Re: [Dspace-tech] Ldap hierarchical and multiple urls to authenticate
On Wed, Nov 9, 2011 at 12:58, Álvaro López Criado wrote: > We've got 3 ldap servers, one DC ( domain control ) by domain. > I ask if DSpace and the hierarchical class can follow the ldap referals, in > that case, with one of this DCs in the configuration file ( dspace.cfg ) i > can access to the others DCs and therefore login with users of all the > threads. Yes, I think DSpace does that by default (look into dspace-api/src/main/java/org/dspace/authenticate/LDAPHierarchicalAuthentication.java, line 518) but I can't verify it for you since we don't use such LDAP setup. Regards, ~~helix84 -- RSA(R) Conference 2012 Save $700 by Nov 18 Register now http://p.sf.net/sfu/rsa-sfdev2dev1 ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech
Re: [Dspace-tech] Ldap hierarchical and multiple urls to authenticate
Hi: We've got 3 ldap servers, one DC ( domain control ) by domain. I ask if DSpace and the hierarchical class can follow the ldap referals, in that case, with one of this DCs in the configuration file ( dspace.cfg ) i can access to the others DCs and therefore login with users of all the threads. Thanks in advance 2011/11/8 helix84 > On Tue, Nov 8, 2011 at 10:10, Álvaro López Criado wrote: > > ¿is there any configuration to login to multiple LDAP server? > > I mean, i've got one LDAP server ( active directory ) but to access to > > different threads i have different URLs. > > Using LDAP authentication method and dspace.cfg i can only put ONE of > this > > server so i can't login with users that belongs to other threads... > > I'm not sure if I understand your LDAP hierarchy correctly. Do you > have different groups of users in different contexts > (ldap://example.com/o=org,ou=department1 and > ldap://example.com/o=org,ou=department2) or on diferrent LDAP servers > (ldap://ldapserver1.com/o=org,ou=department1 and > ldap://ldapserver2.com/o=org,ou=department2)? > > In the first case, the solution is to use hierarchical LDAP which does > search before it does the actual bind. In the second case I don't > believe there's an out-of-the-box solution - you would either have to > implement a class to do that yourself in DSpace or, preferably, > rethink your LDAP directory structure. > > Regards, > ~~helix84 > -- Álvaro López Arvo Consultores AVISO LEGAL Este mensaje es privado y confidencial y solamente para la persona a la que va dirigido. Si usted ha recibido este mensaje por error, no debe revelar, copiar, distribuir o usarlo en ningún sentido. Le rogamos lo comunique al remitente y borre dicho mensaje y cualquier documento adjunto que pudiera contener. No hay renuncia a la confidencialidad ni a ningún privilegio por causa de transmisión errónea o mal funcionamiento. Cualquier opinión expresada en este mensaje pertenece únicamente al remitente, y no representa necesariamente la opinión de Arvo Consultores, a no ser que expresamente se diga y el remitente esté autorizado para hacerlo. Los correos electrónicos no son seguros, no garantizan la confidencialidad ni la correcta recepción de los mismos, dado que pueden ser interceptados, manipulados, destruidos, llegar con demora, incompletos, o con virus. Arvo Consultores no se hace responsable de las alteraciones que pudieran hacerse al mensaje una vez enviado. En caso de que el receptor no quiera recibir mas correos de esta dirección deberá notificarlo a la dirección a...@arvo.es. -- RSA(R) Conference 2012 Save $700 by Nov 18 Register now http://p.sf.net/sfu/rsa-sfdev2dev1___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech
Re: [Dspace-tech] Ldap hierarchical and multiple urls to authenticate
On Tue, Nov 8, 2011 at 10:10, Álvaro López Criado wrote: > ¿is there any configuration to login to multiple LDAP server? > I mean, i've got one LDAP server ( active directory ) but to access to > different threads i have different URLs. > Using LDAP authentication method and dspace.cfg i can only put ONE of this > server so i can't login with users that belongs to other threads... I'm not sure if I understand your LDAP hierarchy correctly. Do you have different groups of users in different contexts (ldap://example.com/o=org,ou=department1 and ldap://example.com/o=org,ou=department2) or on diferrent LDAP servers (ldap://ldapserver1.com/o=org,ou=department1 and ldap://ldapserver2.com/o=org,ou=department2)? In the first case, the solution is to use hierarchical LDAP which does search before it does the actual bind. In the second case I don't believe there's an out-of-the-box solution - you would either have to implement a class to do that yourself in DSpace or, preferably, rethink your LDAP directory structure. Regards, ~~helix84 -- RSA(R) Conference 2012 Save $700 by Nov 18 Register now http://p.sf.net/sfu/rsa-sfdev2dev1 ___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech
[Dspace-tech] Ldap hierarchical and multiple urls to authenticate
Hi everybody: ¿is there any configuration to login to multiple LDAP server? I mean, i've got one LDAP server ( active directory ) but to access to different threads i have different URLs. Using LDAP authentication method and dspace.cfg i can only put ONE of this server so i can't login with users that belongs to other threads... Any help? Thanks in advance -- Álvaro López -- RSA(R) Conference 2012 Save $700 by Nov 18 Register now http://p.sf.net/sfu/rsa-sfdev2dev1___ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech