On Wed, Jun 4, 2008 at 9:01 AM, hel-o <[EMAIL PROTECTED]> wrote: > > Hi, you were right. There was an error in the config file. Now i have the > following line in xwiki.cfg: > xwiki.authentication.ldap.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl
Documentation is wrong (I just fixed it), you were right in your first time it's xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl. Are you sure you xwiki.cfg file is at the right place (/WEB-INF/) ? > > Afterwards I restarted Tomcat6. > Hi, > > The problem still remains: Users that are already added (by the former LDAP > mechanism or by hand) can login (with their active directory password), but > no new users are created as they want to log in for the first time. > > The stdout_xxxxxxxx.log says: > [http-80-1] INFO .AbstractXWikiMigrationManager - No storage migration > required since current version is [7351] > [http-80-2] ERROR LDAP.LDAPAuthServiceImpl - LDAP Bind failed with > Exception Invalid Credentials --> get this line every time a user that > doesn't exist in the xwiki userlist wants to login > > I also tried the old one authservice class using this line: > xwiki.authentication.ldap.authclass=com.xpn.xwiki.user.impl.LDAP.LDAPAuthServiceImpl > with the same result. > > All the other logs in the tomcat log directory look clean... > > Thanks > Helmut > > > Thomas Mortagne wrote: >> >> Hi, >> >> On Tue, Jun 3, 2008 at 5:46 PM, hel-o <[EMAIL PROTECTED]> wrote: >>> >>> Hi, >>> >>> Authentication worked before 1.3.2. Works now for existing users but not >>> for >>> New Users. New Users are not created when they log in the first time. >>> >>> Log file: >>> --- >>> 2008-06-03 17:24:46,344 [http://server/bin/view/Main/WebHome] [http-80-1] >>> ERROR LDAP.LDAPAuthServiceImpl - LDAP Bind failed with Exception >> >> This looks like you use LDAPAuthServiceImpl and not >> XWikiLDAPAuthServiceImpl as it is written in the configuration you >> sent... >> Makes sure you restarted xwiki after modifying xwiki.cfg. >> >>> Invalid Credentials >>> 2008-06-03 17:24:47,125 [http://server/bin/view/Main/WebHome] [http-80-1] >>> ERROR LDAP.LDAPAuthServiceImpl - LDAP Bind failed with Exception >>> Invalid Credentials >>> --- >>> >>> Configuration: >>> --- >>> # new LDAP authentication service >>> # >>> xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl >>> >>> #-# Turn LDAP authentication on - otherwise only XWiki authentication >>> #-# 0: disable >>> #-# 1: enable >>> xwiki.authentication.ldap=1 >>> >>> #-# LDAP Server (Active Directory, eDirectory, OpenLDAP, etc.) >>> xwiki.authentication.ldap.server=server >>> xwiki.authentication.ldap.port=389 >>> >>> #-# LDAP login, empty = anonymous access, otherwise specify full dn >>> #-# {0} is replaced with the username, {1} with the password >>> xwiki.authentication.ldap.bind_DN=CN=user,OU=ServicesAccounts,DC=company,DC=holding,DC=ch >>> xwiki.authentication.ldap.bind_pass=password >>> >>> #-# Force to check password after LDAP connection >>> #-# 0: disable >>> #-# 1: enable >>> xwiki.authentication.ldap.validate_password=0 >>> >>> #-# only members of the following group will be verified in the LDAP >>> # otherwise only users that are found after searching starting from the >>> base_DN >>> # >>> xwiki.authentication.ldap.user_group=cn=developers,ou=groups,o=MegaNova,c=US >>> >>> #-# base DN for searches >>> xwiki.authentication.ldap.base_DN=DC=company,DC=holding,DC=ch >>> >>> #-# specifies the LDAP attribute containing the identifier to be used as >>> the >>> XWiki name (default=cn) >>> xwiki.authentication.ldap.UID_attr=sAMAccountName >>> >>> #-# retrieve the following fields from LDAP and store them in the XWiki >>> user >>> object (xwiki-attribute=ldap-attribute) >>> #-# ldap_dn=dn -- dn is set by class, caches dn in XWiki.user object for >>> faster access >>> xwiki.authentication.ldap.fields_mapping=name=sAMAccountName,last_name=sn,first_name=givenName,fullname=fullName,email=mail,ldap_dn=dn >>> >>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] >>> #-# on every login update the mapped attributes from LDAP to XWiki >>> otherwise >>> this happens only once when the XWiki account is created. >>> xwiki.authentication.ldap.update_user=1 >>> >>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] >>> #-# mapps XWiki groups to LDAP groups, separator is "|" >>> # >>> xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=cn=AdminRole,ou=groups,o=MegaNova,c=US|\ >>> # >>> XWiki.Organisation=cn=testers,ou=groups,o=MegaNova,c=US >>> >>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] >>> #-# time in s after which the list of members in a group is refreshed >>> from >>> LDAP (default=3600*6) >>> # xwiki.authentication.ldap.groupcache_expiration=21800 >>> >>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] >>> #-# - create : synchronize group membership only when the user is first >>> created >>> #-# - always: synchronize on every login >>> xwiki.authentication.ldap.mode_group_sync=create >>> >>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] >>> #-# if ldap authentication fails for any reason, try XWiki DB >>> authentication >>> with the same credentials >>> xwiki.authentication.ldap.trylocal=1 >>> >>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] >>> #-# SSL connection to LDAP server >>> #-# 0: normal >>> #-# 1: SSL >>> # xwiki.authentication.ldap.ssl=0 >>> >>> #-# [SINCE 1.3M2, XWikiLDAPAuthServiceImpl] >>> #-# The keystore file to use in SSL connection >>> # xwiki.authentication.ldap.ssl.keystore= >>> ---- >>> >>> Connection in LDAP-Browser works with the settings used in the >>> configuration >>> above. >>> >>> Thanks for your help >>> Helmut >>> -- >>> View this message in context: >>> http://www.nabble.com/LDAP-Authentication-%28Active-Directory-tp17626760p17626760.html >>> Sent from the XWiki- Users mailing list archive at Nabble.com. >>> >>> _______________________________________________ >>> users mailing list >>> users@xwiki.org >>> http://lists.xwiki.org/mailman/listinfo/users >>> >> >> >> >> -- >> Thomas Mortagne >> _______________________________________________ >> users mailing list >> users@xwiki.org >> http://lists.xwiki.org/mailman/listinfo/users >> >> > > -- > View this message in context: > http://www.nabble.com/LDAP-Authentication-%28Active-Directory%29-tp17626760p17640459.html > Sent from the XWiki- Users mailing list archive at Nabble.com. > > _______________________________________________ > users mailing list > users@xwiki.org > http://lists.xwiki.org/mailman/listinfo/users > -- Thomas Mortagne _______________________________________________ users mailing list users@xwiki.org http://lists.xwiki.org/mailman/listinfo/users
