.xpn.xwiki.XWikiException: Error number 8001 in 8: LDAP user usertest >>> does not belong to LDAP group cn=xwiki,ou=services,dc=xxx,dc=com. >>>at >>> com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticateInContext(XWikiLDAPAuthServiceImpl.java:328) >>>at >>> com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:198) >>>at >>> com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:149) >>>at >>> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:239) >>>at >>> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:165) >>>at >>> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:148) >>>at >>> com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:203) >>>at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3578) >>>at >>> com.xpn.xwiki.user.impl.xwiki.XWikiRightServiceImpl.checkAccess(XWikiRightServiceImpl.java:139) >>>at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3586) >>>at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4572) >>>at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:190) >>>at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:115) >>>at >>> org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431) >>>at >>> org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236) >>>at >>> org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196) >>>at >>> org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432) >>>at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) >>>at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) >>> java.lang.NullPointerException >>>at >>> com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:157) >>>at >>> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:239) >>>at >>> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:165) >>>at >>> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:148) >>>at >>> com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:203) >>>at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3578) >>>at >>> com.xpn.xwiki.user.impl.xwiki.XWikiRightServiceImpl.checkAccess(XWikiRightServiceImpl.java:139) >>>at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3586) >>>at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4572) >>>at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:190) >>>at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:115) >>>at >>> org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431) >>>at >>> org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236) >>>at >>> org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196) >>>at >>> org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432) >>>at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) >>>at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) >>>at >>> org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:502) >>>at >>> org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1124) >>>at com.xpn.xwiki.plugin.webdav.DavFilter.doFilter(DavFilter.java:68) >>>at >>> org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1115) >>>at >>> com.xpn.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:96) >>>at >>> org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java
Re: [xwiki-users] ldap + xwiki.authentication.ldap.user_group
Thomas Mortagne wrote: > Hi, > > 2008/12/17 Bartłomiej Radziszewski : > >> hello, >> >> >> I want to add access to xwiki only for users from special posixGroup in >> ldap. So I have added option: >> >> >> #-# only members of the following group will be verified in the LDAP >> #-# otherwise only users that are found after searching starting from >> the base_DN >> xwiki.authentication.ldap.user_group=cn=xwiki,ou=services,dc=xxx,dc=com >> >> >> >> all works fine but in logs i get exeption when i dont have some user in >> this group: >> >> com.xpn.xwiki.XWikiException: Error number 8001 in 8: LDAP user usertest >> does not belong to LDAP group cn=xwiki,ou=services,dc=xxx,dc=com. >>at >> com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticateInContext(XWikiLDAPAuthServiceImpl.java:328) >>at >> com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:198) >>at >> com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:149) >>at >> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:239) >>at >> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:165) >>at >> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:148) >>at >> com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:203) >>at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3578) >>at >> com.xpn.xwiki.user.impl.xwiki.XWikiRightServiceImpl.checkAccess(XWikiRightServiceImpl.java:139) >>at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3586) >>at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4572) >>at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:190) >>at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:115) >>at >> org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431) >>at >> org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236) >>at >> org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196) >>at >> org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432) >>at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) >>at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) >> java.lang.NullPointerException >>at >> com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:157) >>at >> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:239) >>at >> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:165) >>at >> com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:148) >>at >> com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:203) >>at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3578) >>at >> com.xpn.xwiki.user.impl.xwiki.XWikiRightServiceImpl.checkAccess(XWikiRightServiceImpl.java:139) >>at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3586) >>at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4572) >>at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:190) >>at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:115) >>at >> org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431) >>at >> org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236) >>at >> org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196) >>at >> org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432) >>at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) >>at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) >>at >> org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:502) >>at >> org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1124) >>at com.xpn.xwiki.plugin.webdav.DavFilter.doFilter(DavFilter.java:68) >>at >> org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1115) >>at >> com.xpn.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:96) >>at >> org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1115) >>at >> com.xpn.xwiki.web.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:287) >>at >> org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1115) >>at >> com.xpn.xwiki.web.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:112) >>at >> org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(Servl
Re: [xwiki-users] ldap + xwiki.authentication.ldap.user_group
Hi, 2008/12/17 Bartłomiej Radziszewski : > hello, > > > I want to add access to xwiki only for users from special posixGroup in > ldap. So I have added option: > > > #-# only members of the following group will be verified in the LDAP > #-# otherwise only users that are found after searching starting from > the base_DN > xwiki.authentication.ldap.user_group=cn=xwiki,ou=services,dc=xxx,dc=com > > > > all works fine but in logs i get exeption when i dont have some user in > this group: > > com.xpn.xwiki.XWikiException: Error number 8001 in 8: LDAP user usertest > does not belong to LDAP group cn=xwiki,ou=services,dc=xxx,dc=com. >at > com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticateInContext(XWikiLDAPAuthServiceImpl.java:328) >at > com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWikiLDAPAuthServiceImpl.java:198) >at > com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:149) >at > com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:239) >at > com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:165) >at > com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:148) >at > com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:203) >at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3578) >at > com.xpn.xwiki.user.impl.xwiki.XWikiRightServiceImpl.checkAccess(XWikiRightServiceImpl.java:139) >at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3586) >at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4572) >at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:190) >at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:115) >at > org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431) >at > org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236) >at > org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196) >at > org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432) >at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) >at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) > java.lang.NullPointerException >at > com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAPAuthServiceImpl.java:157) >at > com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.authenticate(MyFormAuthenticator.java:239) >at > com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:165) >at > com.xpn.xwiki.user.impl.xwiki.MyFormAuthenticator.processLogin(MyFormAuthenticator.java:148) >at > com.xpn.xwiki.user.impl.xwiki.XWikiAuthServiceImpl.checkAuth(XWikiAuthServiceImpl.java:203) >at com.xpn.xwiki.XWiki.checkAuth(XWiki.java:3578) >at > com.xpn.xwiki.user.impl.xwiki.XWikiRightServiceImpl.checkAccess(XWikiRightServiceImpl.java:139) >at com.xpn.xwiki.XWiki.checkAccess(XWiki.java:3586) >at com.xpn.xwiki.XWiki.prepareDocuments(XWiki.java:4572) >at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:190) >at com.xpn.xwiki.web.XWikiAction.execute(XWikiAction.java:115) >at > org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:431) >at > org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:236) >at > org.apache.struts.action.ActionServlet.process(ActionServlet.java:1196) >at > org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:432) >at javax.servlet.http.HttpServlet.service(HttpServlet.java:727) >at javax.servlet.http.HttpServlet.service(HttpServlet.java:820) >at > org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:502) >at > org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1124) >at com.xpn.xwiki.plugin.webdav.DavFilter.doFilter(DavFilter.java:68) >at > org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1115) >at > com.xpn.xwiki.wysiwyg.server.filter.ConversionFilter.doFilter(ConversionFilter.java:96) >at > org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1115) >at > com.xpn.xwiki.web.SavedRequestRestorerFilter.doFilter(SavedRequestRestorerFilter.java:287) >at > org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1115) >at > com.xpn.xwiki.web.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:112) >at > org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1115) >at > org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:361) >at > org.mort