archiva-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Jacobs <Chris.Jac...@apollogrp.edu>
Subject LDAP authentication
Date Thu, 03 May 2012 18:27:26 GMT
Hello,

The documentation I've seen for configuring authentication via LDAP is sparse, inconsistent,
and out of date (Redback), so before I even go into the details of my problem I'll grant that
I may have missed something important.

I'm using the current/latest stable release of Archiva's Standalone, 1.3.5.

Here are the changes I've made from the default configuration (I haven't even tried to bring
the config and DBs from our existing 1.2.2 Archiva instance).

Diff against source of archiva/apps/archiva/WEB-INF/classes/org/apache/maven/archiva/security.properties:
(cleaned of actual DNS and DN path)
----------------------------------------------
28,41d27
<
< ldap.config.hostname=ldap-vip.example.net
< ldap.config.port=389
< ldap.config.base.dn=ou=people,dc=example,dc=net
< ldap.config.context.factory=com.sun.jndi.ldap.LdapCtxFactory
<
< ldap.config.mapper.attribute.email=mail
< ldap.config.mapper.attribute.fullname=cn
< ldap.config.mapper.attribute.password=userPassword
< ldap.config.mapper.attribute.user.id=uid
< ldap.config.mapper.attribute.user.base=ou=people,dc=example,dc=net
< ldap.config.mapper.attribute.user.object.class=inetOrgPerson
<
< ldap.bind.authenticator.enabled=true
----------------------------------------------

Diff against source of archiva/apps/archiva/WEB-INF/classes/META-INF/plexus/application.xml:
(cleaned of actual DNS and DN path)
----------------------------------------------
257c257
<     <component>
---
>     <!-- component>
266c266
<     </component>
---
>     </component-->
291c291
<     <component>
---
>     <!-- component>
296,297c296,297
<         <email-attribute>mail</email-attribute>
<         <full-name-attribute>cn</full-name-attribute>
---
>         <email-attribute>email</email-attribute>
>         <full-name-attribute>givenName</full-name-attribute>
300c300
<         <user-base-dn>ou=people,dc=example,dc=net</user-base-dn>
---
>         <user-base-dn>o=com</user-base-dn>
308c308
<     </component>
---
>     </component-->
----------------------------------------------

I can authenticate as admin just fine, when I authenticate as an LDAP user, I see in the logs:
----------------------------------------------
==> wrapper.20120503.log <==
INFO   | jvm 1    | 2012/05/03 16:34:48 | 2012-05-03 16:34:47.992::WARN:  /archiva/security/login.action
INFO   | jvm 1    | 2012/05/03 16:34:48 | java.lang.NullPointerException
INFO   | jvm 1    | 2012/05/03 16:34:48 |       at org.codehaus.plexus.redback.struts2.action.LoginAction.webLogin(LoginAction.java:341)
INFO   | jvm 1    | 2012/05/03 16:34:48 |       at org.codehaus.plexus.redback.struts2.action.LoginAction.login(LoginAction.java:133)
(continues, snipped)
----------------------------------------------
==> archiva.log <==
2012-05-03 16:34:47,940 [btpool0-3] WARN  org.codehaus.plexus.redback.authentication.users.UserManagerAuthenticator
 - Login for user csjacobs failed. user not found.
2012-05-03 16:34:47,942 [btpool0-3] INFO  org.codehaus.plexus.redback.authentication.ldap.LdapBindAuthenticator
 - Searching for users with filter: '(&(objectClass=inetOrgPerson)(uid=csjacobs))' from
base dn: ou=people,dc=unix,dc=aptimus,dc=net
2012-05-03 16:34:47,978 [btpool0-3] INFO  org.codehaus.plexus.redback.authentication.ldap.LdapBindAuthenticator
 - Found user?: true
2012-05-03 16:34:47,980 [btpool0-3] INFO  org.codehaus.plexus.redback.authentication.ldap.LdapBindAuthenticator
 - Attempting Authenication: + uid=csjacobs,ou=people,dc=unix,dc=aptimus,dc=net
----------------------------------------------

And in my browser:
----------------------------------------------
HTTP ERROR 500

Problem accessing /archiva/security/login.action. Reason:

    INTERNAL_SERVER_ERROR
Caused by:

java.lang.NullPointerException
        at org.codehaus.plexus.redback.struts2.action.LoginAction.webLogin(LoginAction.java:341)
        at org.codehaus.plexus.redback.struts2.action.LoginAction.login(LoginAction.java:133)
(continues, snipped)
----------------------------------------------

And most disturbingly, further attempts to to open any page in archiva results in a similar
error, even when I attempt to go to the logout url directly, but that's due to the account
I've attempted to login as. When I open archiva in another browser, I can open archiva without
difficulty.

Any information, assistance, etc, would be greatly appreciated.

Thanks,
- chris

Chris Jacobs
Systems Administrator, Technology Services Group

Apollo Group  |  Apollo Marketing & Product Development  |  Aptimus, Inc.
1501 4th Ave  |  Suite 2500  |  Seattle, WA 98101 direct 206.839.8245  |  cell 206.601.3256
 |  Fax 206.644.0628
email: chris.jacobs@apollogrp.edu


This message is private and confidential. If you have received it in error, please notify
the sender and remove it from your system.



Mime
View raw message