The problem is it routes directly to LDAPAuthentication instead of using the pluggable authentication system, doesn't it?
On Mon, Sep 6, 2010 at 6:08 PM, Stuart Lewis <s.le...@auckland.ac.nz> wrote: > LDAPServlet is one of those strange remnants where despite having an > pluggable authentication system, this remains from before that. So it is > normal to see entries relating to it in the logs: > > dspace/log/dspace.log.2010-06-15:2010-06-15 07:16:41,862 INFO > org.dspace.app.webui.servlet.LDAPServlet @ > stuart.le...@testathon.net:session_id=5CD14C51E5AB3672D7E537F99EC361DD:ip_addr=0:0:0:0:0:0:0:1%0:login:type=explicit > > IIRC, its use is controlled by the ldap.enable flag in dspace.cfg > > Cheers, > > > Stuart Lewis > IT Innovations Analyst and Developer > Te Tumu Herenga The University of Auckland Library > Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand > Ph: +64 (0)9 373 7599 x81928 > > > On 7/09/2010, at 7:25 AM, Flavio Botelho wrote: > >> You are using the LDAP Servlet, when it seems you want to use LDAP >> Hierarchical?? >> >> You should use the "normal" login screen to use the >> LDAPHierarchicalAuthentication... >> >> BTW, hasn't LDAPServlet been removed already? >> >> Kudos, >> Flavio >> >> On Fri, Sep 3, 2010 at 3:10 AM, Webshet, Sisay (ILRI) <s.webs...@cgiar.org> >> wrote: >> Hi, >> >> >> I checked with some other browser like softera.look >> >> How the structure viewed. >> >> The log file says this. >> >> 010-09-03 09:04:02,239 INFO org.dspace.app.webui.servlet.LDAPServlet @ >> anonymous:session_id=EE6A969F57BF518D0D5343F6BF33520C:ip_addr=172.27.5.70:failed_login:netid=Swebshet, >> result=2 >> >> >> May be you can suggest me on the values for ldap.search.user= >> >> Should the system be redeployed? For LDAP to work. >> >> I did restart Tomcat only >> >> Thanks >> >> >> <image001.jpg> >> >> -----Original Message----- >> >> >> <image002.jpg> >> >> >> <image005.jpg> >> >> >> From: Stuart Lewis [mailto:s.le...@auckland.ac.nz] >> Sent: Friday, September 03, 2010 1:10 AM >> To: Flavio Botelho; Webshet, Sisay (ILRI) >> Cc: dspace-tech@lists.sourceforge.net Tech >> Subject: Re: [Dspace-tech] LDAP settings >> >> >> You shouldn't need to escape the values at all. Commas are fine, and quite >> normal in LDAP configurations. >> >> >> Check using a tool such as http://jxplorer.org/ that you can log in to the >> LDAP server with those credentials. >> >> >> Thanks, >> >> >> >> Stuart Lewis >> >> IT Innovations Analyst and Developer >> >> Te Tumu Herenga The University of Auckland Library >> >> Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand >> >> Ph: +64 (0)9 373 7599 x81928 >> >> >> >> >> On 3/09/2010, at 5:42 AM, Flavio Botelho wrote: >> >> >> > Please post any errors in the log that are appearing? >> >> > >> >> > But I will take a wild guess that there might be problems with >> >> > escaping, you might need to use 2 backslashes instead of just 1 for >> >> > each comma... >> >> > >> >> > On Thu, Sep 2, 2010 at 9:18 AM, Webshet, Sisay (ILRI) >> >> > <s.webs...@cgiar.org> wrote: >> >> >> >> >> >> >> >> >> Hi, >> >> >> >> >> >> >> >> >> >> >> >> Support >> >> >> >> >> >> >> >> >> >> >> >> I login to our local LDAP server using the following settings, but >> >> cannot >> >> >> login. I can search users name >> >> >> >> >> >> account using sAMAccountName attribute. >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> Host ILRI.CGIARAD.ORG >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> base DN DC=ILRI,DC=CGIARAD,DC=ORG >> >> >> >> >> >> >> >> >> >> >> >> Bind DN(entry DN) CN=Webshet\, Sisay (ILRI),OU=ILRI Ethiopia >> >> >> Employees,OU=ILRI Ethiopia,DC=ILRI,DC=CGIARAD,DC=ORG >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> What will be the setting in dspace.cfg ( dspace 1.5.2 on debian ) >> >> >> >> >> >> if something is wrong please correct me.i can't login to dspace using >> >> LADP. >> >> >> >> >> >> >> >> >> >> >> >> ldap.provider_url = ldap://ILRI.CGIARAD.ORG/ >> >> >> >> >> >> >> >> >> >> >> >> ldap.id_field = sAMAccountName >> >> >> >> >> >> >> >> >> >> >> >> ldap.object_context = OU=ILRI Ethiopia Employees,OU=ILRI >> >> >> Ethiopia,DC=ILRI,DC=CGIARAD,DC=ORG >> >> >> >> >> >> >> >> >> >> >> >> ldap.search_context = OU=ILRI Ethiopia Employees,OU=ILRI >> >> >> Ethiopia,DC=ILRI,DC=CGIARAD,DC=ORG >> >> >> >> >> >> >> >> >> >> >> >> ldap.email_field = mail >> >> >> >> >> >> >> >> >> >> >> >> ldap.surname_field = sn >> >> >> >> >> >> >> >> >> >> >> >> ldap.givenname_field = givenName >> >> >> >> >> >> >> >> >> >> >> >> ldap.phone_field = telephoneNumber >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> #### Hierarchical LDAP Settings ##### >> >> >> >> >> >> >> >> >> >> >> >> # If your users are spread out across a hierarchical tree on your >> >> >> >> >> >> # LDAP server, you will need to use the following stackable authentication >> >> >> >> >> >> class: >> >> >> >> >> >> plugin.sequence.org.dspace.authenticate.AuthenticationMethod = \ >> >> >> >> >> >> org.dspace.authenticate.LDAPHierarchicalAuthentication >> >> >> >> >> >> >> >> >> >> >> >> # object scope : 0 >> >> >> >> >> >> # one level scope : 1 >> >> >> >> >> >> # subtree scope : 2 >> >> >> >> >> >> ldap.search_scope = 2 >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> #ldap.search.user = cn=admin,ou=people,o=myu.edu >> >> >> >> >> >> ldap.search.user = CN=Webshet\, Sisay (ILRI),OU=ILRI Ethiopia >> >> >> Employees,OU=ILRI Ethiopia,DC=ILRI,DC=CGIARAD,DC=ORG >> >> >> >> >> >> ldap.search.password = ********* >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> ------------------------------------------------------------------------------ >> >> >> This SF.net Dev2Dev email is sponsored by: >> >> >> >> >> >> Show off your parallel programming skills. >> >> >> Enter the Intel(R) Threading Challenge 2010. >> >> >> http://p.sf.net/sfu/intel-thread-sfd >> >> >> _______________________________________________ >> >> >> DSpace-tech mailing list >> >> >> DSpace-tech@lists.sourceforge.net >> >> >> https://lists.sourceforge.net/lists/listinfo/dspace-tech >> >> >> >> >> >> >> >> > >> >> > ------------------------------------------------------------------------------ >> >> > This SF.net Dev2Dev email is sponsored by: >> >> > >> >> > Show off your parallel programming skills. >> >> > Enter the Intel(R) Threading Challenge 2010. >> >> > http://p.sf.net/sfu/intel-thread-sfd >> >> > _______________________________________________ >> >> > DSpace-tech mailing list >> >> > DSpace-tech@lists.sourceforge.net >> >> > https://lists.sourceforge.net/lists/listinfo/dspace-tech >> >> >> >> > > > > ------------------------------------------------------------------------------ This SF.net Dev2Dev email is sponsored by: Show off your parallel programming skills. Enter the Intel(R) Threading Challenge 2010. http://p.sf.net/sfu/intel-thread-sfd _______________________________________________ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech
