Hi, I pretty much did a verbatim install by following the website for running under tomcat I then replaced webapps/archiva/ROOT/WEB-INF/lib/redback-users-ldap-1.0.3.jar with a snapshot jar from http://snapshots.repository.codehaus.org/org/codehaus/redback/redback-co mmon-ldap/1.1-SNAPSHOT/redback-common-ldap-1.1-20080825.034144-2.jar
Which contains the fix for http://jira.codehaus.org/browse/REDBACK-154 I then created a file under the homedir of the user running tomcat (~www/.m2/security.properties) user.manager.impl=ldap ldap.user.store.enabled=true ldap.bind.authenticator.enabled=true #users must exist in ldap redback.default.admin=xxxx redback.default.guest=xxxx # security.policy.password.expiration.enabled=false ldap.config.hostname=xxx.xxx.xxx.xxx ldap.config.port=389 ldap.config.base.dn=OU=xxx,OU=xxx,DC=xxx,DC=xxx ldap.config.context.factory=com.sun.jndi.ldap.LdapCtxFactory ldap.config.bind.dn=cn=xxxx,cn=xxx,dc=xxx,dc=xxx ldap.config.password=xxxxxxxxxxxx ldap.config.mapper.attribute.email=mail ldap.config.mapper.attribute.fullname=name ldap.config.mapper.attribute.user.id=mailNickname ldap.config.mapper.attribute.user.object.class=user restarted the server and logged in using the ldap credentials for my defined redback.default.admin However, i have now flagged a few issues in regards to this authentication so it looks somewhat broken :( would love to hear other peoples tips, tricks etc to resolve these ldap issues :) Chris -----Original Message----- From: Henri Gomez [mailto:[EMAIL PROTECTED] Sent: Wednesday, 27 August 2008 4:48 PM To: [email protected] Subject: Re: Active Directory Authentication Hi Chris Could you detail how you connect to AD ? I'd like to use AD authentification also and any informations will be very valuable. Regards 2008/8/27 Chris Anders <[EMAIL PROTECTED]>: > I found another problem with AD LDAP authentication > > When i restart the server after defining each user their role the > following exception appears in my tomcat log: > > SEVERE: Exception sending context initialized event to listener instance > of class org.apache.maven.archiva.web.startup.ArchivaStartup > java.lang.ClassCastException: > org.codehaus.plexus.redback.users.UserNotFoundException > at > org.apache.maven.archiva.web.startup.SecuritySynchronization.executeEnvi > ronmentChecks(SecuritySynchronization.java:162) > at > org.apache.maven.archiva.web.startup.SecuritySynchronization.startup(Sec > uritySynchronization.java:125) > at > org.apache.maven.archiva.web.startup.ArchivaStartup.contextInitialized(A > rchivaStartup.java:56) > at > org.apache.catalina.core.StandardContext.listenerStart(StandardContext.j > ava:3764) > at > org.apache.catalina.core.StandardContext.start(StandardContext.java:4216 > ) > at > org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.ja > va:760) > at > org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:740) > at > org.apache.catalina.core.StandardHost.addChild(StandardHost.java:544) > at > org.apache.catalina.startup.HostConfig.deployDescriptor(HostConfig.java: > 626) > at > org.apache.catalina.startup.HostConfig.deployDescriptors(HostConfig.java > :553) > at > org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:488) > at > org.apache.catalina.startup.HostConfig.start(HostConfig.java:1149) > at > org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:31 > 1) > at > org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSu > pport.java:120) > at > org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1022) > at > org.apache.catalina.core.StandardHost.start(StandardHost.java:736) > at > org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1014) > at > org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443) > at > org.apache.catalina.core.StandardService.start(StandardService.java:448) > at > org.apache.catalina.core.StandardServer.start(StandardServer.java:700) > at org.apache.catalina.startup.Catalina.start(Catalina.java:552) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav > a:39) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor > Impl.java:25) > at java.lang.reflect.Method.invoke(Method.java:585) > at > org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:295) > at > org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:433) > Aug 27, 2008 5:56:50 AM org.apache.catalina.core.StandardContext start > SEVERE: Error listenerStart > > Have i missed something ? > > Cheers, > > Chris > > -----Original Message----- > From: Chris Anders [mailto:[EMAIL PROTECTED] > Sent: Tuesday, 26 August 2008 12:41 PM > To: [email protected] > Subject: Active Directory Authentication > > Hi guys, > > > > For anyone else trying to get AD authentication to work i found via > tcpdump that the binddn was appending a ',' to the end of the bind. > > > > Lucky for me this bug was fixed a few days ago > (http://jira.codehaus.org/browse/REDBACK-154 ) which i have tested using > the snapshot jar in my current archiva install from > http://snapshots.repository.codehaus.org/org/codehaus/redback/redback-co > mmon-ldap/1.1-SNAPSHOT/redback-common-ldap-1.1-20080825.034144-2.jar > > > > i then added to ~www/.m2/security.properties > > > > user.manager.impl=ldap > > ldap.user.store.enabled=true > > ldap.bind.authenticator.enabled=true > > redback.default.admin=xxxx > > redback.default.guest=xxxx > > security.policy.password.expiration.enabled=false > > > > ldap.config.hostname=xxx.xxx.xxx.xxx > > ldap.config.port=389 > > ldap.config.base.dn=OU=xxx,OU=xxx,DC=xxx,DC=xxx > > ldap.config.context.factory=com.sun.jndi.ldap.LdapCtxFactory > > ldap.config.bind.dn=cn=xxxx,cn=xxx,dc=xxx,dc=xxx > > ldap.config.password=xxxxxxxxxxxx > > > > ldap.config.mapper.attribute.email=mail > > ldap.config.mapper.attribute.fullname=name > > ldap.config.mapper.attribute.user.id=mailNickname > > ldap.config.mapper.attribute.user.object.class=user > > > > And i can confirm that AD authentication is now working! > > > > My only problem now is when you goto the site as the default user > (guest) and click browse or try a search a lovely NPE stack trace is > given: > > > > Aug 26, 2008 2:21:02 AM org.apache.catalina.core.StandardWrapperValve > invoke > > SEVERE: Servlet.service() for servlet default threw exception > > java.lang.NullPointerException > > at > org.apache.maven.archiva.security.DefaultUserRepositories.getObservableR > epositoryIds(DefaultUserRepositories.java:76) > > at > org.apache.maven.archiva.web.action.BrowseAction.getObservableRepos(Brow > seAction.java:131) > > at > org.apache.maven.archiva.web.action.BrowseAction.browse(BrowseAction.jav > a:65) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.jav > a:39) > > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessor > Impl.java:25) > > at java.lang.reflect.Method.invoke(Method.java:585) > > at > com.opensymphony.xwork.DefaultActionInvocation.invokeAction(DefaultActio > nInvocation.java:358) > > at > com.opensymphony.xwork.DefaultActionInvocation.invokeActionOnly(DefaultA > ctionInvocation.java:218) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:192) > > at > com.opensymphony.xwork.interceptor.MethodFilterInterceptor.intercept(Met > hodFilterInterceptor.java:88) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > com.opensymphony.xwork.interceptor.MethodFilterInterceptor.intercept(Met > hodFilterInterceptor.java:88) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > org.apache.maven.archiva.web.interceptor.ConfigurationInterceptor.interc > ept(ConfigurationInterceptor.java:51) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > org.codehaus.plexus.redback.xwork.interceptor.PolicyEnforcementIntercept > or.intercept(PolicyEnforcementInterceptor.java:105) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > org.codehaus.plexus.redback.xwork.interceptor.SecureActionInterceptor.in > tercept(SecureActionInterceptor.java:178) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > com.opensymphony.xwork.interceptor.ParameterFilterInterceptor.intercept( > ParameterFilterInterceptor.java:124) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > com.opensymphony.xwork.interceptor.MethodFilterInterceptor.intercept(Met > hodFilterInterceptor.java:88) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > com.opensymphony.xwork.interceptor.MethodFilterInterceptor.intercept(Met > hodFilterInterceptor.java:88) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInt > erceptor.java:31) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInt > erceptor.java:31) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInt > erceptor.java:31) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > com.opensymphony.webwork.interceptor.FileUploadInterceptor.intercept(Fil > eUploadInterceptor.java:174) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInt > erceptor.java:31) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > com.opensymphony.webwork.interceptor.debugging.DebuggingInterceptor.inte > rcept(DebuggingInterceptor.java:169) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInt > erceptor.java:31) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > com.opensymphony.xwork.interceptor.I18nInterceptor.intercept(I18nInterce > ptor.java:151) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInt > erceptor.java:31) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInt > erceptor.java:31) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > com.opensymphony.xwork.interceptor.AroundInterceptor.intercept(AroundInt > erceptor.java:31) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > com.opensymphony.xwork.interceptor.ExceptionMappingInterceptor.intercept > (ExceptionMappingInterceptor.java:186) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > org.codehaus.plexus.redback.xwork.interceptor.AutoLoginInterceptor.inter > cept(AutoLoginInterceptor.java:156) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > org.codehaus.plexus.redback.xwork.interceptor.ForceAdminUserInterceptor. > intercept(ForceAdminUserInterceptor.java:76) > > at > com.opensymphony.xwork.DefaultActionInvocation.invoke(DefaultActionInvoc > ation.java:190) > > at > com.opensymphony.xwork.DefaultActionProxy.execute(DefaultActionProxy.jav > a:116) > > at > com.opensymphony.webwork.dispatcher.DispatcherUtils.serviceAction(Dispat > cherUtils.java:273) > > at > com.opensymphony.webwork.dispatcher.FilterDispatcher.doFilter(FilterDisp > atcher.java:202) > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica > tionFilterChain.java:215) > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt > erChain.java:188) > > at > com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter. > java:118) > > at > com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.j > ava:52) > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica > tionFilterChain.java:215) > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt > erChain.java:188) > > at > com.opensymphony.webwork.dispatcher.ActionContextCleanUp.doFilter(Action > ContextCleanUp.java:88) > > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applica > tionFilterChain.java:215) > > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilt > erChain.java:188) > > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValv > e.java:213) > > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValv > e.java:174) > > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java > :127) > > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java > :117) > > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve. > java:108) > > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:1 > 74) > > at > org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200) > > at > org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283) > > at > org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773) > > at > org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java: > 703) > > at > org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket. > java:895) > > at > org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool > .java:689) > > at java.lang.Thread.run(Thread.java:595) > > > > I also found a slight quirk that if I want to associate a role to an AD > user i had to click edit roles on the user, then submit (to the empty > role list), then open the user again for roles to show and be set. > > > > Perhaps i have missed something ? > > > > Any ideas would be greatly appreciated! > > > > Thankyou > > > > Chris Anders > > > > > > > > No virus found in this incoming message. > Checked by AVG - http://www.avg.com > Version: 8.0.138 / Virus Database: 270.6.9/1634 - Release Date: > 25/08/2008 8:48 PM > !DSPAM:1,48b4fc48109062684521262! No virus found in this incoming message. Checked by AVG - http://www.avg.com Version: 8.0.138 / Virus Database: 270.6.9/1636 - Release Date: 26/08/2008 7:09 PM
