openmeetings-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bart Coninckx <bart.conin...@telenet.be>
Subject Re: LDAP authentication against eDirectory issue
Date Tue, 29 Jan 2013 21:55:22 GMT
Weird - I tried with openldap and I get the same phenomenon.

:-s


thx,

BC

On 01/29/13 20:21, Bart Coninckx wrote:
> two additions:
>
> - I added "ldap_user_attr_language_id=Language" to no avail
> - eDir wants to have the user login name ALWAYS in capitals, nomatter 
> how ldap_use_lower_case is defined.
>
>
> BC
>
>
>
> On 01/29/13 19:59, Bart Coninckx wrote:
>> Hi again,
>>
>> The next step for me was enabling LDAP auth.
>> This produces errors however:
>>
>> DEBUG 01-29 19:52:49.161 LdapLoginManagement.java 204230 242 
>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>> LdapLoginmanagement.doLdapLogin
>> DEBUG 01-29 19:52:49.161 LdapLoginManagement.java 204230 198 
>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>> LdapLoginmanagement.getLdapConfigData
>> DEBUG 01-29 19:52:49.161 LdapLoginManagement.java 204230 217 
>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>> LdapLoginmanagement.readConfig : 
>> /data/openmeetings/webapps/openmeetings/conf/edir.ldap.cfg
>> DEBUG 01-29 19:52:49.162 LdapLoginManagement.java 204231 138 
>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>> isValidAuthType
>> DEBUG 01-29 19:52:49.162 LdapLoginManagement.java 204231 382 
>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>> Searching userdata with LDAP Search Filter :(uid=BC)
>> DEBUG 01-29 19:52:49.163 LdapAuthBase.java 204232 84 
>> org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] - LdapAuthBase
>> DEBUG 01-29 19:52:49.163 LdapLoginManagement.java 204232 393 
>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>> authenticating admin...
>> DEBUG 01-29 19:52:49.163 LdapAuthBase.java 204232 101 
>> org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] - 
>> authenticateUser
>> DEBUG 01-29 19:52:49.163 LdapAuthBase.java 204232 117 
>> org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] -
>>
>> Authentification to LDAP - Server start
>> DEBUG 01-29 19:52:49.164 LdapAuthBase.java 204233 151 
>> org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] - 
>> loginToLdapServer
>> DEBUG 01-29 19:52:49.167 LdapLoginManagement.java 204236 396 
>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>> Checking server type...
>> DEBUG 01-29 19:52:49.168 LdapLoginManagement.java 204237 400 
>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>> LDAP server is OpenLDAP
>> DEBUG 01-29 19:52:49.168 LdapLoginManagement.java 204237 401 
>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>> LDAP search base: OU=tu,O=be
>> DEBUG 01-29 19:52:49.173 LdapLoginManagement.java 204242 407 
>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>> Authentication with DN: cn=BC,ou=ICT,OU=tu,O=be
>> DEBUG 01-29 19:52:49.174 LdapAuthBase.java 204243 101 
>> org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] - 
>> authenticateUser
>> DEBUG 01-29 19:52:49.174 LdapAuthBase.java 204243 117 
>> org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] -
>>
>> Authentification to LDAP - Server start
>> DEBUG 01-29 19:52:49.174 LdapAuthBase.java 204243 151 
>> org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] - 
>> loginToLdapServer
>> DEBUG 01-29 19:52:49.177 Usermanagement.java 204246 1556 
>> org.openmeetings.app.data.user.Usermanagement [NioProcessor-18] - 
>> Usermanagement.getUserByLogin : BC
>> DEBUG 01-29 19:52:49.202 LdapLoginManagement.java 204271 442 
>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>> user doesnt exist local -> create new
>> DEBUG 01-29 19:52:49.203 LdapAuthBase.java 204272 174 
>> org.openmeetings.app.ldap.LdapAuthBase [NioProcessor-18] - getData
>> DEBUG 01-29 19:52:49.208 LdapLoginManagement.java 204277 495 
>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>> Synching Ldap user to OM DB with RANDOM password: brghzu36ohpp
>> DEBUG 01-29 19:52:49.209 LdapLoginManagement.java 204278 592 
>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>> LdapLoginmanagement.createUserFromLdapData
>> DEBUG 01-29 19:52:49.305 LdapLoginManagement.java 204374 727 
>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - 
>> User Created!
>> DEBUG 01-29 19:52:49.305 LdapLoginManagement.java 204374 504 
>> org.openmeetings.app.ldap.LdapLoginManagement [NioProcessor-18] - New 
>> User ID : -13
>> DEBUG 01-29 19:52:49.307 Sessionmanagement.java 204376 176 
>> org.openmeetings.app.data.basic.Sessionmanagement [NioProcessor-18] - 
>> updateUser User: -13 || d1b0316797f91a46c08a392d071a790d
>> DEBUG 01-29 19:52:49.311 Sessionmanagement.java 204380 196 
>> org.openmeetings.app.data.basic.Sessionmanagement [NioProcessor-18] - 
>> Found session to update: d1b0316797f91a46c08a392d071a790d userId: -13
>> DEBUG 01-29 19:52:49.315 Usermanagement.java 204384 1505 
>> org.openmeetings.app.data.user.Usermanagement [NioProcessor-18] - 
>> Usermanagement.getUserById
>> [INFO] [NioProcessor-18] 
>> org.red5.server.net.rtmp.codec.RTMPProtocolDecoder - Action 
>> errorservice.getErrorByCode
>> DEBUG 01-29 19:52:49.627 ErrorService.java 204696 60 
>> org.openmeetings.app.remote.ErrorService [NioProcessor-18] - errorid, 
>> language_id: -1|1
>> DEBUG 01-29 19:52:49.632 ErrorService.java 204701 64 
>> org.openmeetings.app.remote.ErrorService [NioProcessor-18] - 
>> eValues.getFieldvalues_id() = 334
>> DEBUG 01-29 19:52:49.636 ErrorService.java 204705 66 
>> org.openmeetings.app.remote.ErrorService [NioProcessor-18] - 
>> eValues.getErrorType() = 
>> org.openmeetings.app.persistence.beans.basic.ErrorType@32b1a562
>>
>> As far as I can tell, OM is effectively able to authenticate the user 
>> and adds it to it's own database.
>> However, when I check the DB, there's no new user, just the local admin.
>>
>> This OM 2.0 and this is the config file:
>>
>> ldap_server_type=OpenLDAP
>> ldap_conn_url=ldap://cluster2fs.dafra.be:389
>> ldap_admin_dn=CN:admin,O:be
>> ldap_passwd=nononono_you_can_not_have_this
>> ldap_search_base=OU:tu,O:be
>> field_user_principal=uid
>> ldap_auth_type=SIMPLE
>> ldap_use_lower_case=true
>> #ldap_user_timezone=timezone
>> ldap_sync_password_to_om=no
>> ldap_user_attr_lastname=sn
>> ldap_user_attr_firstname=givenName
>> ldap_user_attr_mail=mail
>> ldap_user_attr_street=street
>> ldap_user_attr_additionalname=description
>> ldap_user_attr_fax=facsimileTelephoneNumber
>> ldap_user_attr_zip=postalCode
>> ldap_user_attr_country=co
>> ldap_user_attr_town=city
>> ldap_user_attr_phone=telephoneNumber
>> ldap_user_attr_language=Language
>>
>> I used this documentation (which is rather brief):
>> http://incubator.apache.org/openmeetings/LdapAndADS.html
>>
>>
>> the config file I assembled both from the sample file and a mailing post.
>> I'm able to trace LDAP calls on the eDir server and nothing funny 
>> happens there. The search is done for the user, without any 
>> attributes however, so eDir sends them all.
>>
>> Anyone a small hint?
>>
>> cheers,
>>
>> BC
>>
>>
>>
>>
>>
>


Mime
View raw message