We do not allow guest accounts on our LDAP server. If I remove the 'redback.default.guest' configuration I see this exception below. Is there a way to bypass that?
I would like all users with an LDAP sign-on to be considered a registered user once signed in and then administer their access rights at that point. 69711 [SocketListener0-1] ERROR com.opensymphony.webwork.dispatcher.DispatcherUtils - Could not find action Caught Exception while registering Interceptor class redbackEnvironmentCheckInterceptor - Class: org.codehaus.plexus.redback.xwork.checks.security.GuestUserEnvironmentCheck File: GuestUserEnvironmentCheck.java Method: validateEnvironment Line: 100 - org/codehaus/plexus/redback/xwork/checks/security/GuestUserEnvironmentCheck.java:100:-1 at org.codehaus.plexus.xwork.PlexusObjectFactory.buildInterceptor(PlexusObjectFactory.java:152) at com.opensymphony.xwork.config.providers.InterceptorBuilder.constructInterceptorReference(InterceptorBuilder.java:56) at com.opensymphony.xwork.config.providers.XmlConfigurationProvider.lookupInterceptorReference(XmlConfigurationProvider.java:701) at com.opensymphony.xwork.config.providers.XmlConfigurationProvider.loadInterceptorStack(XmlConfigurationProvider.java:568) at com.opensymphony.xwork.config.providers.XmlConfigurationProvider.loadInterceptorStacks(XmlConfigurationProvider.java:581) at com.opensymphony.xwork.config.providers.XmlConfigurationProvider.loadInterceptors(XmlConfigurationProvider.java:602) at com.opensymphony.xwork.config.providers.XmlConfigurationProvider.addPackage(XmlConfigurationProvider.java:204) at com.opensymphony.xwork.config.providers.XmlConfigurationProvider.loadConfigurationFile(XmlConfigurationProvider.java:675) at com.opensymphony.xwork.config.providers.XmlConfigurationProvider.loadConfigurationFile(XmlConfigurationProvider.java:678) at com.opensymphony.xwork.config.providers.XmlConfigurationProvider.init(XmlConfigurationProvider.java:91) at com.opensymphony.xwork.config.impl.DefaultConfiguration.reload(DefaultConfiguration.java:86) at com.opensymphony.xwork.config.ConfigurationManager.getConfiguration(ConfigurationManager.java:55) at com.opensymphony.xwork.DefaultActionProxy.<init>(DefaultActionProxy.java:60) at com.opensymphony.xwork.DefaultActionProxyFactory.createActionProxy(DefaultActionProxyFactory.java:46) at com.opensymphony.webwork.dispatcher.DispatcherUtils.serviceAction(DispatcherUtils.java:264) at com.opensymphony.webwork.dispatcher.FilterDispatcher.doFilter(FilterDispatcher.java:202) at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821) at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:118) at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:52) at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821) at com.opensymphony.webwork.dispatcher.ActionContextCleanUp.doFilter(ActionContextCleanUp.java:88) at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821) at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:471) at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568) at org.mortbay.http.HttpContext.handle(HttpContext.java:1530) at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633) at org.mortbay.http.HttpContext.handle(HttpContext.java:1482) at org.mortbay.http.HttpServer.service(HttpServer.java:909) at org.mortbay.http.HttpConnection.service(HttpConnection.java:816) at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:982) at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833) at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244) at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357) at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534) Caused by: java.lang.NullPointerException at org.codehaus.plexus.redback.xwork.checks.security.GuestUserEnvironmentCheck.validateEnvironment(GuestUserEnvironmentCheck.java:100) at org.codehaus.plexus.redback.xwork.interceptor.EnvironmentCheckInterceptor.init(EnvironmentCheckInterceptor.java:77) at org.codehaus.plexus.xwork.PlexusObjectFactory.buildInterceptor(PlexusObjectFactory.java:119) ... 33 more -----Original Message----- From: Emmanuel Venisse [mailto:[EMAIL PROTECTED] Sent: Saturday, September 29, 2007 3:54 AM To: [EMAIL PROTECTED] Subject: Re: 1.1-beta-3 LDAP Madsen,Bryan a écrit : > I trudged through configuring LDAP and am now able to log on with my > sign on and password. I think I still have some configuration related > issues that need to be addressed. > > When I access the server and am not logged in I have full admin rights. > This applies to anyone. > > When I log in it seems I am the administrator since I logged in the > first time. Another person I work with logged in and has the ability to > see nothing. Right now the moral of the story is don't login and you can > do anything. > > When I go to the Users screen no users are displayed and the only thing > I can do is look at the User List and Roles Matrix report. How do I > configure access control for users signed in through LDAP? > > In the security.properties file I added the following config: > > # LDAP setup > user.manager.impl=ldap > ldap.bind.authenticator.enabled=true > redback.default.admin=myusername > redback.default.guest=myusername > security.policy.password.expiration.enabled=false > > What is the purpose of redback.default.admin and redback.default.guest? Jesse know well but I think if guest = admin = myusername so guest is an admin > If I omitted those configs the server crashes on startup. I used my > personnel username for admin and guest since I don't see the purpose of > these configurations and that seemed to work. > > In my situation I would like to have any user login with LDAP and > default to guest access and then configure specific users for more > advanced rights. Is this supposed to be handled through the Users screen > or some other location? > > Any help would be appreciated. > > Bryan > > > ---------------------------------------------------------------------- > CONFIDENTIALITY NOTICE This message and any included attachments are from > Cerner Corporation and are intended only for the addressee. The information > contained in this message is confidential and may constitute inside or > non-public information under international, federal, or state securities > laws. Unauthorized forwarding, printing, copying, distribution, or use of > such information is strictly prohibited and may be unlawful. If you are not > the addressee, please promptly delete this message and notify the sender of > the delivery error by e-mail or you may call Cerner's corporate offices in > Kansas City, Missouri, U.S.A at (+1) (816)221-1024.