2008/8/18 Emmanuel Venisse <[EMAIL PROTECTED]>: > On Mon, Aug 18, 2008 at 2:21 PM, Brett Porter <[EMAIL PROTECTED]>wrote: > >> On the admin side, I think we should allow the username for the main >> administrator to be configurable to avoid this problem. > > > For Continuum instances I installed, I'm the admin so I use my account for > the admin in security.properties.
I didn't actually know those properties existed :) > > It isn't good to configure the main admin user in security.properties, a > best way would be to use a new page where the user that install Continuum > will can choose the admin like we do it for the configuration page if > Continuum isn't configured yet. Yes, that's always helpful. Does it at least skip the admin creation page if you have the property set? > > >> >> >> On the guest side, I think it's a bug that it's required in the store >> (even in the database store) - it should be a special non-user user :) > > > I'm agree. > > Emmanuel > > >> >> >> - Brett >> >> 2008/8/18 Arnaud HERITIER <[EMAIL PROTECTED]>: >> > no they don't. >> > And I'll not be able to do it. We don't have the possibility (for >> security >> > reasons) to create no human accounts in it :-( >> > In the meantime, I found a workaround for my initial issue : >> > https://jira.codehaus.org/browse/MRM-911 >> > Thus I don't have actually to connect it to ldap but I think we'll have a >> > lot of corporate environment where we won't be able to create those >> > accounts. >> > >> > cheers >> > >> > arnaud >> > >> > >> > On Mon, Aug 18, 2008 at 12:43 PM, Emmanuel Venisse < >> > [EMAIL PROTECTED]> wrote: >> > >> >> 'admin' and 'guest' must be declared in your ldap. >> >> Are they exists? >> >> >> >> Emmanuel >> >> >> >> On Thu, Aug 14, 2008 at 2:21 AM, Arnaud HERITIER <[EMAIL PROTECTED] >> >> >wrote: >> >> >> >> > Is it possible to do it when we deploy archiva as a war ? >> >> > I tried to modified the application.xml in the expended webapp in >> tomcat >> >> > but >> >> > I have always a NPE issue : >> >> > >> >> > 2008-08-14 01:23:18,435 [main] ERROR >> >> > >> org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/archiva] >> >> - >> >> > Exception sending context initialized event to listener instance of >> class >> >> > org.apache.maven.archiva.web.startup.ArchivaStartup >> >> > java.lang.NullPointerException >> >> > at >> >> > >> >> > >> >> >> org.codehaus.plexus.redback.users.ldap.ctl.DefaultLdapController.searchUsers(DefaultLdapController.java:129) >> >> > at >> >> > >> >> > >> >> >> org.codehaus.plexus.redback.users.ldap.ctl.DefaultLdapController.getUser(DefaultLdapController.java:181) >> >> > at >> >> > >> >> > >> >> >> org.codehaus.plexus.redback.users.ldap.LdapUserManager.findUser(LdapUserManager.java:214) >> >> > at >> >> > >> >> > >> >> >> org.codehaus.plexus.redback.users.configurable.ConfigurableUserManager.findUser(ConfigurableUserManager.java:111) >> >> > at >> >> > >> >> > >> >> >> org.codehaus.plexus.redback.xwork.checks.security.GuestUserEnvironmentCheck.validateEnvironment(GuestUserEnvironmentCheck.java:82) >> >> > at >> >> > >> >> > >> >> >> org.apache.maven.archiva.web.startup.SecuritySynchronization.executeEnvironmentChecks(SecuritySynchronization.java:151) >> >> > at >> >> > >> >> > >> >> >> org.apache.maven.archiva.web.startup.SecuritySynchronization.startup(SecuritySynchronization.java:125) >> >> > at >> >> > >> >> > >> >> >> org.apache.maven.archiva.web.startup.ArchivaStartup.contextInitialized(ArchivaStartup.java:56) >> >> > at >> >> > >> >> > >> >> >> org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3764) >> >> > at >> >> > >> org.apache.catalina.core.StandardContext.start(StandardContext.java:4216) >> >> > at >> >> > >> >> > >> >> >> org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:760) >> >> > at >> >> > >> org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740) >> >> > at >> >> org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544) >> >> > at >> >> > >> >> > >> >> >> org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java:626) >> >> > at >> >> > >> >> > >> >> >> org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java:553) >> >> > at >> >> > org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:488) >> >> > at >> org.apache.catalina.startup.HostConfig.start(HostConfig.java:1149) >> >> > at >> >> > >> >> >> org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311) >> >> > at >> >> > >> >> > >> >> >> org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:120) >> >> > at >> >> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022) >> >> > at >> org.apache.catalina.core.StandardHost.start(StandardHost.java:736) >> >> > at >> >> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014) >> >> > at >> >> > org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443) >> >> > at >> >> > >> org.apache.catalina.core.StandardService.start(StandardService.java:448) >> >> > at >> >> > org.apache.catalina.core.StandardServer.start(StandardServer.java:700) >> >> > at org.apache.catalina.startup.Catalina.start(Catalina.java:552) >> >> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> >> > at >> >> > >> >> > >> >> >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> >> > at >> >> > >> >> > >> >> >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> >> > at java.lang.reflect.Method.invoke(Method.java:597) >> >> > at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295) >> >> > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> >> > at >> >> > >> >> > >> >> >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> >> > at >> >> > >> >> > >> >> >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> >> > at java.lang.reflect.Method.invoke(Method.java:597) >> >> > at >> >> > >> >> >> org.apache.commons.daemon.support.DaemonLoader.start(DaemonLoader.java:177) >> >> > 2008-08-14 01:23:18,436 [main] ERROR >> >> > org.apache.catalina.core.StandardContext - Error listenerStart >> >> > 2008-08-14 01:23:18,437 [main] ERROR >> >> > org.apache.catalina.core.StandardContext - Context [/archiva] startup >> >> > failed >> >> > due to previou... >> >> > >> >> > In my security settings I have (it's an active directory and I get >> >> settings >> >> > from crowd which is also connecing to it with ldap) : >> >> > >> >> > user.manager.impl=ldap >> >> > ldap.bind.authenticator.enabled=true >> >> > redback.default.admin=admin >> >> > redback.default.guest=guest >> >> > security.policy.password.expiration.enabled=false >> >> > >> >> > ldap.config.hostname=X.Y.Z.W >> >> > ldap.config.port=389 >> >> > ldap.config.base.dn=dc=paris,dc=france,dc=octo >> >> > ldap.config.context.factory=com.sun.jndi.ldap.LdapCtxFactory >> >> > ldap.config.bind.dn=cn=XXX,cn=users,dc=paris,dc=france,dc=octo >> >> > ldap.config.password=XXX >> >> > #ldap.config.authentication.method= >> >> > >> >> > ldap.user.store.enabled=true >> >> > >> >> > ldap.config.mapper.attribute.email=mail >> >> > ldap.config.mapper.attribute.fullname=givenName >> >> > ldap.config.mapper.attribute.password=unicodePwd >> >> > ldap.config.mapper.attribute.user.id=sAMAccountName >> >> > >> >> > >> >> >> ldap.config.mapper.attribute.user.base.dn=cn=users,dc=paris,dc=france,dc=octo >> >> > ldap.config.mapper.attribute.user.object.class=user >> >> > >> >> > >> >> >> ldap.config.mapper.attribute.user.filter=(&(&(objectCategory=Person)(sAMAccountName=*))(memberof=cn=octo,cn=users,dc=paris,dc=france,dc=octo)) >> >> > >> >> > with or without components I have the NPE >> >> > I also tried to modify my settings and I have always a NPE. >> >> > I don't understand what I can do wrong. >> >> > >> >> > It seems that the NPE is due to the LDAP Context which isn't created. >> >> > >> >> > Any idea ? >> >> > >> >> > >> >> > >> >> > On Wed, Aug 6, 2008 at 1:50 PM, Emmanuel Venisse < >> >> > [EMAIL PROTECTED] >> >> > > wrote: >> >> > >> >> > > Some components must be declared in application.xml. >> >> > > Yesterday I added them in comments in trunk >> >> > > Look at LDAP snippet part in >> >> > > >> >> > > >> >> > >> >> >> https://svn.apache.org/repos/asf/archiva/trunk/archiva-modules/archiva-web/archiva-webapp/src/main/resources/META-INF/plexus/application.xml >> >> > > >> >> > > Emmanuel >> >> > > >> >> > > On Wed, Aug 6, 2008 at 5:58 AM, Maria Odea Ching <[EMAIL PROTECTED] >> > >> >> > > wrote: >> >> > > >> >> > > > ---------- Forwarded message ---------- >> >> > > > From: Maria Odea Ching <[EMAIL PROTECTED]> >> >> > > > Date: Wed, Aug 6, 2008 at 11:58 AM >> >> > > > Subject: Re: ldap with Archiva >> >> > > > To: [EMAIL PROTECTED] >> >> > > > >> >> > > > >> >> > > > Hi Marina, >> >> > > > >> >> > > > I'll be forwarding this to the archiva users list and we could >> >> continue >> >> > > the >> >> > > > discussion there :) >> >> > > > Anyway, with redback 1.0.1 (used by archiva 1.0.2 & 1.0.1) I think >> >> you >> >> > > only >> >> > > > need to configure the security.properties file in order to use >> ldap >> >> for >> >> > > > authentication. Here's an example config: >> >> > > > >> >> > > > user.manager.impl=ldap >> >> > > > ldap.bind.authenticator.enabled=true >> >> > > > ldap.config.hostname=localhost >> >> > > > ldap.config.port=10389 >> >> > > > ldap.config.base.dn=dc=redback,dc=plexus,dc=codehaus,dc=org >> >> > > > ldap.config.context.factory=com.sun.jndi.ldap.LdapCtxFactory >> >> > > > ldap.config.bind.dn=uid=admin,ou=system >> >> > > > ldap.config.password=PASSWORD >> >> > > > >> >> > > > I'm not sure with redback 1.0.2 (used by archiva 1.1) though if >> there >> >> > are >> >> > > > additional configurations needed after the changes in redback's >> LDAP >> >> > > > module. >> >> > > > Emmanuel might be able to answer that :) >> >> > > > >> >> > > > HTH, >> >> > > > Deng >> >> > > > >> >> > > > >> >> > > > On Wed, Aug 6, 2008 at 4:58 AM, Marina <[EMAIL PROTECTED]> >> wrote: >> >> > > > >> >> > > > > Hi, Maria >> >> > > > > >> >> > > > > I am trying to make ldap authenticated for Archiva. I do not see >> >> any >> >> > of >> >> > > > > examples online showing how to do it. >> >> > > > > I wonder if you can give any example. >> >> > > > > >> >> > > > > Is the archiva.xml the only file to change? >> >> > > > > Or I have to change other property file? >> >> > > > > Could you send me example of those ldap settings for Archiva? >> >> > > > > >> >> > > > > Great Thanks! >> >> > > > > Marina >> >> > > > > >> >> > > > >> >> > > >> >> > >> >> > >> >> > >> >> > -- >> >> > .......................................................... >> >> > Arnaud HERITIER >> >> > .......................................................... >> >> > OCTO Technology - aheritier AT octo DOT com >> >> > www.octo.com | blog.octo.com >> >> > .......................................................... >> >> > ASF - aheritier AT apache DOT org >> >> > www.apache.org | maven.apache.org >> >> > ........................................................... >> >> > >> >> >> > >> > >> > >> > -- >> > .......................................................... >> > Arnaud HERITIER >> > .......................................................... >> > OCTO Technology - aheritier AT octo DOT com >> > www.octo.com | blog.octo.com >> > .......................................................... >> > ASF - aheritier AT apache DOT org >> > www.apache.org | maven.apache.org >> > ........................................................... >> > >> >> >> >> -- >> Brett Porter >> Blog: http://blogs.exist.com/bporter/ >> > -- Brett Porter Blog: http://blogs.exist.com/bporter/
