Hi Stuart,
It turns out that my test user didn't have an email address, and this was
causing the failed LDAP logins. The confusing thing was that DSpace got the
DN from LDAP, and then just dropped the connection. I figured it out by
comparing dspace.log results from a successful login to your
ldap.testathon.net server to an unsuccessful login to our local LDAP
server. I became suspicious after noticing that Alice had a full email
address listed in the log file while my test user had only a username. Once
I added an email address, LDAP worked fine.
Thanks again for all of your help with this.
Eric
On Wed, Sep 17, 2008 at 5:34 PM, Stuart Lewis <[EMAIL PROTECTED]> wrote:
> Hi Eric,
>
> > I think it must be a local configuration issue because I was able to
> login
> > against your test LDAP server (thanks for that!). I am fairly sure that
> my
> > local LDAP settings are correct, though I'll look more into this.
>
> Try using the same settings to log in with an LDAP browser (e.g.
> http://www.mcs.anl.gov/~gawor/ldap/download.html<http://www.mcs.anl.gov/%7Egawor/ldap/download.html>)
> and see if you can log in
> OK.
>
> Do you know how to turn DSpace logging up to DEBUG? If so, do that and
> send
> us the logs created. (Basically edit [dspace]/config/log4j.properties and
> change INFO to DEBUG. Then restart tomcat. Logs are held in
> [dspace]/log/dspace.log).
>
> > I noticed that "ikandros" posted a comment about failed logins if the
> user
> > doesn't have any mail on the LDAP server
> > (
> http://sourceforge.net/tracker/index.php?func=detail&aid=2057378&group_id=199
> > 84&atid=319984). I wonder if this could be the problem. Do you have any
> > additional information about this report? I am not sure how to make the
> > modification that he suggested.
>
> I need to include those in my hierarchical patch. You'll be able to tell by
> logging in with an LDAP browser of some tool which allows you to query your
> LDAP server, and see if there is an attribute which has a full email
> address
> in it. If not, then that will be your problem.
>
> If you can post your logs on here, that will be the best help for us to
> diagnose the problem.
>
> Thanks and good luck,
>
>
> Stuart
> _________________________________________________________________
>
> Gwasanaethau Gwybodaeth Information Services
> Prifysgol Aberystwyth Aberystwyth University
>
> E-bost / E-mail: [EMAIL PROTECTED]
> Ffon / Tel: (01970) 622860
> _________________________________________________________________
>
>
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech
