Mailing-List: contact users-help@archiva.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@archiva.apache.org
Received-SPF: pass (athena.apache.org: domain of batkinson@usm.maine.edu
 designates 130.111.135.148 as permitted sender)
Message-Id: <492C46940200009D0001E71F@uct5.uct.usm.maine.edu>
Date: Tue, 25 Nov 2008 18:40:20 -0500
From: "Brent Atkinson" <batkinson@usm.maine.edu>
To: <users@archiva.apache.org>
Subject: Archiva 1.1.x and LDAP
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="=__Part755D1DF4.0__="

--=__Part755D1DF4.0__=
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable

Hi,
=20
I recently upgraded from archiva 1.0.x to 1.1.3 and found that ldap =
authentication is broken. Archiva 1.1.3 currently does not appear to work =
with ldap.config.bind.dn. Although I haven't verified it yet, archiva =
1.2-M1 includes an updated redback with the fix. Hopefully I can save =
someone else some time.=20
=20
${appserver.base}/conf/security.properties:
=20
user.manager.impl=3Dcached
ldap.bind.authenticator.enabled=3Dtrue
redback.default.admin=3Dadmin
redback.default.guest=3Dguest
security.policy.password.expiration.enabled=3Dfalse
=20
ldap.config.hostname=3D127.0.0.1
ldap.config.port=3D389
ldap.config.base.dn=3Do=3Dlocaldomain
ldap.config.context.factory=3Dcom.sun.jndi.ldap.LdapCtxFactory
ldap.config.bind.dn=3Dcn=3DAdministrator,o=3Dlocaldomain
ldap.config.password=3D********
=20
ldap.config.mapper.attribute.email=3Dmail
ldap.config.mapper.attribute.fullname=3Dcn
ldap.config.mapper.attribute.password=3DuserPassword
ldap.config.mapper.attribute.user.id=3Duid
## This is set in application.xml due to another unrelated issue
#ldap.config.mapper.attribute.user.base.dn=3Dou=3Dpeople,o=3Dlocaldomain
ldap.config.mapper.attribute.user.object.class=3DinetOrgPerson
=20
With this configuration, archiva fails to start and throws the following =
stack trace:
=20
org.codehaus.plexus.redback.common.ldap.connection.LdapException: Could =
not connect to the server. [Root exception is javax.naming.InvalidNameExcep=
tion: [LDAP: error code 34 - invalid DN]]
        at org.codehaus.plexus.redback.common.ldap.connection.LdapConnectio=
n.<init>(LdapConnection.java:81)
        at org.codehaus.plexus.redback.common.ldap.connection.ConfigurableL=
dapConnectionFactory.getConnection(ConfigurableLdapConnectionFactory.java:1=
30)
        at org.codehaus.plexus.redback.users.ldap.LdapUserManager.newDirCon=
text(LdapUserManager.java:338)
        at org.codehaus.plexus.redback.users.ldap.LdapUserManager.findUser(=
LdapUserManager.java:214)
        at org.codehaus.plexus.redback.users.cached.CachedUserManager.findU=
ser(CachedUserManager.java:126)
        at org.codehaus.plexus.redback.users.configurable.ConfigurableUserM=
anager.findUser(ConfigurableUserManager.java:111)
        at org.codehaus.plexus.redback.xwork.checks.security.GuestUserEnvir=
onmentCheck.validateEnvironment(GuestUserEnvironmentCheck.java:82)
        at org.apache.maven.archiva.web.startup.SecuritySynchronization.exe=
cuteEnvironmentChecks(SecuritySynchronization.java:151)
        at org.apache.maven.archiva.web.startup.SecuritySynchronization.sta=
rtup(SecuritySynchronization.java:125)
        at org.apache.maven.archiva.web.startup.ArchivaStartup.contextIniti=
alized(ArchivaStartup.java:56)
        at org.apache.catalina.core.StandardContext.listenerStart(StandardC=
ontext.java:3764)
...
The issue is with redback: http://jira.codehaus.org/browse/REDBACK-154.=20

--=__Part755D1DF4.0__=--