hi all, iam new to
apache roller.i want to integrate ldap to apache roller. i have followed the
article in wiki for ldap configuration . Its nor working fine. The ldap users
are not been recognized by roller. But if i register the name of any username
from ldap in roller with different password, from the next time roller is
recognizing the user and allowing the user to login with the password in ldap
but not that is registered in database. i..e, if A is the user in ldap with
password B , i have registered user A in roller through registration page with
password C, now from the movement i registered the roller recognizes user
A & accepts him to login with password B, but not with password C. My
roller-custom.properties
is,installation.type=autodatabase.configurationType=jdbcdatabase.jdbc.driverClass=org.postgresql.Driverdatabase.jdbc.connectionURL=jdbc:postgresql://localhost:5432/rollerdatabase.jdbc.username=postgresdatabase.jdbc.password=postgresmail.configurationType=propertiesmail.hostName=localhostusers.sso.enabled=trueusers.sso.registry.ldap.attributes.name=cnusers.sso.registry.ldap.attributes.email=mailusers.sso.registry.ldap.attributes.locale=localeusers.sso.registry.ldap.attributes.timezone=timezone#users.sso.passwords.save=true#users.sso.autoProvision.enabled=false#users.sso.autoProvision.className=org.apache.roller.ui.core.security.BasicUserAutoProvision&
my security.xml file is, <bean id="filterInvocationInterceptor"
class="org.acegisecurity.intercept.web.FilterSecurityInterceptor">
<property name="authenticationManager"
ref="authenticationManager"/>
<property name="accessDecisionManager"
ref="accessDecisionManager"/>
<property
name="objectDefinitionSource">
<value>
PATTERN_TYPE_APACHE_ANT
/roller-ui/login-redirect**=admin,editor
/roller-ui/profile**=admin,editor
/roller-ui/createWeblog**=admin,editor
/roller-ui/menu**=admin,editor
/roller-ui/authoring/**=admin,editor
/roller-ui/admin/**=admin
/roller-ui/user.do*=register
/rewrite-status*=admin
</value>
<!-- Add this to above list for LDAP/SSO configuration
-->
<!-- /roller-ui/user.do*=register
-->
</property> </bean> <bean
id="authenticationManager"
class="org.acegisecurity.providers.ProviderManager">
<property
name="providers">
<list>
<!-- <ref local="daoAuthenticationProvider"/>
-->
<ref local="ldapAuthProvider"/>
<!-- Uncomment this for CAS/SSO configuration <ref
local="casAuthenticationProvider"/>
-->
<ref
local="anonymousAuthenticationProvider"/>
<!-- rememberMeAuthenticationProvider added programmatically
-->
</list>
</property> </bean>
<!-- Log failed authentication attempts to commons-logging
--> <bean id="loggerListener"
class="org.acegisecurity.event.authentication.LoggerListener"/>
<bean id="daoAuthenticationProvider"
class="org.acegisecurity.providers.dao.DaoAuthenticationProvider">
<property name="userDetailsService"
ref="jdbcAuthenticationDao"/>
<property name="userCache" ref="userCache"/>
</bean> <!-- Read users from
Roller API --> <bean id="jdbcAuthenticationDao"
class="org.apache.roller.weblogger.ui.core.security.RollerUserDetailsService"/>
<bean id="userCache"
class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache">
<property
name="cache">
<bean
class="org.springframework.cache.ehcache.EhCacheFactoryBean">
<property
name="cacheManager">
<bean
class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/>
</property>
<property name="cacheName"
value="userCache"/>
</bean>
</property> </bean>
<bean id="anonymousAuthenticationProvider"
class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider">
<property name="key" value="anonymous"/>
</bean> <bean id="roleVoter"
class="org.acegisecurity.vote.RoleVoter">
<property name="rolePrefix" value=""/>
</bean> <bean id="accessDecisionManager"
class="org.acegisecurity.vote.AffirmativeBased">
<property name="allowIfAllAbstainDecisions"
value="false"/> <property
name="decisionVoters">
<list>
<ref
local="roleVoter"/>
</list>
</property> </bean> ##ldap user
authentication ################ <bean id="initialDirContextFactory"
class="org.acegisecurity.ldap.DefaultInitialDirContextFactory">
<constructor-arg
value="ldap://10.163.14.77:389"/>
<property name="managerDn"
value="cn=Manager,dc=otc,dc=nic,dc=in"/>
<property name="managerPassword"
value="trac123server"/> </bean>
<bean id="ldapUserSearch"
class="org.acegisecurity.ldap.search.FilterBasedLdapUserSearch">
<constructor-arg index="0"
value="dc=otc,dc=nic,dc=in"/>
<constructor-arg index="1"
value="cn={0}"/>
<constructor-arg index="2"
ref="initialDirContextFactory"/>
<property name="searchSubtree"
value="true"/>
</bean>
<bean id="ldapAuthProvider"
class="org.acegisecurity.providers.ldap.LdapAuthenticationProvider">
<constructor-arg>
<bean
class="org.acegisecurity.providers.ldap.authenticator.BindAuthenticator">
<constructor-arg
ref="initialDirContextFactory"/>
<property name="userSearch"
ref="ldapUserSearch"/>
</bean>
</constructor-arg>
<constructor-arg
ref="jdbcAuthoritiesPopulator"/>
<property name="userCache" ref="userCache"/>
</bean> <bean
id="jdbcAuthoritiesPopulator"
class="org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator">
<property name="defaultRole"
value="register"/>
</bean> what should i do ?
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
