Hi Stuart - Thanks for clarifying the rebuild and redeploy.
Unfortunately, still no luck. I think I'll just start working on populating the e-mail field in LDAP. Thanks for all your help! I really appreciate it! Max -- Max McGrath Asst. Network Admin/Systems Specialist Carthage College 262-552-5512 mmcgr...@carthage.edu On Mon, Apr 26, 2010 at 4:02 PM, Stuart Lewis <s.le...@auckland.ac.nz>wrote: > Hi Max, > > After making the change you need to re-build tomcat, and redeploy it. You > can do this by following steps 7, 8, and 9 in the installation guide: > > - http://www.dspace.org/1_6_0Documentation/ch03.html#N108B6 > > But at step 8, as this is not a new installation, you need to run 'ant > update' instead of 'ant fresh_install'. > > Thanks, > > > Stuart Lewis > IT Innovations Analyst and Developer > Te Tumu Herenga The University of Auckland Library > Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand > Ph: +64 (0)9 373 7599 x81928 > > > On 27/04/2010, at 8:57 AM, Max McGrath wrote: > > > Stuart - > > > > I made the change and then restarted Tomcat and it still is not working > for people that do not have their e-mail address in LDAP. > > > > Should I have done more than just restarting Tomcat? > > > > Thanks for all the help! > > -- > > Max McGrath > > Asst. Network Admin/Systems Specialist > > Carthage College > > 262-552-5512 > > mmcgr...@carthage.edu > > > > > > On Mon, Apr 26, 2010 at 3:46 PM, Stuart Lewis <s.le...@auckland.ac.nz> > wrote: > > Hi Max, > > > > Yes - that's right. > > > > Change: > > > > if ((ldap.ldapEmail!=null)&&(!ldap.ldapEmail.equals(""))) > > > > > > to > > > > > > if (ldap.ldapEmail == null) ldap.ldapEmail = ""; > > if (true) > > > > > > (I've added an extra line there to hopefully catch another error that > could occur.) > > > > Thanks, > > > > > > Stuart Lewis > > IT Innovations Analyst and Developer > > Te Tumu Herenga The University of Auckland Library > > Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand > > Ph: +64 (0)9 373 7599 x81928 > > > > > > > > On 27/04/2010, at 4:15 AM, Max McGrath wrote: > > > > > Hi Stuart - > > > > > > Here is the code I am looking at: > > > > > > if ((ldap.ldapEmail!=null)&&(!ldap.ldapEmail.equals(""))) You want me > to change this to if (true) and then leave everything else the same??? > > > { > > > try > > > { > > > eperson = > EPerson.findByEmail(context, ldap.ldapEmail); > > > if (eperson!=null) > > > { > > > log.info > (LogManager.getHeader(context, > > > > "type=ldap-login", "type=ldap_but_already_email")); > > > > context.setIgnoreAuthorization(true); > > > > eperson.setNetid(netid.toLowerCase()); > > > eperson.update(); > > > context.commit(); > > > > context.setIgnoreAuthorization(false); > > > > context.setCurrentUser(eperson); > > > return SUCCESS; > > > } > > > else > > > { > > > if > (canSelfRegister(context, request, netid)) > > > { > > > // > TEMPORARILY turn off authorisation > > > try > > > { > > > > context.setIgnoreAuthorization(true); > > > > eperson = EPerson.create(context); > > > > if ((ldap.ldapEmail != null) && (!ldap.ldapEmail.equals(""))) > > > { > > > > eperson.setEmail(ldap.ldapEmail); > > > } > > > > else > > > { > > > > eperson.setEmail(netid + > ConfigurationManager.getProperty("ldap.netid_email_domain")); > > > } > > > > if ((ldap.ldapGivenName!=null) && (!ldap.ldapGivenName.equals(""))) > > > { > > > > eperson.setFirstName(ldap.ldapGivenName); > > > } > > > > if ((ldap.ldapSurname!=null) && (!ldap.ldapSurname.equals(""))) > > > { > > > > eperson.setLastName(ldap.ldapSurname); > > > } > > > > if ((ldap.ldapPhone!=null)&&(!ldap.ldapPhone.equals(""))) > > > { > > > > eperson.setMetadata("phone", ldap.ldapPhone); > > > } > > > > eperson.setNetid(netid.toLowerCase()); > > > > eperson.setCanLogIn(true); > > > > AuthenticationManager.initEPerson(context, request, eperson); > > > > eperson.update(); > > > > context.commit(); > > > > context.setCurrentUser(eperson); > > > } > > > catch > (AuthorizeException e) > > > { > > > > return NO_SUCH_USER; > > > } > > > finally > > > { > > > > context.setIgnoreAuthorization(false); > > > } > > > > > > > > > log.info(LogManager.getHeader(context, > "authenticate", > > > > "type=ldap-login, created ePerson")); > > > return > SUCCESS; > > > } > > > else > > > { > > > // No > auto-registration for valid certs > > > log.info > (LogManager.getHeader(context, > > > > "failed_login", "type=ldap_but_no_record")); > > > return > NO_SUCH_USER; > > > } > > > } > > > } > > > > > > -- > > > Max McGrath > > > Asst. Network Admin/Systems Specialist > > > Carthage College > > > 262-552-5512 > > > mmcgr...@carthage.edu > > > > > > > > > On Thu, Apr 22, 2010 at 9:28 PM, Stuart Lewis <s.le...@auckland.ac.nz> > wrote: > > > Hi Max, > > > > > > Yes - looks like there's a bit of a logic flow problem going on there - > the check for an empty email is being performed twice, and the first is not > needed. Try looking at > [dsapce-src]/dspace-api/src/main/java/org/dspace/authenticate/LDAPHierarchicalAuthentication.java > and find the line: > > > > > > if ((ldap.ldapEmail!=null)&&(!ldap.ldapEmail.equals(""))) > > > > > > (about line 254) and change it to: > > > > > > if (true) > > > > > > Rebuild, redeploy etc. If may throw a null pointer exception, if so, > add just before the if statement: > > > > > > if (ldap.ldapEmail == null) ldap.ldapEmail = ""; > > > > > > If this fixes the problem, we'll look at getting it corrected in the > next release. > > > > > > Thanks, > > > > > > > > > Stuart Lewis > > > IT Innovations Analyst and Developer > > > Te Tumu Herenga The University of Auckland Library > > > Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand > > > Ph: +64 (0)9 373 7599 x81928 > > > > > > > > > > > > On 23/04/2010, at 2:19 PM, Max McGrath wrote: > > > > > > > That could very well be the case as we do not have the e-mail address > field populated in LDAP. But I thought the following code would take care > of that: > > > > > > > > # If your LDAP server does not hold an email address for a user, you > can use > > > > # the following field to specify your email domain. This value is > appended > > > > # to the netid in order to make an email address. E.g. a netid of > 'user' and > > > > # ldap.netid_email_domain as '@example.com' would set the email of > the user > > > > # to be 'u...@example.com > > > > ldap.netid_email_domain = @carthage.edu > > > > -- > > > > Max McGrath > > > > Asst. Network Admin/Systems Specialist > > > > Carthage College > > > > 262-552-5512 > > > > mmcgr...@carthage.edu > > > > > > > > > > > > On Thu, Apr 22, 2010 at 9:12 PM, Stuart Lewis < > s.le...@auckland.ac.nz> wrote: > > > > Hi Max, > > > > > > > > This code has been stable for a while and is working in a lot of > installations, so hopefully there is no bug. One possible cause is that the > email address is not being returned from the LDAP query. If there is no > email address then an eperson record cannot be created. > > > > > > > > Check that the following setting is correctly configured in > dspace.cfg: > > > > > > > > ldap.email_field = mail > > > > > > > > Thanks, > > > > > > > > > > > > Stuart Lewis > > > > IT Innovations Analyst and Developer > > > > Te Tumu Herenga The University of Auckland Library > > > > Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand > > > > Ph: +64 (0)9 373 7599 x81928 > > > > > > > > > > > > On 23/04/2010, at 1:48 PM, Max McGrath wrote: > > > > > > > > > Yes, I do have that set to true and the ePersons are still not > being created. > > > > > -- > > > > > Max McGrath > > > > > Asst. Network Admin/Systems Specialist > > > > > Carthage College > > > > > 262-552-5512 > > > > > mmcgr...@carthage.edu > > > > > > > > > > > > > > > On Thu, Apr 22, 2010 at 1:33 PM, <penning...@rhodes.edu> wrote: > > > > > Hi, Max. I'm glad you have LDAP auth working now. > > > > > > > > > > Do you have webui.ldap.autoregister = true in your dspace.cfg? > > > > > > > > > > We don't have webui.ldap.autoregister set to true, currently, and > we do create all e-person accounts manually for those faculty and staff that > need to access DSpace to add or edit objects. We were hoping to turn on > webui.ldap.autoregister this summer. > > > > > > > > > > -- > > > > > Stacy Pennington > > > > > Rhodes College > > > > > penning...@rhodes.edu > > > > > (901) 843-3968 > > > > > > > > > > > > > > > --------------------------- > > > > > From: Max McGrath [mailto:mmcgr...@carthage.edu] > > > > > Sent: Thursday, April 22, 2010 11:57 AM > > > > > To: Pennington_Stacy > > > > > Cc: dspace-tech@lists.sourceforge.net > > > > > Subject: Re: [Dspace-tech] LDAP with DSpace > > > > > > > > > > Thanks again Stacy! > > > > > > > > > > You, however, have been unsuccessful at getting this to > automatically create a new ePerson, correct? > > > > > > > > > > I don't have access to my logs right now, but I can see that LDAP > authentication is working, but creating a new ePerson is failing and > therefore, not letting me login! > > > > > > > > > > Is my only option to manually create an ePerson for every person > who could potentially login? > > > > > -- > > > > > Max McGrath > > > > > Asst. Network Admin/Systems Specialist > > > > > Carthage College > > > > > 262-552-5512 > > > > > mmcgr...@carthage.edu > > > > > > > > > > > > > > > <ATT00001..txt><ATT00002..txt> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
------------------------------------------------------------------------------
_______________________________________________ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech
