hi i was able to set up archiva with ldap using 1.4-M2 and adding the securities.properties file I posted it on this issue https://jira.codehaus.org/browse/MRM-1627
so far I am not having any problem with the set-up hope it helps. Regards Mark On Sat, May 5, 2012 at 1:29 AM, Chris Jacobs <[email protected]>wrote: > I saw that too, and the linked-to puppet template was quite helpful as > well, but I'm still in the same position. > > Even after the silly process similar the 4th google result, when I login > as the admin, I'm taken to the password reset screen which I can still > ignore. > > I'm beginning to think I may not be successful in the the requirements I > have for replacing our 'wild-west' archia instance: > 1) Configured/managed via puppet > 2) Authenticate via LDAP (ssl - which is working) > 3) Access site via SSL (should be trivial) > > When I can not configure the Archiva instance once, and have it work, then > I'm unable to satist step 1. > > Currently I have to do things by hand, using different versions of configs > to get things to mostly work. > > - chris > > Chris Jacobs > Systems Administrator, Technology Services Group > > Apollo Group | Apollo Marketing & Product Development | Aptimus, Inc. > 1501 4th Ave | Suite 2500 | Seattle, WA 98101 > direct 206.839.8245 | cell 206.601.3256 | Fax 206.644.0628 > email: [email protected] > > ----- Original Message ----- > From: Not Zippy <[email protected]> > To: [email protected] <[email protected]> > Sent: Fri May 04 10:22:36 2012 > Subject: Re: LDAP authentication > > I havent tried this but stack overflow has a solution > > http://stackoverflow.com/questions/8101294/unable-to-get-apache-archiva-working-with-ldap > > On Fri, May 4, 2012 at 10:14 AM, Chris Jacobs <[email protected] > >wrote: > > > I am a little disappointed; does no one use Archiva in an environment > > where central authentication and disaster recovery is regarded as > important? > > > > Or perhaps this is the wrong mailing list? > > > > Or perhaps I'm looking at the wrong documents? > > > > security.properties file itself offers no hints. > > The comments/hints in application.xml seemed to help, but it doesn't give > > everything that's needed (apparently). > > > > A google search for: archiva ldap > > 1) http://archiva.apache.org/redback/integration/ldap.html is out of > date > > with the files being shipped with Archiva. > > 2) > > > https://cwiki.apache.org/ARCHIVA/howto-configure-usermanagement-with-ldap.htmlismissing > the actual useful bits on the page, but talks about them a lot. > > 3) An LDAP thread from Oct 2008 on this mailing list talks about a lack > of > > documentation, with a broken link to an example default config (which I > > managed to trace to the new repo but that didn't help) > > 4) A bug report where steps similar to mine are reported but was closed > > without addressing the actual issue with the only comment being "admin > > account was locked" - but with LDAP enabled there doesn't appear to be an > > unlock option. > > etc. > > > > I'm at a loss here; I'm a system administrator - not a dev. > > > > Anyone feel like giving me some hints? > > > > - chris > > > > -----Original Message----- > > From: Chris Jacobs [mailto:[email protected]] > > Sent: Thursday, May 03, 2012 4:54 PM > > To: [email protected] > > Subject: RE: LDAP authentication > > > > I have managed some success by adding the lines to security.properties: > > > > redback.default.admin=archiva-admin (a real ldap account) > > redback.default.guest=archiva-guest (a real ldap account) > > > > However, if I start with that config form the start, I am unable to login > > as the archiva-admin account (even if I set it to other names which don't > > exist in LDAP). > > > > I've found I can work around it by: > > Install clean > > Add ONLY the redback.default.admin line above Start Archiva Open page, > > complete admin form. > > On the following ridiculous page, it requests that I now CHANGE the > > password. Pffft. > > Stop Archiva > > Put in place the security.properties and application.xml files as below > > into place - with the addition of the two redback lines above, and then > > start archiva. > > > > And things work. > > > > Problem: This kind of setup procedure is untenable from a repeatable > > system build (disaster recovery is important yo) persepective. > > > > I suspect that my configs are off somewhere where I'm unable to login as > > the archiva-admin LDAP account - if I'm able to resolve this issue > without > > having to play config file musical chairs, I'll be golden. > > > > Thoughts? > > > > Thanks, > > - chris > > > > -----Original Message----- > > From: Chris Jacobs [mailto:[email protected]] > > Sent: Thursday, May 03, 2012 11:27 AM > > To: [email protected] > > Subject: LDAP authentication > > > > Hello, > > > > The documentation I've seen for configuring authentication via LDAP is > > sparse, inconsistent, and out of date (Redback), so before I even go into > > the details of my problem I'll grant that I may have missed something > > important. > > > > I'm using the current/latest stable release of Archiva's Standalone, > 1.3.5. > > > > Here are the changes I've made from the default configuration (I haven't > > even tried to bring the config and DBs from our existing 1.2.2 Archiva > > instance). > > > > Diff against source of > > > archiva/apps/archiva/WEB-INF/classes/org/apache/maven/archiva/security.properties: > > (cleaned of actual DNS and DN path) > > ---------------------------------------------- > > 28,41d27 > > < > > < ldap.config.hostname=ldap-vip.example.net > > < ldap.config.port=389 > > < ldap.config.base.dn=ou=people,dc=example,dc=net > > < ldap.config.context.factory=com.sun.jndi.ldap.LdapCtxFactory > > < > > < ldap.config.mapper.attribute.email=mail > > < ldap.config.mapper.attribute.fullname=cn > > < ldap.config.mapper.attribute.password=userPassword > > < ldap.config.mapper.attribute.user.id=uid > > < ldap.config.mapper.attribute.user.base=ou=people,dc=example,dc=net > > < ldap.config.mapper.attribute.user.object.class=inetOrgPerson > > < > > < ldap.bind.authenticator.enabled=true > > ---------------------------------------------- > > > > Diff against source of > > archiva/apps/archiva/WEB-INF/classes/META-INF/plexus/application.xml: > > (cleaned of actual DNS and DN path) > > ---------------------------------------------- > > 257c257 > > < <component> > > --- > > > <!-- component> > > 266c266 > > < </component> > > --- > > > </component--> > > 291c291 > > < <component> > > --- > > > <!-- component> > > 296,297c296,297 > > < <email-attribute>mail</email-attribute> > > < <full-name-attribute>cn</full-name-attribute> > > --- > > > <email-attribute>email</email-attribute> > > > <full-name-attribute>givenName</full-name-attribute> > > 300c300 > > < <user-base-dn>ou=people,dc=example,dc=net</user-base-dn> > > --- > > > <user-base-dn>o=com</user-base-dn> > > 308c308 > > < </component> > > --- > > > </component--> > > ---------------------------------------------- > > > > I can authenticate as admin just fine, when I authenticate as an LDAP > > user, I see in the logs: > > ---------------------------------------------- > > ==> wrapper.20120503.log <== > > INFO | jvm 1 | 2012/05/03 16:34:48 | 2012-05-03 16:34:47.992::WARN: > > /archiva/security/login.action > > INFO | jvm 1 | 2012/05/03 16:34:48 | java.lang.NullPointerException > > INFO | jvm 1 | 2012/05/03 16:34:48 | at > > > org.codehaus.plexus.redback.struts2.action.LoginAction.webLogin(LoginAction.java:341) > > INFO | jvm 1 | 2012/05/03 16:34:48 | at > > > org.codehaus.plexus.redback.struts2.action.LoginAction.login(LoginAction.java:133) > > (continues, snipped) > > ---------------------------------------------- > > ==> archiva.log <== > > 2012-05-03 16:34:47,940 [btpool0-3] WARN > > > org.codehaus.plexus.redback.authentication.users.UserManagerAuthenticator > > - Login for user csjacobs failed. user not found. > > 2012-05-03 16:34:47,942 [btpool0-3] INFO > > org.codehaus.plexus.redback.authentication.ldap.LdapBindAuthenticator - > > Searching for users with filter: > > '(&(objectClass=inetOrgPerson)(uid=csjacobs))' from base dn: > > ou=people,dc=unix,dc=aptimus,dc=net > > 2012-05-03 16:34:47,978 [btpool0-3] INFO > > org.codehaus.plexus.redback.authentication.ldap.LdapBindAuthenticator - > > Found user?: true > > 2012-05-03 16:34:47,980 [btpool0-3] INFO > > org.codehaus.plexus.redback.authentication.ldap.LdapBindAuthenticator - > > Attempting Authenication: + > uid=csjacobs,ou=people,dc=unix,dc=aptimus,dc=net > > ---------------------------------------------- > > > > And in my browser: > > ---------------------------------------------- > > HTTP ERROR 500 > > > > Problem accessing /archiva/security/login.action. Reason: > > > > INTERNAL_SERVER_ERROR > > Caused by: > > > > java.lang.NullPointerException > > at > > > org.codehaus.plexus.redback.struts2.action.LoginAction.webLogin(LoginAction.java:341) > > at > > > org.codehaus.plexus.redback.struts2.action.LoginAction.login(LoginAction.java:133) > > (continues, snipped) > > ---------------------------------------------- > > > > And most disturbingly, further attempts to to open any page in archiva > > results in a similar error, even when I attempt to go to the logout url > > directly, but that's due to the account I've attempted to login as. When > I > > open archiva in another browser, I can open archiva without difficulty. > > > > Any information, assistance, etc, would be greatly appreciated. > > > > Thanks, > > - chris > > > > Chris Jacobs > > Systems Administrator, Technology Services Group > > > > Apollo Group | Apollo Marketing & Product Development | Aptimus, Inc. > > 1501 4th Ave | Suite 2500 | Seattle, WA 98101 direct 206.839.8245 | > > cell 206.601.3256 | Fax 206.644.0628 > > email: [email protected] > > > > > > This message is private and confidential. If you have received it in > > error, please notify the sender and remove it from your system. > > > > > > > > > > This message is private and confidential. If you have received it in > > error, please notify the sender and remove it from your system. > > > > > > > > > > This message is private and confidential. If you have received it in > > error, please notify the sender and remove it from your system. > > > > > > > > This message is private and confidential. If you have received it in > error, please notify the sender and remove it from your system. > > >
