Hi all,
I'm having a peculiar problem with my LDAP integration. I'm integrating with
AD and this seems to work but when a user logs in she/he is greeted with "Your
account is assigned with multiple usergroups. Please choose one for this
session" then a drop down box. The drop down box is empty. When they continue
it displays a blank page. I'm not sure where the issue is. I have not assigned
any user to any group since they're authenticating through AD.
Here's the relevant snippet of the log:
DEBUG 09-18 18:18:36.257 o.a.o.q.s.MeetingReminderJob:34
[org.springframework.scheduling.quartz.SchedulerFactoryBean#0_Worker-5] -
MeetingReminderJob.execute
DEBUG 09-18 18:18:36.269 o.a.o.d.c.d.AppointmentDao:929
[org.springframework.scheduling.quartz.SchedulerFactoryBean#0_Worker-5] -
startStamp 2013-09-18 18:18:36.269
DEBUG 09-18 18:18:36.271 o.a.o.d.c.d.AppointmentDao:930
[org.springframework.scheduling.quartz.SchedulerFactoryBean#0_Worker-5] -
stopStamp 2013-09-18 18:33:36.269
DEBUG 09-18 18:18:36.280 o.a.o.d.c.m.AppointmentLogic:423
[org.springframework.scheduling.quartz.SchedulerFactoryBean#0_Worker-5] -
doScheduledMeetingReminder : no Appointments in range
WARN 09-18 18:19:09.425 o.a.o.r.MainService:307 [NioProcessor-6] - loginUser:
72e9df24631c6af8bdcc071699217419 yos2653
DEBUG 09-18 18:19:09.426 o.a.o.r.MainService:318 [NioProcessor-6] - Ldap Login
DEBUG 09-18 18:19:09.450 o.a.o.l.LdapLoginManagement:245 [NioProcessor-6] -
LdapLoginmanagement.doLdapLogin
DEBUG 09-18 18:19:09.451 o.a.o.l.LdapLoginManagement:209 [NioProcessor-6] -
LdapLoginmanagement.getLdapConfigData
DEBUG 09-18 18:19:09.452 o.a.o.l.LdapLoginManagement:222 [NioProcessor-6] -
LdapLoginmanagement.readConfig :
/usr/lib/red52/webapps/openmeetings/conf/om_ldap.cfg
DEBUG 09-18 18:19:09.454 o.a.o.l.LdapLoginManagement:149 [NioProcessor-6] -
isValidAuthType
DEBUG 09-18 18:19:09.455 o.a.o.l.LdapLoginManagement:381 [NioProcessor-6] -
Searching userdata with LDAP Search Filter :(userPrincipalName =yos2653)
DEBUG 09-18 18:19:09.456 o.a.o.l.LdapAuthBase:84 [NioProcessor-6] - LdapAuthBase
DEBUG 09-18 18:19:09.457 o.a.o.l.LdapLoginManagement:390 [NioProcessor-6] -
authenticating admin...
DEBUG 09-18 18:19:09.458 o.a.o.l.LdapAuthBase:101 [NioProcessor-6] -
authenticateUser
ERROR 09-18 18:19:09.463 o.a.o.r.MainService:393 [NioProcessor-6] - loginUser :
java.lang.NullPointerException: null
at java.util.Hashtable.put(Hashtable.java:394) ~[na:1.6.0_45]
at
org.apache.openmeetings.ldap.LdapAuthBase.authenticateUser(LdapAuthBase.java:109)
~[openmeetings-2.1.1-RELEASE.jar:na]
at
org.apache.openmeetings.ldap.LdapLoginManagement.doLdapLogin(LdapLoginManagement.java:391)
~[openmeetings-2.1.1-RELEASE.jar:na]
at
org.apache.openmeetings.remote.MainService.loginUser(MainService.java:333)
~[openmeetings-2.1.1-RELEASE.jar:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
~[na:1.6.0_45]
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
~[na:1.6.0_45]
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
~[na:1.6.0_45]
at java.lang.reflect.Method.invoke(Method.java:597) ~[na:1.6.0_45]
at
org.red5.server.service.ServiceInvoker.invoke(ServiceInvoker.java:196)
[red5.jar:na]
at
org.red5.server.service.ServiceInvoker.invoke(ServiceInvoker.java:115)
[red5.jar:na]
at
org.red5.server.net.rtmp.RTMPHandler.invokeCall(RTMPHandler.java:157)
[red5.jar:na]
at org.red5.server.net.rtmp.RTMPHandler.onInvoke(RTMPHandler.java:399)
[red5.jar:na]
at
org.red5.server.net.rtmp.BaseRTMPHandler.messageReceived(BaseRTMPHandler.java:130)
[red5.jar:na]
at
org.red5.server.net.rtmp.RTMPMinaIoHandler.messageReceived(RTMPMinaIoHandler.java:164)
[red5.jar:na]
at
org.apache.mina.core.filterchain.DefaultIoFilterChain$TailFilter.messageReceived(DefaultIoFilterChain.java:716)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:46)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:796)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.filter.codec.ProtocolCodecFilter$ProtocolDecoderOutputImpl.flush(ProtocolCodecFilter.java:427)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecFilter.java:245)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:46)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:796)
[mina-core-2.0.4.jar:na]
at
org.red5.server.net.rtmpe.RTMPEIoFilter.messageReceived(RTMPEIoFilter.java:124)
[red5.jar:na]
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.access$1200(DefaultIoFilterChain.java:46)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.core.filterchain.DefaultIoFilterChain$EntryImpl$1.messageReceived(DefaultIoFilterChain.java:796)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.core.filterchain.IoFilterAdapter.messageReceived(IoFilterAdapter.java:119)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.callNextMessageReceived(DefaultIoFilterChain.java:434)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.core.filterchain.DefaultIoFilterChain.fireMessageReceived(DefaultIoFilterChain.java:426)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.core.polling.AbstractPollingIoProcessor.read(AbstractPollingIoProcessor.java:715)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:668)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.core.polling.AbstractPollingIoProcessor.process(AbstractPollingIoProcessor.java:657)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.core.polling.AbstractPollingIoProcessor.access$600(AbstractPollingIoProcessor.java:68)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.core.polling.AbstractPollingIoProcessor$Processor.run(AbstractPollingIoProcessor.java:1141)
[mina-core-2.0.4.jar:na]
at
org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:64)
[mina-core-2.0.4.jar:na]
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
[na:1.6.0_45]
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
[na:1.6.0_45]
at java.lang.Thread.run(Thread.java:662) [na:1.6.0_45]
DEBUG 09-18 18:20:11.267 o.a.o.q.s.TestSetupCleanupJob:34
[org.springframework.scheduling.quartz.SchedulerFactoryBean#0_Worker-6] -
TestSetupClearJob.execute
DEBUG 09-18 18:20:11.327 o.a.o.u.m.MailHandler:241
[org.springframework.scheduling.quartz.SchedulerFactoryBean#0_Worker-7] -
sendMails enter ...
DEBUG 09-18 18:20:11.335 o.a.o.u.m.MailHandler:247
[org.springframework.scheduling.quartz.SchedulerFactoryBean#0_Worker-7] - ...
sendMails done.
DEBUG 09-18 18:20:16.247 o.a.o.d.b.SessiondataDao:410
[org.springframework.scheduling.quartz.SchedulerFactoryBean#0_Worker-8] -
****** clearSessionTable:
DEBUG 09-18 18:20:16.257 o.a.o.d.b.SessiondataDao:414
[org.springframework.scheduling.quartz.SchedulerFactoryBean#0_Worker-8] -
clearSessionTable: 2
DEBUG 09-18 18:20:16.258 o.a.o.q.s.MeetingReminderJob:34
[org.springframework.scheduling.quartz.SchedulerFactoryBean#0_Worker-9] -
MeetingReminderJob.execute
DEBUG 09-18 18:20:16.270 o.a.o.d.c.d.AppointmentDao:929
[org.springframework.scheduling.quartz.SchedulerFactoryBean#0_Worker-9] -
startStamp 2013-09-18 18:20:16.269
DEBUG 09-18 18:20:16.271 o.a.o.d.c.d.AppointmentDao:930
[org.springframework.scheduling.quartz.SchedulerFactoryBean#0_Worker-9] -
stopStamp 2013-09-18 18:35:16.269
DEBUG 09-18 18:20:16.281 o.a.o.d.c.m.AppointmentLogic:423
[org.springframework.scheduling.quartz.SchedulerFactoryBean#0_Worker-9] -
doScheduledMeetingReminder : no Appointments in range
DEBUG 09-18 18:20:45.167 o.a.o.d.b.SessiondataDao:242 [NioProcessor-6] -
updateUserOrg User: null || 72e9df24631c6af8bdcc071699217419
Anyone with any ideas?
==== om_ldap.cfg =====
# This parameter specifies the type of LDAP server your are defining
#
# Supported values are "OpenLDAP" and "AD" for Active Directory (defaults to
AD).
ldap_server_type=AD
#LDAP URL
# This is the URL used to access your LDAP server.
# can be a simple URL like:
# ldap_conn_url=ldap://myldap.myorg.com
# or a list of simple URL separated by a space as in:
# ldap_conn_url=ldap://myldap.myorg.com ldap://myldap2.myorg.com
# if you want to use "ldaps://" links, please be aware that you need to import
your CA certificate
# to a java keystore and add the -Djavax.net.ssl.keyStore,
-Djavax.net.ssl.keyStorePassword,
# -Djavax.net.ssl.trustStore and -Djavax.net.ssl.trustStorePassword parameters
to your
# JAVA_OPT environment
ldap_conn_url=ldap://dc1.afdb.local:389
#Login distinguished name (DN) for Authentification on LDAP Server - keep emtpy
if not requiered
# Use DN with with ":" instead of "=". The conversion will be done in OM
ldap_admin_dn=afdb\otrs
#Loginpass for Authentification on LDAP Server - keep emtpy if not requiered
#ldap_passwd=myownpasswd
#base to search for userdata(of user, that wants to login)
# Use DN with with ":" instead of "=". The conversion will be done in OM
ldap_search_base=OU:SARC,OU:AFDB_Field_Offices,DC:afdb,DC:local
# Fieldnames (can differ between Ldap servers)
field_user_principal=userPrincipalName
# Ldap auth type(SIMPLE,NONE)
# When using SIMPLE a simple bind is performed on the LDAP server to check
user authentication
# When using NONE, the Ldap server is not used for authentication
ldap_auth_type=SIMPLE
# Ldap-password synchronization to OM DB
# Set this to 'yes' if you want OM to synchronize the user Ldap-password to
OM's internal DB
# This enables local login of users if the ldap server is offline.
# If you want to disable the feature, set this to 'no'.
# Defautl value is 'yes'
ldap_sync_password_to_om=no
# Ldap user attributes mapping
# Set the following internal OM user attributes to their corresponding
Ldap-attribute
ldap_user_attr_lastname=sn
ldap_user_attr_firstname=givenName
ldap_user_attr_mail=mail
ldap_user_attr_street=streetAddress
ldap_user_attr_additionalname=description
ldap_user_attr_fax=facsimileTelephoneNumber
ldap_user_attr_zip=postalCode
ldap_user_attr_country=co
ldap_user_attr_town=l
ldap_user_attr_phone=telephoneNumber
# optional, only absolute URLs make sense
#ldap_user_picture_uri=picture_uri
# optional
# the timezone has to mach an entry in the OpenMeetings table "omtimezones"
otherwise the user will get
# the timezone defined in the value of the conf_key "default.timezone" in
OpenMeetings "configurations" table
#ldap_user_timezone=timezone
# Ldap ignore upper/lower case, convert all input to lower case
ldap_use_lower_case=false
