On Mon, Mar 30, 2009 at 7:20 AM, Julien Graglia <[email protected]>wrote:
> Le vendredi 27 mars 2009 à 10:34 +0100, Emmanuel Venisse a écrit : > > Hi, > > Thanks for your test. > > You have two things to modify in your security.properties. > > > > 1- Add security.policy.password.expiration.enabled=false > > 2- Remove ldap.user.store.enabled=true because it isn't use by Redback, > > I'll remove it in config-defaults.properties > > > > With these modifications, all should be ok. > Yes everything is working fine! > > > > Do you use a truststore like dscribed in [1] or only the conf described > in > > your mail? > Yes I'am a using a trustore and a self signed certificate. So you use some truststore properties to start your app server? Can you add it too in the documentation? > > > Can you provide a patch for the LDAP documentation page? > Yes I can, which page? http://svn.codehaus.org/redback/redback-site/trunk/src/site/apt/integration/ldap.apt I'll patch the Continuum page when Continuum will use latest Redback I don't think Archiva have a LDAP page. Thanks for your help. > > > > > [1] http://directory.apache.org/apacheds/1.0/33-how-to-enable-ssl.html > > > > Emmanuel > > > > On Fri, Mar 27, 2009 at 9:18 AM, Julien Graglia <[email protected] > >wrote: > > > > > I have installed redback 1.3-SNAPSHOT rev 823 in archiva and configure > > > ldap + ssl + user mapping (openldap user uid not cn attributes) and it > > > works > > > > > > logs saying that the admin user exists, no need to create one : > > > > > > 09-03-27 09:06:41,238 [btpool0-4] INFO > > > org.codehaus.plexus.redback.users.ldap.ctl.DefaultLdapController - > > > Searching for user: jgr > > > 2009-03-27 09:06:41,240 [btpool0-4] INFO > > > org.codehaus.plexus.redback.users.ldap.ctl.DefaultLdapController - > > > Searching for users with filter: > > > '(&(objectClass=inetOrgPerson)(uid=jgr))' from base dn: > > > dc=netceler,dc=com > > > 2009-03-27 09:06:41,288 [btpool0-4] INFO > > > > org.codehaus.plexus.redback.struts2.interceptor.ForceAdminUserInterceptor > > > - Admin user found. No need to configure admin user. > > > > > > > > > > > > But when in really log in archiva, i got an NPE : > > > > > > java.lang.NullPointerException > > > at java.util.Calendar.setTime(Calendar.java:1075) > > > at > > > > org.codehaus.plexus.redback.struts2.interceptor.PolicyEnforcementInterceptor.intercept(PolicyEnforcementInterceptor.java:141) > > > at > > > > com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(DefaultActionInvocation.java:224) > > > at > > > > com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(DefaultActionInvocation.java:223) > > > at > > > > com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTimerStack.java:455) > > > at > > > > com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:221) > > > at > > > > org.codehaus.plexus.redback.struts2.interceptor.SecureActionInterceptor.intercept(SecureActionInterceptor.java:173) > > > at > > > > com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(DefaultActionInvocation.java:224) > > > at > > > > com.opensymphony.xwork2.DefaultActionInvocation$2.doProfiling(DefaultActionInvocation.java:223) > > > at > > > > com.opensymphony.xwork2.util.profiling.UtilTimerStack.profile(UtilTimerStack.java:455) > > > at > > > > com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:221) > > > at > > > > com.opensymphony.xwork2.interceptor.ParameterFilterInterceptor.intercept(ParameterFilterInterceptor.java:143) > > > > > > I could send you logs (i have put redback in "trace" log4j debug level) > > > if you want.. > > > > > > > > > PS : here is my ldap config : > > > > > > #LDAP > > > user.manager.impl=ldap > > > ldap.user.store.enabled=true > > > ldap.bind.authenticator.enabled=true > > > ldap.config.context.factory=com.sun.jndi.ldap.LdapCtxFactory > > > > > > # LDAP server config > > > ldap.config.hostname=scarab-server > > > ldap.config.port=636 > > > ldap.config.ssl=true > > > ldap.config.base.dn=dc=netceler,dc=com > > > # LDAP bind config > > > ldap.config.bind.dn=XXXXXXXXXXXXXXXXXXX,dc=netceler,dc=com > > > ldap.config.password=XXXXXXXXXXX > > > # LDAP user mapping : openldap use uid, redbak default is cn > > > ldap.config.mapper.attribute.user.id=uid > > > # uid of the ldap user that I use as the archiva administrator > > > redback.default.admin=jgr > > > > > > > > > Le jeudi 26 mars 2009 à 18:23 +0100, Emmanuel Venisse a écrit : > > > > I added something to support it in Redback, but not tested it.You can > > > look > > > > at the issue [1] > > > > > > > > Can you test it? > > > > > > > > [1] http://jira.codehaus.org/browse/REDBACK-215 > > > > > > > > Emmanuel > > > > > > > > On Thu, Mar 26, 2009 at 4:26 PM, Emmanuel Venisse < > > > > [email protected]> wrote: > > > > > > > > > It isn't there yet. > > > > > If you really need it, maybe you can write a patch for Redback. > > > > > > > > > > Emmanuel > > > > > > > > > > > > > > > On Thu, Mar 26, 2009 at 12:46 PM, Julien Graglia < > > > [email protected]>wrote: > > > > > > > > > >> Hi, > > > > >> > > > > >> I am currently migrating from archiva 1.1.3 to archiva 1.2.0... > and I > > > > >> want to switch to an ldap authentication (I'am bored of copying > user > > > > >> databases...) > > > > >> > > > > >> I'have found many threads about ldap and archiva : > > > security.properties, > > > > >> redback ldap config page (1)... but I have not found how to > connect to > > > a > > > > >> ldaps directory? > > > > >> I have defined the ldap.config.port (636) but i did not found how > to > > > > >> says to use ssl > > > > >> > > > > >> > On 5 Aug, 2008, at 8:38 AM, Emmanuel Venisse wrote: > > > > >> > > > > > > >> > > I'm not sure ldap docs on redback site are up-to-date > > > > >> > >> > > > > >> > >> Chris, do you use LDAP or LDAPS? > > > > >> > >> LDAPS isn't supported for the moment > > > > >> > >> > > > > >> > >> Emmanuel > > > > >> > > > > > >> > > > > > >> It seems to me that redback still can't handle SSL for ldap... Did > I > > > > >> have to wait for another archiva/redback release? or stick with my > > > user > > > > >> database (I don't want to store the users in a sql db, they are > > > already > > > > >> in ldap...) > > > > >> > > > > >> 1 : http://redback.codehaus.org/configuration.html and > > > > >> http://redback.codehaus.org/integration/ldap.html > > > > >> > > > > >> > > > > >> Thx, > > > > >> > > > > >> Le mercredi 06 août 2008 à 11:14 +0800, Maria Odea Ching a écrit : > > > > >> > I think you might be missing this property? > > > > >> > user.manager.impl=ldap > > > > >> > > > > > >> > Thanks, > > > > >> > Deng > > > > >> > > > > > >> > On Wed, Aug 6, 2008 at 2:38 AM, Chris Brentano < > > > > >> > [email protected]> wrote: > > > > >> > > > > > >> > > Thanks everyone for your assistance! > > > > >> > > > > > > >> > > Just LDAP, no SSL at the moment. > > > > >> > > > > > > >> > > I configured my conf/security.properties file like so: > > > > >> > > > > > > >> > > ldap.user.store.enabled=true > > > > >> > > ldap.bind.authenticator.enabled=true > > > > >> > > ldap.config.hostname=dc02.jiveville.com > > > > >> > > ldap.config.port=389 > > > > >> > > ldap.config.base.dn=ou=JiveUsers,ou=jiveville,ou=com > > > > >> > > ldap.config.context.factory=com.sun.jndi.ldap.LdapCtxFactory > > > > >> > > ldap > > > > >> > > .config > > > > >> > > .bind > > > > >> > > > > > .dn=cn=ldapUser,ou=ResourceAccounts,ou=JiveUsers,ou=jiveville,ou=com > > > > >> > > ldap.config.password=******** > > > > >> > > > > > > >> > > But cannot log in with any LDAP accounts. But I do have a > couple > > > > >> questions: > > > > >> > > > > > > >> > > - Is there any way to test that Archiva is able to > successfully > > > talk > > > > >> to the > > > > >> > > LDAP server? > > > > >> > > - Are there any options above that I may be missing or which > are > > > > >> incorrect? > > > > >> > > - When LDAP authentication is working, do all accounts that > fall > > > under > > > > >> the > > > > >> > > base dn OU have access? If so, what level? > > > > >> > > - Do I need to do anything in User Administrator to grant > specific > > > > >> LDAP > > > > >> > > accounts access privileges? > > > > >> > > > > > > >> > > Thanks again! > > > > >> > > > > > > >> > > - Chris > > > > >> > > > > > > >> > > > > > > >> > > > > > > >> > > On 5 Aug, 2008, at 8:38 AM, Emmanuel Venisse wrote: > > > > >> > > > > > > >> > > I'm not sure ldap docs on redback site are up-to-date > > > > >> > >> > > > > >> > >> Chris, do you use LDAP or LDAPS? > > > > >> > >> LDAPS isn't supported for the moment > > > > >> > >> > > > > >> > >> Emmanuel > > > > >> > >> > > > > >> > >> On Tue, Aug 5, 2008 at 5:08 AM, Maria Odea Ching < > > > [email protected]> > > > > >> > >> wrote: > > > > >> > >> > > > > >> > >> Hi Chris, > > > > >> > >>> > > > > >> > >>> You just need to put the LDAP config in your > security.properties > > > > >> file, > > > > >> > >>> you > > > > >> > >>> no longer need to edit the application.xml as specified > here: > > > > >> > >>> http://redback.codehaus.org/integration/ldap.html (just > copy & > > > > >> paste the > > > > >> > >>> config specifed in the security.properties section) > > > > >> > >>> > > > > >> > >>> And you might also need to add the LDAP specific > configuration > > > > >> specified > > > > >> > >>> in > > > > >> > >>> the LDAP Settings section in this document: > > > > >> > >>> http://redback.codehaus.org/configuration.html > > > > >> > >>> > > > > >> > >>> HTH, > > > > >> > >>> Deng > > > > >> > >>> > > > > >> > >>> On Tue, Aug 5, 2008 at 8:16 AM, Chris Brentano < > > > > >> > >>> [email protected]> wrote: > > > > >> > >>> > > > > >> > >>> Hi all, > > > > >> > >>>> > > > > >> > >>>> I'd like to configure Archiva to do LDAP authentication to > > > Active > > > > >> > >>>> Directory. It appears that Redback has LDAP support, and > I've > > > seen > > > > >> some > > > > >> > >>>> various bits here and there about configuring the > > > > >> security.properties or > > > > >> > >>>> application.xml file to utilize LDAP, but I can't find a > > > concise > > > > >> guide. > > > > >> > >>>> > > > > >> > >>> Can > > > > >> > >>> > > > > >> > >>>> anyone provide some basic instructions and are there any > > > gotchas I > > > > >> > >>>> should > > > > >> > >>>> > > > > >> > >>> be > > > > >> > >>> > > > > >> > >>>> aware of? Thanks! > > > > >> > >>>> > > > > >> > >>>> - Chris > > > > >> > >>>> > > > > >> > >>>> > > > > >> > >>> > > > > >> > > > > > > >> -- > > > > >> Julien Graglia > > > > >> NetCeler > > > > >> > > > > >> > > > > > > > > -- > > > Julien Graglia - [email protected] > > > NetCeler > > > Les Peyrons 05400 Veynes > > > Tel : +33 4 92 57 12 12 Fax : +33 4 92 57 12 62 > > > > > > > -- > Julien Graglia - [email protected] > NetCeler > Les Peyrons 05400 Veynes > Tel : +33 4 92 57 12 12 Fax : +33 4 92 57 12 62 > >
