Aysegul, Your patch does in fact fix things. I have Jetspeed-2.2.0 successfully authenticating against the Fedora directory server now.
Thanks, Chris On 9/23/09 1:51 AM, "Aysegul Aydin" <[email protected]> wrote: > Hi, > > ldap.user.searchBase property has a bug. Take a look at the jira issue: > http://issues.apache.org/jira/browse/JS2-1030 . If you can deal with the > source code you can fix your portal yourself (that's what I've done). > Check-out the source code of Jetspeed2.2.0 from SVN and fix the class > org.apache.jetspeed.security.impl.LdapAuthenticationProvider, method > getSearchDomain as this: > > private String getSearchDomain() > { > StringBuffer searchDomain = new StringBuffer(); > if (!StringUtils.isEmpty(context.getUserSearchBase())) > { > searchDomain.append(context.getUserSearchBase()); > } > if (searchDomain.length() == 0) > { > if (!StringUtils.isEmpty(context.getRootContext())) > { > searchDomain.append(context.getRootContext()); > } > } > else > { > if (!StringUtils.isEmpty(context.getRootContext())) > { > searchDomain.append("," + context.getRootContext()); > } > } > return searchDomain.toString(); > } > > Otherwise leave the property empty. > Good luck, > Aysegul. > > > From: Christopher Marshall <[email protected]> > To: [email protected] > Cc: [email protected] > Sent: Tuesday, September 22, 2009 12:41:40 AM > Subject: Re: LDAP Configuration Problems > > Looking at my post again, I have a cut and paste error. In "CASE 2" > ldap.base= have an empty value. > > Chris > > Christopher Marshall wrote: >> > I have been attempting to get Jetspeed to talk to the Fedora directory >> server without success and it looks as though the requests being made by >> Jetspeed are incorrect. I have configured the the override.properties three >> different ways and had different results with each. The structure of the >> LDAP directory is a little different than the sample, as there is dc=com at >> the top and an ou=jetspeed below it. >> > >> > CASE 1 ========================= >> > override.properties >> > >> > ldap.url=ldap://localhost:389 >> > ldap.base=dc=com >> > ldap.userDn=uid=cmarshall,ou=people,dc=a100sys,dc=com >> > ldap.password=< password > >> > ldap.context.factory=com.sun.jndi.ldap.LdapCtxFactory >> > ldap.user.filter = (objectclass=person) >> > ldap.search.scope = 2 >> > ldap.user.searchBase=ou=People,ou=sevenSeas,ou=jetspeed,dc=com >> > ldap.user.entryPrefix=uid >> > ldap.role.searchBase=ou=Roles,ou=sevenSeas,ou=jetspeed,dc=com >> > ldap.group.searchBase=ou=Groups,ou=sevenSeas,ou=jetspeed,dc=com >> > >> > Jetspeed successfully binds with the ldap.userDn and makes the request >> > >> > SRCH base="ou=People,ou=sevenSeas,ou=jetspeed,dc=com" scope=2 >> filter="(&(uid=cmarshall)(objectClass=person))" attrs="objectClass >> javaSerializedData javaClassName javaFactory javaCodebase >> javaReferenceAddress javaClassNames javaremotelocation" >> > RESULT err=0 tag=101 nentries=1 etime=0 >> > >> > Jetspeed then succesfully binds again with the ldap.userDN and makes the >> request >> > >> > SRCH base="ou=People,ou=sevenSeas,ou=jetspeed,dc=com,dc=com" scope=2 >> filter="(&(objectClass=inetOrgPerson)(&(objectClass=inetOrgPerson)(uid=cmarsh >> all))) attrs=ALL >> > RESULT err=32 tag=101 nentries=0 etime=0 >> > >> > Note the repeat of dc=com,dc=com >> > >> > CASE 2 ========================== >> > override.properties >> > >> > ldap.url=ldap://localhost:389 >> > ldap.base=dc=com >> > ldap.userDn=uid=cmarshall,ou=people,dc=a100sys,dc=com >> > ldap.password=< password > >> > ldap.context.factory=com.sun.jndi.ldap.LdapCtxFactory >> > ldap.user.filter = (objectclass=person) >> > ldap.search.scope = 2 >> > ldap.user.searchBase=ou=People,ou=sevenSeas,ou=jetspeed,dc=com >> > ldap.user.entryPrefix=uid >> > ldap.role.searchBase=ou=Roles,ou=sevenSeas,ou=jetspeed,dc=com >> > ldap.group.searchBase=ou=Groups,ou=sevenSeas,ou=jetspeed,dc=com >> > >> > Jetspeed successfully binds with the ldap.userDn and makes the request >> > >> > SRCH base="ou=People,ou=sevenSeas,ou=jetspeed,dc=com" scope=2 >> filter="(&(uid=cmarshall)(objectClass=person))" attrs="objectClass >> javaSerializedData javaClassName javaFactory javaCodebase >> javaReferenceAddress javaClassNames javaremotelocation" >> > RESULT err=0 tag=101 nentries=1 etime=0 >> > >> > Jetspeed attempts to bind with >> > >> > BIND dn="uid=CMarshall,ou=Peopleou=sevenSeasou=jetspeeddc=com" method=128 >> version=3 >> > RESULT err=32 tag=97 nentries=0 etime=0 >> > >> > Yes, the commas that should be there are really missing. >> > >> > CASE 3 ============================= >> > override.properties >> > >> > ldap.url=ldap://localhost:389 >> > ldap.base=dc=com >> > ldap.userDn=uid=cmarshall,ou=people,dc=a100sys,dc=com >> > ldap.password=< password > >> > ldap.context.factory=com.sun.jndi.ldap.LdapCtxFactory >> > ldap.user.filter = (objectclass=person) >> > ldap.search.scope = 2 >> > ldap.user.searchBase=ou=People,ou=sevenSeas,ou=jetspeed >> > ldap.user.entryPrefix=uid >> > ldap.role.searchBase=ou=Roles,ou=sevenSeas,ou=jetspeed >> > ldap.group.searchBase=ou=Groups,ou=sevenSeas,ou=jetspeed >> > >> > Jetspeed successfully binds with the ldap.userDn amd makes the request >> > >> > SRCH base="ou=People,ou=sevenSeas,ou=jetspeed" scope=2 >> filter="(&(uid=cmarshall)(objectClass=person))" attrs="objectClass >> javaSerializedData javaClassName javaFactory javaCodebase >> javaReferenceAddress javaClassNames javaremotelocation" >> > RESULT err=32 tag=101 nentries=0 etime=0 >> > >> > Note that the dc=com has not appended to the end of the search base. >> > >> > Suggestions? >> > >> > Chris Marshall >> > >> > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > >
