Could you attach your security.xml file to help me?
Thanks
Eric
-----Message d'origine-----
De : Thomas Hofmann [mailto:[EMAIL PROTECTED]
Envoyé : mercredi 6 décembre 2006 10:43
À : [email protected]
Objet : Re: TR: Problem with LDAP
HI,
after finally getting my installation to work and having looked at those lofile
messages for quite a while ....
Using the Acegi LDAP implementation the tasks to get user access is split into
two parts.
-Authentication - thus identifying the user by username/password credentials
-Autorisation - retrieving the users rights
it looks like your configuration does not have an Autorisation bean set up in
the Acegi LDAP section.
It really depends if your user roles are held in the LDAP or in rollerdb to
tell how the configuration should look like.
-Thomas
zeldamo wrote:
>
>
> Hi all,
> I was trying to connect my roller 3.0 to LDAP.
> I've all set up correctly (i think), and there is something strange in
> the logs :
>
> DEBUG 2006-12-04 17:35:32,288 AbstractProcessingFilter:doFilter -
> Request is to process authentication DEBUG 2006-12-04 17:35:32,290
> ProviderManager:doAuthentication - Authentication attempt using
> org.acegisecurity.providers.ldap.LdapAuthenticationProvider
> DEBUG 2006-12-04 17:35:32,299 EhCacheBasedUserCache:getUserFromCache -
> Cache hit: false; username: ebardoux DEBUG 2006-12-04 17:35:32,301
> LdapAuthenticationProvider:retrieveUser - Retrieving user ebardoux
> DEBUG
> 2006-12-04 17:35:32,304 DefaultInitialDirContextFactory:connect -
> Creating InitialDirContext with environment
> {java.naming.provider.url=ldap://ldap.pasteur.aventis.com:389/DC=paste
> ur
> ,DC=aventis,DC=com,
> java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
> java.naming.security.principal=FRMS-WEBPLATFORM,
> com.sun.jndi.ldap.connect.pool=true,
> java.naming.security.authentication=simple,
> java.naming.security.credentials=******, java.naming.referral=follow}
> DEBUG 2006-12-04 17:35:32,476 ProviderManager:doAuthentication -
> Authentication attempt using
> org.acegisecurity.providers.dao.DaoAuthenticationProvider
>
>
> As you can see, Roller tries first to authenticate through LDAP, but
> there is no information about what came back from ldap, and it goes on
> dao authentification (which will fail because i don't use the right
> password...)
>
> Any idea?
>
> Eric
> ----------------------------------------------------------------------
> --------------------- "Cette communication (y compris les pieces
> jointes) est reservee a l'usage exclusif du destinataire (des
> destinataires) et peut contenir des informations privilegiees,
> confidentielles, exemptees de divulgation selon la loi ou protegees
> par les droits d'auteur. Si vous n'etes pas un destinataire, toute
> utilisation, divulgation, distribution, reproduction, examen ou copie
> (totale ou partielle) est non-autorisee et peut etre illegale. Tout
> message electronique est susceptible d'alteration et son integrite ne
> peut etre assuree. Sanofi Pasteur decline toute responsabilite au
> titre de ce message s'il a ete modifie ou falsifie. Si vous n'etes pas
> destinataire de ce message, merci de le detruire immediatement et
> d'avertir l'expediteur de l'erreur de distribution et de la
> destruction du message. Merci.
> This transmission (including any attachments) is intended solely for
> the use of the addressee(s) and may contain confidential information
> including trade secrets which are privileged, confidential, exempt
> from disclosure under applicable law and/or subject to copyright. If
> you are not an intended recipient, any use, disclosure, distribution,
> reproduction, review or copying (either whole or partial) is
> unauthorized and may be unlawful. E-mails are susceptible to
> alteration and their integrity cannot be guaranteed.Sanofi Pasteur
> shall not be liable for this e-mail if modified or falsified. If you
> are not the intended recipient of this e-mail, please delete it
> immediately from your system and notify the sender of the wrong delivery and
> the mail deletion. Thank you."
> **********************************************************************
>
>
>
--
View this message in context:
http://www.nabble.com/TR%3A-Problem-with-LDAP-tf2761760s12275.html#a7716217
Sent from the Roller - Dev mailing list archive at Nabble.com.
-------------------------------------------------------------------------------------------
"Cette communication (y compris les pieces jointes) est reservee a l'usage
exclusif du destinataire (des destinataires) et peut contenir des informations
privilegiees, confidentielles, exemptees de divulgation selon la loi ou
protegees par les droits d'auteur. Si vous n'etes pas un destinataire, toute
utilisation, divulgation, distribution, reproduction, examen ou copie (totale
ou partielle) est non-autorisee et peut etre illegale. Tout message
electronique est susceptible d'alteration et son integrite ne peut etre
assuree. Sanofi Pasteur decline toute responsabilite au titre de ce message
s'il a ete modifie ou falsifie. Si vous n'etes pas destinataire de ce message,
merci de le detruire immediatement et d'avertir l'expediteur de l'erreur de
distribution et de la destruction du message. Merci.
This transmission (including any attachments) is intended solely for the use of
the addressee(s) and may contain confidential information including trade
secrets which are privileged, confidential, exempt from disclosure under
applicable law and/or subject to copyright. If you are not an intended
recipient, any use, disclosure, distribution, reproduction, review or copying
(either whole or partial) is unauthorized and may be unlawful. E-mails are
susceptible to alteration and their integrity cannot be guaranteed.Sanofi
Pasteur shall not be liable for this e-mail if modified or falsified. If you
are not the intended recipient of this e-mail, please delete it immediately
from your system and notify the sender of the wrong delivery and the mail
deletion. Thank you."
**********************************************************************
