To whom it may concern: I am attempting to get archiva working with ldap. My configuration files are attached. <<security.properties>> <<application.xml>> I have worked through problems getting the base.dn and bind.dn and now seem to be connected to LDAP. The only problem is that when I boot up and attempt to connect to Archiva, it always redirects me to the "Create Admin User" page. There it lists the correct Username as specified by the redback.default.admin property. However, there is nothing in the "Full Name" and "Email Address" fields and the fields are not editable. That is, it appears to be only listing the information rather than allowing an edit of the information. If I hit the "Create Admin" button, it complains that "Full Name is required." and "Email Address is required." but still gives you no option to edit them and clearly isn't picking them up out of the appropriate LDAP attributes.
What am I doing wrong? Thanks in advance, Ben ********************************************************************* Ben Keppler | Software Developer Q-MATIC Corporation Phone: (828) 209-1175 Mobile: (828) 242-3567 Fax: (828) 209-1100 EMail: [email protected] Website: http://www.q-matic.us ********************************************************************* Confidentiality and Nondisclosure Notice: This email transmission and any attachments are intended for use by the person(s)/entity(ies) named above and may contain confidential/privileged information. Any unauthorized use, disclosure or distribution is strictly prohibited. If you are not the intended recipient, please contact the sender by e-mail, and delete or destroy all copies plus attachments. *********************************************************************
<?xml version="1.0" encoding="ISO-8859-1"?> <!-- ~ Licensed to the Apache Software Foundation (ASF) under one ~ or more contributor license agreements. See the NOTICE file ~ distributed with this work for additional information ~ regarding copyright ownership. The ASF licenses this file ~ to you under the Apache License, Version 2.0 (the ~ "License"); you may not use this file except in compliance ~ with the License. You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 ~ ~ Unless required by applicable law or agreed to in writing, ~ software distributed under the License is distributed on an ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY ~ KIND, either express or implied. See the License for the ~ specific language governing permissions and limitations ~ under the License. --> <plexus> <components> <component> <role>org.codehaus.plexus.registry.Registry</role> <implementation>org.codehaus.plexus.registry.commons.CommonsConfigurationRegistry</implementation> <role-hint>commons-configuration</role-hint> <configuration> <properties> <system/> <jndi prefix="java:comp/env" config-optional="true"/> <xml fileName="${user.home}/.m2/archiva.xml" config-optional="true" config-name="org.apache.maven.archiva.user" config-at="org.apache.maven.archiva"/> <xml fileName="${user.home}/.m2/shared.xml" config-optional="true" config-name="org.apache.maven.shared.app.user" config-at="org.apache.maven.shared.app" config-forceCreate="true"/> <properties fileName="${user.home}/.m2/security.properties" config-optional="true" config-at="org.codehaus.plexus.redback"/> <properties fileName="${user.home}/.m2/archiva.properties" config-optional="true" config-at="org.codehaus.plexus.redback"/> <xml fileName="${appserver.base}/conf/archiva.xml" config-optional="true" config-name="org.apache.maven.archiva.base" config-at="org.apache.maven.archiva"/> <xml fileName="${appserver.base}/conf/shared.xml" config-optional="true" config-name="org.apache.maven.shared.app.base" config-at="org.apache.maven.shared.app"/> <xml fileName="${appserver.base}/conf/common.xml" config-optional="true"/> <properties fileName="${appserver.base}/conf/security.properties" config-optional="true" config-at="org.codehaus.plexus.redback"/> <xml fileName="${appserver.home}/conf/archiva.xml" config-optional="true" config-at="org.apache.maven.archiva"/> <xml fileName="${appserver.home}/conf/shared.xml" config-optional="true" config-at="org.apache.maven.shared.app"/> <xml fileName="${appserver.home}/conf/common.xml" config-optional="true"/> <properties fileName="${appserver.home}/conf/security.properties" config-optional="true" config-at="org.codehaus.plexus.redback"/> <properties fileName="org/apache/maven/archiva/security.properties" config-at="org.codehaus.plexus.redback"/> </properties> </configuration> </component> <component> <role>org.codehaus.plexus.jdo.JdoFactory</role> <role-hint>archiva</role-hint> <implementation>org.codehaus.plexus.jdo.DataSourceConfigurableJdoFactory</implementation> <configuration> <connectionFactoryName>java:comp/env/jdbc/archiva</connectionFactoryName> <shutdownConnectionFactoryName>java:comp/env/jdbc/archivaShutdown</shutdownConnectionFactoryName> <!-- JPOX and JDO configuration --> <persistenceManagerFactoryClass>org.jpox.PersistenceManagerFactoryImpl</persistenceManagerFactoryClass> <otherProperties> <property> <name>org.jpox.autoCreateSchema</name> <value>true</value> </property> <property> <name>org.jpox.autoCreateColumns</name> <value>true</value> </property> <property> <name>org.jpox.validateTables</name> <value>false</value> </property> <property> <name>org.jpox.validateConstraints</name> <value>false</value> </property> <property> <name>org.jpox.validateColumns</name> <value>false</value> </property> <property> <name>org.jpox.autoStartMechanism</name> <value>None</value> </property> <property> <name>org.jpox.transactionIsolation</name> <value>READ_COMMITTED</value> </property> <property> <name>org.jpox.poid.transactionIsolation</name> <value>READ_COMMITTED</value> </property> <property> <name>org.jpox.rdbms.dateTimezone</name> <value>JDK_DEFAULT_TIMEZONE</value> </property> <!-- NEEDED FOR POSTGRES, But causes problems in other JDBC implementations. <property> <name>org.jpox.identifier.case</name> <value>PreserveCase</value> </property> --> </otherProperties> </configuration> </component> <component> <role>org.codehaus.plexus.jdo.JdoFactory</role> <role-hint>users</role-hint> <implementation>org.codehaus.plexus.jdo.DataSourceConfigurableJdoFactory</implementation> <configuration> <connectionFactoryName>java:comp/env/jdbc/users</connectionFactoryName> <shutdownConnectionFactoryName>java:comp/env/jdbc/usersShutdown</shutdownConnectionFactoryName> <!-- JPOX and JDO configuration --> <persistenceManagerFactoryClass>org.jpox.PersistenceManagerFactoryImpl</persistenceManagerFactoryClass> <otherProperties> <property> <name>org.jpox.autoCreateSchema</name> <value>true</value> </property> <property> <name>org.jpox.validateTables</name> <value>false</value> </property> <property> <name>org.jpox.validateConstraints</name> <value>false</value> </property> <property> <name>org.jpox.validateColumns</name> <value>false</value> </property> <property> <name>org.jpox.autoStartMechanism</name> <value>None</value> </property> <property> <name>org.jpox.transactionIsolation</name> <value>READ_COMMITTED</value> </property> <property> <name>org.jpox.poid.transactionIsolation</name> <value>READ_COMMITTED</value> </property> <property> <name>org.jpox.rdbms.dateTimezone</name> <value>JDK_DEFAULT_TIMEZONE</value> </property> <!-- NEEDED FOR POSTGRES, But causes problems in other JDBC implementations. <property> <name>org.jpox.identifier.case</name> <value>PreserveCase</value> </property> --> </otherProperties> </configuration> </component> <!-- <component> <role>org.apache.maven.archiva.webdav.util.MimeTypes</role> <implementation>org.apache.maven.archiva.webdav.util.MimeTypes</implementation> <description>MimeTypes</description> <configuration> <resource>archiva-mime-types.txt</resource> </configuration> </component> --> <!-- | Logger manager --> <component> <role>org.codehaus.plexus.logging.LoggerManager</role> <implementation>org.codehaus.plexus.logging.slf4j.Slf4jLoggerManager</implementation> <lifecycle-handler>basic</lifecycle-handler> </component> <!-- PLXREDBACK-81 bad role hint, redefining here until redback alpha-2 is released. --> <component> <role>org.codehaus.plexus.redback.system.check.EnvironmentCheck</role> <role-hint>locked-admin-check</role-hint> <implementation>org.codehaus.redback.integration.checks.security.LockedAdminEnvironmentCheck</implementation> <description>LockedAdminEnvironmentCheck: checks if accounts marked as system administrator are locked and unlocks them on startup. </description> <requirements> <requirement> <role>org.codehaus.plexus.redback.users.UserManager</role> <role-hint>cached</role-hint> <field-name>userManager</field-name> </requirement> <requirement> <role>org.codehaus.plexus.redback.rbac.RBACManager</role> <role-hint>cached</role-hint> <field-name>rbacManager</field-name> </requirement> </requirements> </component> <!-- START SNIPPET: ldap --> <!-- Ldap Authentication can be enabled by setting enabling these components and setting the following configuration options in your security.properties file ============================================================ user.manager.impl=ldap ldap.bind.authenticator.enabled=true redback.default.admin=admin security.policy.password.expiration.enabled=false ldap.config.hostname=ldap.hostname ldap.config.port=389 ldap.config.base.dn=o=com ldap.config.context.factory=com.sun.jndi.ldap.LdapCtxFactory ldap.config.bind.dn=uid=myusername,o=com ldap.config.password=s3cr3t #ldap.config.authentication.method= ============================================================ * ldap.config.hostname - The hostname of the ldap server * ldap.config.port - The port of the ldap server * ldap.config.base.dn - The baseDn of the ldap system * ldap.config.context.factory - context factory for ldap connections * ldap.config.bind.dn - the core user used for authentication the ldap server, must be able to perform the necessary searches, etc. * ldap.config.password - password for the bindDn for the root ldap connection until this process is better documented, the following is the document for configuration ldap with redback http://redback.codehaus.org/integration/ldap.html --> <!-- this component manages the connection to the ldap server --> <component> <role>org.codehaus.plexus.redback.common.ldap.connection.LdapConnectionFactory</role> <role-hint>configurable</role-hint> <implementation>org.codehaus.plexus.redback.common.ldap.connection.ConfigurableLdapConnectionFactory</implementation> <requirements> <requirement> <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role> </requirement> </requirements> </component> <!-- this component manages the mapping of attributes in ldap to user information in redback. To configure the mapping, you can add the following properties in your security.properties ============================================================ ldap.config.mapper.attribute.email=mail ldap.config.mapper.attribute.fullname=givenName ldap.config.mapper.attribute.password=userPassword ldap.config.mapper.attribute.user.id=cn ldap.config.mapper.attribute.user.base.dn= ldap.config.mapper.attribute.user.object.class=inetOrgPerson ldap.config.mapper.attribute.user.filter=(attributeName=value) ============================================================ * email-attribute - The name of the attribute on a user that contains the email address * full-name-attribute - The name of the attribute on a user that contains the users fullName * password-attribute - The name of the attribute containing the users password, used for the authentiction using the user manager and not the ldap bind authenticator * user-id-attribute - The name of the attribute containing the users userId, most commonly cn or sn. * user-base-dn - The base dn that will be subtree searched for users. * user-object-class - the objectClass used in the ldap server for indentifying users, most commonly inetOrgPerson. --> <component> <role>org.codehaus.plexus.redback.common.ldap.UserMapper</role> <role-hint>ldap</role-hint> <implementation>org.codehaus.plexus.redback.common.ldap.LdapUserMapper</implementation> <configuration> <email-attribute>email</email-attribute> <full-name-attribute>name</full-name-attribute> <password-attribute>userPassword</password-attribute> <user-id-attribute>sAMAccountName</user-id-attribute> <user-base-dn>my base dn</user-base-dn> <user-object-class>inetOrgPerson</user-object-class> </configuration> <requirements> <requirement> <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role> </requirement> </requirements> </component> <!-- If caching is desired to improve performance then make uncomment this and make sure the following configuration parameter is in the security.properties user.manager.impl=cached --> <!-- component> <role>org.codehaus.plexus.redback.users.UserManager</role> <role-hint>cached</role-hint> <implementation>org.codehaus.plexus.redback.users.cached.CachedUserManager</implementation> <description>CachedUserManager</description> <requirements> <requirement> <role>org.codehaus.plexus.redback.users.UserManager</role> <role-hint>ldap</role-hint> <field-name>userImpl</field-name> </requirement> <requirement> <role>org.codehaus.plexus.cache.Cache</role> <role-hint>users</role-hint> <field-name>usersCache</field-name> </requirement> </requirements> </component--> <!-- if using the user manager authenticator to authenticate the user and not the ldap bind authenticator make sure this definition has the correct password encoder Note: you should probably just use the ldap bind authenticator which is enabled by putting ldap.bind.authenticator.enabled=true in the security.properties --> <!-- component> <role>org.codehaus.plexus.redback.policy.UserSecurityPolicy</role> <role-hint>default</role-hint> <implementation>org.codehaus.plexus.redback.policy.DefaultUserSecurityPolicy</implementation> <description>User Security Policy.</description> <requirements> <requirement> <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role> <field-name>config</field-name> </requirement> <requirement> <role>org.codehaus.plexus.redback.policy.PasswordEncoder</role> <role-hint>sha1</role-hint> <field-name>passwordEncoder</field-name> </requirement> <requirement> <role>org.codehaus.plexus.redback.policy.UserValidationSettings</role> <field-name>userValidationSettings</field-name> </requirement> <requirement> <role>org.codehaus.plexus.redback.policy.CookieSettings</role> <role-hint>rememberMe</role-hint> <field-name>rememberMeCookieSettings</field-name> </requirement> <requirement> <role>org.codehaus.plexus.redback.policy.CookieSettings</role> <role-hint>signon</role-hint> <field-name>signonCookieSettings</field-name> </requirement> <requirement> <role>org.codehaus.plexus.redback.policy.PasswordRule</role> <field-name>rules</field-name> </requirement> </requirements> </component--> <!-- END SNIPPET: ldap --> </components> <lifecycle-handler-manager implementation="org.codehaus.plexus.lifecycle.DefaultLifecycleHandlerManager"> <default-lifecycle-handler-id>plexus</default-lifecycle-handler-id> <lifecycle-handlers> <lifecycle-handler implementation="org.codehaus.plexus.personality.plexus.PlexusLifecycleHandler"> <id>plexus</id> <name>Plexus Lifecycle Handler</name> <begin-segment> <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.LogEnablePhase"/> <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.CompositionPhase"/> <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.ContextualizePhase"/> <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.AutoConfigurePhase"/> <phase implementation="org.codehaus.plexus.registry.RegistryConfigurePhase"/> <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.ServiceablePhase"/> <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.InitializePhase"/> <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.StartPhase"/> </begin-segment> <suspend-segment> <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.SuspendPhase"/> </suspend-segment> <resume-segment> <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.ResumePhase"/> </resume-segment> <end-segment> <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.StopPhase"/> <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.DisposePhase"/> <phase implementation="org.codehaus.plexus.personality.plexus.lifecycle.phase.LogDisablePhase"/> </end-segment> </lifecycle-handler> </lifecycle-handlers> </lifecycle-handler-manager> </plexus>
