I have an OpenLDAP installation with the following simple configuration:
dc=snapteam,dc=org < root (top)
cn=admin < admin login for access to LDAP, no
anonymous access (organizationalRole, simpleSecurityObject)
ou=groups < group of groups (organizationalUnit)
cn=group1 < posixGroups with multiple 'memberUid'
attributes with full user DNs
cn=group2
cn=admins
ou=users < group of users (organizationalUnit)
uid=snapadmin < user (inetOrgPerson, posixAccount) -
userPassword fields with plaintext password (I'd like to change to sha or
somesuch)
uid=user1 < another user
Here are the settings in the xwiki.cfg:
xwiki.authentication.authclass=com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthSer
viceImpl
xwiki.authentication.ldap=1
xwiki.authentication.ldap.server=127.0.0.1
xwiki.authentication.ldap.port=389
xwiki.authentication.ldap.bind_DN=cn=admin,dc=snapteam,dc=org
xwiki.authentication.ldap.bind_pass=adminPassword
xwiki.authentication.ldap.ldap_user_search_fmt=(&({0}={1})(objectClass=posix
Account))
xwiki.authentication.ldap.user_group=ou=users,dc=snapteam,dc=org
xwiki.authentication.ldap.base_DN=dc=snapteam,dc=org
xwiki.authentication.ldap.group_classes=posixGroup
xwiki.authentication.ldap.group_memberfields=memberUid
xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,e
mail=mail
xwiki.authentication.ldap.update_user=1
xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=cn=admins,ou=g
roups,dc=snapteam,dc=org|\
XWiki.SnapGroup=cn=snap,ou=groups,dc=snapteam,dc=org|\
XWiki.AARGroup=cn=aar,ou=groups,dc=snapteam,dc=org|\
XWiki.AACUSGroup=cn=aacus,ou=groups,dc=snapteam,dc=org
xwiki.authentication.ldap.groupcache_expiration=21800
xwiki.authentication.ldap.mode_group_sync=always
xwiki.authentication.ldap.trylocal=1
Here are the log trace I'm getting when trying to log in as one of the
users:
2011-04-09 21:35:19,522 DEBUG xwiki.XWiki - Using custom
AuthClass com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.
2011-04-09 21:50:42,946 TRACE LDAP.XWikiLDAPAuthServiceImpl - Starting
LDAP authentication
2011-04-09 21:50:42,946 DEBUG LDAP.XWikiLDAPAuthServiceImpl - The provided
user is null. We don't try to authenticate, it probably means the user is in
non logged mode.
2011-04-09 21:50:42,948 TRACE LDAP.XWikiLDAPAuthServiceImpl - Starting
LDAP authentication
2011-04-09 21:50:42,967 DEBUG LDAP.XWikiLDAPAuthServiceImpl - Checking if
the user belongs to the user group: ou=users,dc=snapteam,dc=org
2011-04-09 21:50:42,969 DEBUG LDAP.XWikiLDAPAuthServiceImpl - Local LDAP
authentication failed.
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticateInCont
ext(XWikiLDAPAuthServiceImpl.java:339)
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.ldapAuthenticate(XWiki
LDAPAuthServiceImpl.java:190)
at
com.xpn.xwiki.user.impl.LDAP.XWikiLDAPAuthServiceImpl.authenticate(XWikiLDAP
AuthServiceImpl.java:137)
2011-04-09 21:50:42,970 DEBUG LDAP.XWikiLDAPAuthServiceImpl - Trying
authentication against XWiki DB
2011-04-09 21:50:42,974 DEBUG LDAP.XWikiLDAPAuthServiceImpl - LDAP
authentication failed for user [snapadmin]
Any help would be appreciated. Thanks!
Joel Schuster
[email protected]
719-510-0181
_______________________________________________
users mailing list
[email protected]
http://lists.xwiki.org/mailman/listinfo/users
