roller-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From leofreesand <yuqi...@hotmail.com>
Subject How to enable LDAP authentication for Roller 5?‏
Date Sun, 26 Jan 2014 14:36:18 GMT
I want to enable LDAP user authentication for Roller 5.0.3. There are some relating tutorials
for Roller 4 but seems not working on the new spring security framework. I find some spring
security 2 configuration examples, trying to figure it out with no success. Hoping someone
will help me...
this is my progress so far: I'm using an openldap server with some testing account and added
some properties in roller custom setting file:users.sso.enabled=trueusers.sso.autoProvision.enabled=trueusers.sso.registry.ldap.attributes.name=uidusers.sso.registry.ldap.attributes.screenname=cn
then I modified the security.xml:    <beans:bean id="contextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource">
       <beans:constructor-arg value="ldap://localhost:389/dc=test,dc=com" />       
<beans:property name="userDn" value="cn=Manager,dc=test,dc=com" />        <beans:property
name="password" value="111111" />    </beans:bean>    <beans:bean id="ldapAuthProvider"
class="org.springframework.security.providers.ldap.LdapAuthenticationProvider">       
<custom-authentication-provider />        <beans:constructor-arg>            <beans:bean
class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator">  
             <beans:constructor-arg ref="contextSource" />                <beans:property
name="userSearch" ref="userSearch" />            </beans:bean>        </beans:constructor-arg>
       <beans:constructor-arg>            <beans:bean class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
               <beans:constructor-arg ref="contextSource" />                <beans:constructor-arg
value="ou=Tester" />                <beans:property name="searchSubtree" value="false"
/>                <beans:property name="defaultRole" value="register" />        
       <beans:property name="convertToUpperCase" value="false" />                <beans:property
name="groupRoleAttribute" value=""/>                <beans:property name="rolePrefix"
value="" />            </beans:bean>        </beans:constructor-arg>    </beans:bean>
   <beans:bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
       <beans:constructor-arg index="0" value="" />        <beans:constructor-arg
index="1" value="(uid={0})" />        <beans:constructor-arg index="2" ref="contextSource"
/>        <beans:property name="searchSubtree" value="true" />    </beans:bean>
(Deploying roller with this configuration will get error message "java.lang.NoClassDefFoundError:
com.sun.jndi.ldap.ctl.ResponseControlFactory", I found a solution at http://www.chrissearle.org/2007/08/30/spring-ldap_and_NoClassDefFoundError_com_sun_jndi_ldap_ctl_ResponseControlFactory/)
Now when using ldap username/password the page will jump to roller_j_security_check and display
following error message: 500Filter execution threw an exceptionRoller has encountered and
logged an unexpected exception.
Using a wrong password will get the same error message, If entering a non-existed username/password
roller will display "Wrong username and password combination".
There are relating search messages in openldap.log, maybe I just need some tweak to fix the
problem? Does anyone have any suggestions for solutions? thanks in advance. 		 	   		  
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message