[Fedora-commons-developers] Authenticate against LDAP

Tue, 18 Aug 2009 07:25:21 -0700 

Hi,  

I am trying to configure our LDAP server to work with Fedora 3.0, and got
³401, unauthorized² error when creating objects.  My LdapFilterForAttributes
looks like this:

        <filter>
                <filter-name>LdapFilterForAttributes</filter-name>
                
<filter-class>fedora.server.security.servletfilters.ldap.FilterLdap</filter-
class>
                <init-param>
                        <param-name>version</param-name>
                        <param-value>3</param-value>
                </init-param>
                <init-param>
                        <param-name>authenticate</param-name>
                        <param-value>true</param-value>
                </init-param>
                <init-param>
                        <param-name>security-authentication</param-name>
                        <param-value>simple</param-value>
                </init-param>
                <init-param>
                        <param-name>security-principal</param-name>
                   
<param-value>cn=Manager,dc=icpsr,dc=umich,dc=edu</param-value>
                </init-param>
                <init-param>
                        <param-name>security-credentials</param-name>
                        <param-value>xxxxxx</param-value>
                </init-param>
                <init-param>
                        <param-name>password-attribute</param-name>
                        <param-value>userPassword</param-value>
                </init-param>
                <init-param>
                        <param-name>id-attribute</param-name>
                        <param-value>uid</param-value>
                </init-param>
                <init-param>
                        <param-name>bind-filter</param-name>
                   
<param-value>uid={0},dc=icpsr,dc=umich,dc=edu</param-value>
                </init-param>
                <init-param>
                        <param-name>url</param-name>
                        <param-value>ldap://localhost:389/</param-value>
                </init-param>
                <init-param>
                        <param-name>search-base</param-name>
                   
<param-value>ou=people,dc=icpsr,dc=umich,dc=edu</param-value>
                </init-param>
                <init-param>
                        <param-name>search-filter</param-name>
                        <param-value>(uid={0})</param-value>
                </init-param>
                <init-param>
                        <param-name>attributes</param-name>
                        <param-value>eduPersonEntitlement</param-value>
                </init-param>
                <init-param>
                        <param-name>attributes-common-name</param-name>
                        <param-value>fedoraRole</param-value>
                </init-param>
        </filter>

In my directory, the attribute ³eduPersonEntitlement² holds the value of
fedora roles, such as ³administrator², ³public²...

Any suggestion on what I missed or did wrong?

Thanks.

Jane Wang


---------------------------------------------
Jane Wang
Computing and Network Services
ICPSR, University of Michigan
PO Box 1248
Ann Arbor, MI 48106-1248
Tel: 734-763-8992 
Email: [email protected]
---------------------------------------------
 




------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with 
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Fedora-commons-developers mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fedora-commons-developers

Reply via email to