Stuart - I made the change and then restarted Tomcat and it still is not working for people that do not have their e-mail address in LDAP.
Should I have done more than just restarting Tomcat? Thanks for all the help! -- Max McGrath Asst. Network Admin/Systems Specialist Carthage College 262-552-5512 mmcgr...@carthage.edu On Mon, Apr 26, 2010 at 3:46 PM, Stuart Lewis <s.le...@auckland.ac.nz>wrote: > Hi Max, > > Yes - that's right. > > Change: > > if ((ldap.ldapEmail!=null)&&(!ldap.ldapEmail.equals(""))) > > > to > > > if (ldap.ldapEmail == null) ldap.ldapEmail = ""; > if (true) > > > (I've added an extra line there to hopefully catch another error that could > occur.) > > Thanks, > > > Stuart Lewis > IT Innovations Analyst and Developer > Te Tumu Herenga The University of Auckland Library > Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand > Ph: +64 (0)9 373 7599 x81928 > > > > On 27/04/2010, at 4:15 AM, Max McGrath wrote: > > > Hi Stuart - > > > > Here is the code I am looking at: > > > > if ((ldap.ldapEmail!=null)&&(!ldap.ldapEmail.equals(""))) You want me to > change this to if (true) and then leave everything else the same??? > > { > > try > > { > > eperson = > EPerson.findByEmail(context, ldap.ldapEmail); > > if (eperson!=null) > > { > > log.info > (LogManager.getHeader(context, > > > "type=ldap-login", "type=ldap_but_already_email")); > > > context.setIgnoreAuthorization(true); > > > eperson.setNetid(netid.toLowerCase()); > > eperson.update(); > > context.commit(); > > > context.setIgnoreAuthorization(false); > > > context.setCurrentUser(eperson); > > return SUCCESS; > > } > > else > > { > > if > (canSelfRegister(context, request, netid)) > > { > > // > TEMPORARILY turn off authorisation > > try > > { > > > context.setIgnoreAuthorization(true); > > > eperson = EPerson.create(context); > > if > ((ldap.ldapEmail != null) && (!ldap.ldapEmail.equals(""))) > > { > > > eperson.setEmail(ldap.ldapEmail); > > } > > > else > > { > > > eperson.setEmail(netid + > ConfigurationManager.getProperty("ldap.netid_email_domain")); > > } > > if > ((ldap.ldapGivenName!=null) && (!ldap.ldapGivenName.equals(""))) > > { > > > eperson.setFirstName(ldap.ldapGivenName); > > } > > if > ((ldap.ldapSurname!=null) && (!ldap.ldapSurname.equals(""))) > > { > > > eperson.setLastName(ldap.ldapSurname); > > } > > if > ((ldap.ldapPhone!=null)&&(!ldap.ldapPhone.equals(""))) > > { > > > eperson.setMetadata("phone", ldap.ldapPhone); > > } > > > eperson.setNetid(netid.toLowerCase()); > > > eperson.setCanLogIn(true); > > > AuthenticationManager.initEPerson(context, request, eperson); > > > eperson.update(); > > > context.commit(); > > > context.setCurrentUser(eperson); > > } > > catch > (AuthorizeException e) > > { > > > return NO_SUCH_USER; > > } > > finally > > { > > > context.setIgnoreAuthorization(false); > > } > > > > > > log.info(LogManager.getHeader(context, > "authenticate", > > > "type=ldap-login, created ePerson")); > > return > SUCCESS; > > } > > else > > { > > // No > auto-registration for valid certs > > log.info > (LogManager.getHeader(context, > > > "failed_login", "type=ldap_but_no_record")); > > return > NO_SUCH_USER; > > } > > } > > } > > > > -- > > Max McGrath > > Asst. Network Admin/Systems Specialist > > Carthage College > > 262-552-5512 > > mmcgr...@carthage.edu > > > > > > On Thu, Apr 22, 2010 at 9:28 PM, Stuart Lewis <s.le...@auckland.ac.nz> > wrote: > > Hi Max, > > > > Yes - looks like there's a bit of a logic flow problem going on there - > the check for an empty email is being performed twice, and the first is not > needed. Try looking at > [dsapce-src]/dspace-api/src/main/java/org/dspace/authenticate/LDAPHierarchicalAuthentication.java > and find the line: > > > > if ((ldap.ldapEmail!=null)&&(!ldap.ldapEmail.equals(""))) > > > > (about line 254) and change it to: > > > > if (true) > > > > Rebuild, redeploy etc. If may throw a null pointer exception, if so, add > just before the if statement: > > > > if (ldap.ldapEmail == null) ldap.ldapEmail = ""; > > > > If this fixes the problem, we'll look at getting it corrected in the next > release. > > > > Thanks, > > > > > > Stuart Lewis > > IT Innovations Analyst and Developer > > Te Tumu Herenga The University of Auckland Library > > Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand > > Ph: +64 (0)9 373 7599 x81928 > > > > > > > > On 23/04/2010, at 2:19 PM, Max McGrath wrote: > > > > > That could very well be the case as we do not have the e-mail address > field populated in LDAP. But I thought the following code would take care > of that: > > > > > > # If your LDAP server does not hold an email address for a user, you > can use > > > # the following field to specify your email domain. This value is > appended > > > # to the netid in order to make an email address. E.g. a netid of > 'user' and > > > # ldap.netid_email_domain as '@example.com' would set the email of the > user > > > # to be 'u...@example.com > > > ldap.netid_email_domain = @carthage.edu > > > -- > > > Max McGrath > > > Asst. Network Admin/Systems Specialist > > > Carthage College > > > 262-552-5512 > > > mmcgr...@carthage.edu > > > > > > > > > On Thu, Apr 22, 2010 at 9:12 PM, Stuart Lewis <s.le...@auckland.ac.nz> > wrote: > > > Hi Max, > > > > > > This code has been stable for a while and is working in a lot of > installations, so hopefully there is no bug. One possible cause is that the > email address is not being returned from the LDAP query. If there is no > email address then an eperson record cannot be created. > > > > > > Check that the following setting is correctly configured in dspace.cfg: > > > > > > ldap.email_field = mail > > > > > > Thanks, > > > > > > > > > Stuart Lewis > > > IT Innovations Analyst and Developer > > > Te Tumu Herenga The University of Auckland Library > > > Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand > > > Ph: +64 (0)9 373 7599 x81928 > > > > > > > > > On 23/04/2010, at 1:48 PM, Max McGrath wrote: > > > > > > > Yes, I do have that set to true and the ePersons are still not being > created. > > > > -- > > > > Max McGrath > > > > Asst. Network Admin/Systems Specialist > > > > Carthage College > > > > 262-552-5512 > > > > mmcgr...@carthage.edu > > > > > > > > > > > > On Thu, Apr 22, 2010 at 1:33 PM, <penning...@rhodes.edu> wrote: > > > > Hi, Max. I'm glad you have LDAP auth working now. > > > > > > > > Do you have webui.ldap.autoregister = true in your dspace.cfg? > > > > > > > > We don't have webui.ldap.autoregister set to true, currently, and we > do create all e-person accounts manually for those faculty and staff that > need to access DSpace to add or edit objects. We were hoping to turn on > webui.ldap.autoregister this summer. > > > > > > > > -- > > > > Stacy Pennington > > > > Rhodes College > > > > penning...@rhodes.edu > > > > (901) 843-3968 > > > > > > > > > > > > --------------------------- > > > > From: Max McGrath [mailto:mmcgr...@carthage.edu] > > > > Sent: Thursday, April 22, 2010 11:57 AM > > > > To: Pennington_Stacy > > > > Cc: dspace-tech@lists.sourceforge.net > > > > Subject: Re: [Dspace-tech] LDAP with DSpace > > > > > > > > Thanks again Stacy! > > > > > > > > You, however, have been unsuccessful at getting this to automatically > create a new ePerson, correct? > > > > > > > > I don't have access to my logs right now, but I can see that LDAP > authentication is working, but creating a new ePerson is failing and > therefore, not letting me login! > > > > > > > > Is my only option to manually create an ePerson for every person who > could potentially login? > > > > -- > > > > Max McGrath > > > > Asst. Network Admin/Systems Specialist > > > > Carthage College > > > > 262-552-5512 > > > > mmcgr...@carthage.edu > > > > > > > > > > > > <ATT00001..txt><ATT00002..txt> > > > > > > > > > > > > > > > > > > > > > >
------------------------------------------------------------------------------
_______________________________________________ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech