Hi Jayan,
We have Active Directory Authentication working here. The "standard" LDAP
module does not work (or at least I could not get it to work) against
Active Directory, so we made an authenticator specifically for Active
Directory LDAP. Out authenticator uses code from various LDAP patches
that have been posted. Unfortunately I have not had time to package it up
as a patch.
If you want I can send you the Authenticator we have, with some hastily
written basic instructions. You will need to be familiar with compiling
DSpace and where to place source code etc.... Are you interested?
Have a good day,
Kyle
At / À 03:03 AM 09/02/2007, Jayan Chirayath Kurian wrote / a écrit:
I have installed Dspace 1.4.1 on windows 2003 server. We are trying to use
Windows Active directory ldap authentication for logging to Dspace using
domain supplied user ID/Password from within and outside the campus.
The Dspace LDAP Authentication Configuration Settings are:
ldap.enable = true
ldap.provider_url = ldap://X.Y.ntu.edu.sg/o=ntu.edu.sg
ldap.id_field = uid
ldap.object_context = ou= X.Y,o=ntu.edu.sg
ldap.search_context = ou= X.Y
ldap.email_field = mail
ldap.surname_field = sn
ldap.givenname_field = givenName
ldap.phone_field = telephoneNumber
When a valid user log in to Dspace through the myDspace option, the
following error message is received from the log file.
2007-02-09 13:09:01,655 INFO org.dspace.eperson.PasswordAuthentication @
anonymous:session_id=3557F0C69F8F0BEA409C2835BBA20BDC:ip_addr=155.69.24.193:authenticate:attempting
password auth of [EMAIL PROTECTED]
2007-02-09 13:09:01,655 INFO org.dspace.app.webui.servlet.PasswordServlet
@
anonymous:session_id=3557F0C69F8F0BEA409C2835BBA20BDC:ip_addr=155.69.24.193:failed_login:email=
[EMAIL PROTECTED], result=4
The LDAPServlet.java file was modified to include
env.put(javax.naming.Context.PROVIDER_URL, "ldap://X.Y.ntu.edu.sg";);
env.put(javax.naming.Context.SECURITY_AUTHENTICATION, "simple");
env.put(javax.naming.Context.SECURITY_PRINCIPAL, "[EMAIL PROTECTED]");
env.put(javax.naming.Context.SECURITY_CREDENTIALS, "************");
Still it gives the same error mentioned above. I just tried logging
directly using
http://dspacedev1:8080/dspace/ldap-login and gave a user name and password
registered with the domain. It created the user with no submission
privileges. But this user cannot login from the main myDspace option. From
the log file, it seems the user is automatically registered and ldap has
failed.
2007-02-09 15:48:01,797 WARN org.dspace.app.webui.servlet.LDAPServlet @
anonymous:session_id=C5DBB32D95BF99F2B0C8908D0F202FF6:ip_addr=155.69.104.75:ldap_attribute_lookup:type=failed_search
javax.naming.NamingException: [LDAP: error code 1 - 000020D6: SvcErr:
DSID-031006CC, problem 5012 (DIR_ERROR), data 0
]; remaining name 'ou=X,ou=Y'
2007-02-09 15:48:01,797 INFO org.dspace.app.webui.servlet.LDAPServlet @
anonymous:session_id=C5DBB32D95BF99F2B0C8908D0F202FF6:ip_addr=155.69.104.75:autoregister:[EMAIL PROTECTED]
2007-02-09 15:48:01,813 INFO org.dspace.eperson.EPerson @
anonymous:session_id=C5DBB32D95BF99F2B0C8908D0F202FF6:ip_addr=155.69.104.75:create_eperson:eperson_id=44
2007-02-09 15:48:01,844 INFO org.dspace.eperson.EPerson @
anonymous:session_id=C5DBB32D95BF99F2B0C8908D0F202FF6:ip_addr=155.69.104.75:update_eperson:eperson_id=44
2007-02-09 15:48:01,906 INFO org.dspace.app.webui.servlet.LDAPServlet @
[EMAIL PROTECTED]:session_id=C5DBB32D95BF99F2B0C8908D0F202FF6:ip_addr=155.69.104.75:login:type=ldap-login
2007-02-09 15:48:01,906 INFO org.dspace.app.webui.servlet.MyDSpaceServlet
@
[EMAIL PROTECTED]:session_id=C5DBB32D95BF99F2B0C8908D0F202FF6:ip_addr=155.69.104.75:view_mydspace:
Could any one please help regarding this. Is there any other file that
needs to be modified to make LDAP work and access Dspace from the myDSpace
option.
Thanks,
Jayan
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier.
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier.
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech
