Stuart,
Thanks for this message. I think it may explain why I haven't been able to
get LDAP to work even after installing LDAPHierarchicalAuthentication.java.
If I read your email correctly, it means I will also have to install patch
2057231 before hierarchical LDAP authentication will work. Is this
correct? If so, can you say a little about how to install a .patch file?
I should also confirm that I installed LDAPHierarchicalAuthentication.java
correctly. I placed it in the same directory with the rest of the
authentication modules (password, ip, LDAP, etc), re-built the war files,
and then added the new lines to the conf file. Does that sound about right?
Eric Luhrs
Lafayette College
On Wed, Sep 17, 2008 at 2:00 AM, Stuart Lewis <[EMAIL PROTECTED]> wrote:
> Hi Bin,
>
> > I have just installed DSpace 1.5.1 on a Ubuntu server. I would like to
> enable
> > authentication against LDAP server (AD). From the documentation, it
> seems
> > that LDAP authentication only work with JSPUI, not XMLUI. Is this true?
> What
> > will it take to make it work with XMLUI?
>
> It should work fine. It was broken in 1.5, but is fixed in 1.5.1.
>
> Where did you read this? We need to update that part of the documentation.
>
> > I have not actually tried with JSPUI, but I could not find where in
> dspace.cfg
> > I could specify a binding ID and password.
>
> How is your LDAP tree structured? If all users are within one OU, then you
> do not need to provide a username and password. DSpace binds to the LDAP
> tree using the user's credentials. If it can bind then the username and
> password they provided are OK.
>
> If your LDAP tree is structured in a hierarchical manner such that users
> are
> spread out across different OUs (e.g. An OU for faculty and an OU for
> students) then you will need to provide a username and password of a user
> who has read access across the whole tree. This user binds and does a
> search
> for the correct DN of the user who is trying to login. Once the DN is
> found,
> a second bind is attempted directly to that DN using the user's password.
>
> Hierarchical LDAP support is not included in DSpace 1.5.1 however I am
> working on a generic hierarchical LDAP authentication method with a few
> other DSpace developers (that reminds me - I really must get on with that!)
> and we can get it included in the next release of DSpace. If you need to
> use
> it now, install the following patches:
>
>
> http://sourceforge.net/tracker/index.php?func=detail&aid=2057231&group_id=19
> 984&atid=319984<http://sourceforge.net/tracker/index.php?func=detail&aid=2057231&group_id=19984&atid=319984>
>
>
> http://sourceforge.net/tracker/index.php?func=detail&aid=2057378&group_id=19
> 984&atid=319984<http://sourceforge.net/tracker/index.php?func=detail&aid=2057378&group_id=19984&atid=319984>
>
> The patches have full instructions, except for an omission to say that you
> need to change your authentication plugin line in dspace.cfg to:
>
> plugin.sequence.org.dspace.authenticate.AuthenticationMethod = \
> org.dspace.authenticate.LDAPHierarchicalAuthentication
>
> Thanks,
>
>
> Stuart
> _________________________________________________________________
>
> Gwasanaethau Gwybodaeth Information Services
> Prifysgol Aberystwyth Aberystwyth University
>
> E-bost / E-mail: [EMAIL PROTECTED]
> Ffon / Tel: (01970) 622860
> _________________________________________________________________
>
>
> -------------------------------------------------------------------------
> This SF.Net email is sponsored by the Moblin Your Move Developer's
> challenge
> Build the coolest Linux based applications with Moblin SDK & win great
> prizes
> Grand prize is a trip for two to an Open Source event anywhere in the world
> http://moblin-contest.org/redirect.php?banner_id=100&url=/
> _______________________________________________
> DSpace-tech mailing list
> DSpace-tech@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/dspace-tech
>
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech
