Hi, all,
We're new to dspace, and we've having some trouble getting LDAP
authentication configured correct with dspace v1.42 running on RHEL5.
Here are the relevant parts of the dspace.cfg file
webui.ldap.autoregister = true
plugin.sequence.org.dspace.eperson.AuthenticationMethod = \
org.dspace.eperson.LDAPAuthentication
plugin.sequence.org.dspace.eperson.AuthenticationMethod = \
org.dspace.eperson.LDAPAuthentication
ldap.enable = true
ldap.provider_url = ldaps://ldap.tcu.edu:636
ldap.id_field = sAMAccountName
ldap.object_context = ou=tcu test ou,dc=tcu,dc=edu
ldap.object_context = ou=tcu test ou,dc=tcu,dc=edu
ldap.email_field = mail
ldap.surname_field = sn
ldap.givenname_field = givenName
ldap.phone_field = telephoneNumber
Now when I attempt a logon using LDAP (authenticating against a Win2003
domain), this is what I get in dspace.log:
2007-11-16 21:33:07,924 WARN org.dspace.app.webui.servlet.LDAPServlet @
anonymous:session_id=3507DC8C516B98A5B375786103EFF30E:ip_addr=138.237.37
.156:ldap_authentication:type=failed_auth
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308:
LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525,
vece]
2007-11-16 21:33:07,924 INFO org.dspace.app.webui.servlet.LDAPServlet @
anonymous:session_id=3507DC8C516B98A5B375786103EFF30E:ip_addr=138.237.37
.156:failed_login:netid=zlduncan1
It's looking to me like it's trying to do an anonymous bind. In
searching the net and discussion forums, I'm come away with conflicting
understandings of what dspace does in LDAP authentication. I think I've
read somewhere that it only does initial anonymous binds, but I also got
the sense that it'll bind with the user it's trying to authenticate.
Can you tell me which is true?
We don't allow anonymous binds, so that'd explain the error above, I
think; is there a way to do the other?
Thanks a ton! -Lane
Lane Duncan
Texas Christian Unversity
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech