2012/9/14 Harris, Christopher P <chris_har...@baxter.com>: > Sure thing. I agree. You guys seem pretty strapped for time and resources. > You definitely need help. If you guys release something, I'll help test it > on Windauz and AD. Even though I've spent waaaaay more time (weeks and many > late nights til 1am) than I should have getting Archiva to work and learning > what makes it tick, I still think that you guys are doing a great job. As > I've mentioned in the past, I was getting steered towards Artifactory, which > is nice and ridiculously easy to set up, but I don't like how you have to pay > for plug-ins. I saw the potential in Archiva and took stock in that. 1.4 > seems like a huge leap after 1.3. Keep up the good work. Archiva will get > there. > Yup and plugins mechanism is one of my dreams (having some extension points to be able to implement your own features). Have a look at the successful projects (Maven Jenkins) this IMHO why they are used a lot.
> Shiro, eh? I stumbled across that project recently when looking for > alternatives to JEE5/6 security and Spring Security (just to see what else is > out besides those 800-lb. gorillas in the Java EE security world). I've > heard good things about it. Not that this correlates to quality, but I had > never heard of Redback until digging into Archiva. hehe And Thanks for your early testing time ! We really appreciate ! > - Chris Harris > > -----Original Message----- > From: Olivier Lamy [mailto:ol...@apache.org] > Sent: Friday, September 14, 2012 11:31 AM > To: users@archiva.apache.org > Subject: Re: LDAP Issues > > Hi, > It's fair to relate your frustation as I have to agree this ldap part > need more love :-). > We probably need more help and test. > > Of of my dream is to remove this redback part to not have to maintain > that (using shiro will ease) but that need some work... (maybe on > layer on the top of redback and delegate to shiro) > > I can probably try to have a look but later as currently I'm focused > on releasing 1.4-M3 with the new UI. > But I will test on open source LDAP (I cannot test on AD server so > here we will need help for testing). > > 2012/9/14 Chris Jacobs <chris.jac...@apollogrp.edu>: >> Weak LDAP support is my primary frustration with Archiva currently - I was >> quite saddened to see your report on 1.4.x: I tried to configure LDAP in >> 1.3.x, had pretty much the same experience you're having now, and got my >> hopes up after reading that some improvements for LDAP were coming in 1.4. >> >> It boggles my mind that a large feature - authentication - would get so >> little work towards integrating with external, rfc spec authentication >> systems. Shoving this 'problem' off to Redback (documentation and decent >> integration from Archiva, what's that?) seems like a serious cop-out - just >> make it another, even more anemic (it's a fact, not a pointing out of >> failure), project's problem. >> >> I'm not adding anything here really; hoping to stoke some fires. >> >> - chris >> >> -----Original Message----- >> From: Harris, Christopher P [mailto:chris_har...@baxter.com] >> Sent: Friday, September 14, 2012 9:12 AM >> To: users@archiva.apache.org >> Subject: RE: LDAP Issues >> >> Hi, Eric. >> >> I actually encountered that error Andy's describing in MRM-998. I >> encountered it when the initial login/config that allows Archiva to locate >> and log in fails. That's what was preventing Archiva from even starting up. >> Once I got past that error, I got to the point where I am now. >> >> I get a 404 error for that 2nd link that you sent me. >> >> - Chris Harris >> >> -----Original Message----- >> From: Eric Barboni [mailto:eric.barb...@irit.fr] >> Sent: Friday, September 14, 2012 3:41 AM >> To: users@archiva.apache.org >> Subject: RE: LDAP Issues >> >> Hi, sorry I never tried archiva and ldap >> >> Maybe this is related to http://jira.codehaus.org/browse/MRM-998 >> There are some old but different information here also >> https://cwiki.apache.org/ARCHIVA/howto-configure-usermanagement-with-ldap.ht >> ml >> >> >> Regards >> Eric >> >> -----Message d'origine----- >> De : Harris, Christopher P [mailto:chris_har...@baxter.com] >> Envoyé : vendredi 14 septembre 2012 00:09 >> À : users@archiva.apache.org >> Objet : LDAP Issues >> >> Hi, >> >> I've set up archiva-webapp-js-1.4-M3-SNAPSHOT.war to utilize >> security.properties. I followed >> http://archiva.apache.org/redback/integration/ldap.html. Yes, I know it's >> out of date. So, I went and downloaded the stand-alone version of Archiva >> v1.4-M3. I found applicationContext.xml and noticed the commented-out beans >> and instructions left for modifying security.properties. >> >> I enabled the beans and modified security.properties accordingly: >> >> user.manager.impl=ldap >> ldap.bind.authenticator.enabled=true >> redback.default.admin=admin >> redback.default.guest=guest >> security.policy.password.expiration.enabled=false >> >> ldap.config.hostname= >> ldap.config.port= >> ldap.config.base.dn= >> ldap.config.context.factory=com.sun.jndi.ldap.LdapCtxFactory >> ldap.config.bind.dn= >> ldap.config.password= >> #ldap.config.authentication.method= >> >> ldap.config.mapper.attribute.email=mail >> ldap.config.mapper.attribute.fullname=givenName >> ldap.config.mapper.attribute.password=userPassword >> ldap.config.mapper.attribute.user.id=sAMAccountName >> ldap.config.mapper.attribute.user.base.dn= >> ldap.config.mapper.attribute.user.object.class=inetOrgPerson >> ldap.config.mapper.attribute.user.filter=(attributeName=value) >> >> user.manager.impl=cached >> >> ldap.bind.authenticator.enabled=true >> >> Initially, I couldn't even start Archiva once I enabled LDAP. Through trial >> and error using Apache Directory Studio, I was able to successfully >> configure LDAP. Now, Archiva can start again since it can communicate via >> LDAP to our AD server. >> >> There are some problems though: >> >> 1.) The initial user Archiva/Redback tries to log in as (myself) but >> cannot be found. I see the logs return a variable "foundUser" with a value >> of false. I know I have the right dn. >> >> 2.) Archiva cannot find any users via LDAP subtree searching. I'm not >> sure if I have to create the user in Archiva first (I assume that I do). >> >> 3.) Thinking that I need to create an Archiva user for myself so that >> problems #1 and #2 can be resolved, I tried to log in as admin. The only >> problem is that Archiva would not let me log in as admin any more. I see in >> archiva.log that LDAP is querying AD for admin. Of course, admin cannot be >> found. I thought "redback.default.admin=admin" would allow me to log in as >> admin as I did before I enabled LDAP. >> >> Note that my Active Directory account is not an admin account. I can't see >> any AD values named "userPassword". I may need to be admin to even see that >> field. I figured that it would be visible but contain encrypted values. >> ldap.config.mapper.attribute.password=userPassword is what I'm basing this >> on. I plan on implementing an admin account, but haven't been given that >> information yet. >> >> Any suggestions? >> >> >> - Chris Harris >> The information transmitted is intended only for the person(s)or entity to >> which it is addressed and may contain confidential and/or legally privileged >> material. Delivery of this message to any person other than the intended >> recipient(s) is not intended in any way to waive privilege or >> confidentiality. Any review, retransmission, dissemination or other use of , >> or taking of any action in reliance upon, this information by entities other >> than the intended recipient is prohibited. If you receive this in error, >> please contact the sender and delete the material from any computer. >> >> For Translation: >> >> http://www.baxter.com/email_disclaimer >> >> The information transmitted is intended only for the person(s)or entity to >> which it is addressed and may contain confidential and/or legally privileged >> material. Delivery of this message to any person other than the intended >> recipient(s) is not intended in any way to waive privilege or >> confidentiality. Any review, retransmission, dissemination or other use of , >> or taking of any action in reliance upon, this information by entities other >> than the intended recipient is prohibited. If you receive this in error, >> please contact the sender and delete the material from any computer. >> >> For Translation: >> >> http://www.baxter.com/email_disclaimer >> >> >> >> This message is private and confidential. If you have received it in error, >> please notify the sender and remove it from your system. >> >> > > > > -- > Olivier Lamy > Talend: http://coders.talend.com > http://twitter.com/olamy | http://linkedin.com/in/olamy > The information transmitted is intended only for the person(s)or entity to > which it is addressed and may contain confidential and/or legally privileged > material. Delivery of this message to any person other than the intended > recipient(s) is not intended in any way to waive privilege or > confidentiality. Any review, retransmission, dissemination or other use of , > or taking of any action in reliance upon, this information by entities other > than the intended recipient is prohibited. If you receive this in error, > please contact the sender and delete the material from any computer. > > For Translation: > > http://www.baxter.com/email_disclaimer > -- Olivier Lamy Talend: http://coders.talend.com http://twitter.com/olamy | http://linkedin.com/in/olamy
