AnsweredAssumed Answered

Ldap with Access Manager -Sun Portal

Question asked by elisabetta on Aug 6, 2008
Latest reply on Aug 7, 2008 by elisabetta
I have problem with importing users from the LDAP  Access Manger. I've tryed several ways. I think some parameter is not ok but I can I be sure to bring the right value from access manager? It's not so clear! where I can find the right  java.naming.security.principal and how to configure it? I have ldap administrator but I also have simple access administrator. Should I use cn or uid?
When I get infomation in my Sun System access Manager I find the following Ldp service configuration
Primary LDAP Server:sunportal.ptqs-int.it:389
DN to Start User Search:dc=ptqs-int,dc=it
DN for Root User Bind:cn=amldapuser,ou=DSAME Users,dc=ptqs-int,dc=it
Attribute Used to Retrieve User Profile:      uid
Attributes Used to Search for a User to be Authenticated: uid
Return User DN to Authenticate:   flagged
LDAP Server Check Interval: 15
Authentication Level: 0              


Here is my ldap-authentication-context.xml:

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
<beans>


    <bean id="ldapInitialDirContextFactory" class="org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl">
        <property name="initialDirContextEnvironment">
            <map>
                <!– The LDAP provider –>
                <entry key="java.naming.factory.initial">
                    <value>com.sun.jndi.ldap.LdapCtxFactory</value>
                </entry>
               <entry key="java.naming.provider.url">
                   <value>ldap://sunportal.ptqs-int.it:389</value>
               </entry>
               <entry key="java.naming.security.authentication">
                   <value>DIGEST-MD5</value> 
   </entry>
               <entry key="java.naming.security.principal">
      <value>cn=amldapuser,ou=DSAME Users</value> 
                          <!–  <value>cn=amadmin,dc=ptqs-int,dc=it</value>   –>
               </entry>
               <entry key="java.naming.security.credentials">
                    <value>ptqsadmin</value>
               </entry>
           </map>
       </property>
   </bean>
</beans>


Here is what it gives me -only INFO:


6-ago-2008 9.10.34 org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive alfresco.war
09:11:35,224 INFO  [alfresco.mbeans.VirtServerRegistry] Creating VirtServerRegis
try MBean
09:11:36,240 WARN  [remoting.rmi.RmiRegistryFactoryBean] Could not detect RMI re
gistry - creating new one
09:11:36,458 INFO  [alfresco.mbeans.VirtServerRegistry] Created JMX serverConnec
tor
09:11:36,568 DEBUG [security.authentication.ldap] preRegister called. Server=com
.sun.jmx.mbeanserver.JmxMBeanServer@fe861, name=log4j:logger=org.alfresco.repo.s
ecurity.authentication.ldap
09:11:49,124 INFO  [authentication.ldap.LDAPInitialDirContextFactoryImpl] [b]LDAP s
erver does not fall back to anonymous bind for a string uid and password at ldap
://sunportal.ptqs-int.it:389
09:11:49,217 INFO  [authentication.ldap.LDAPInitialDirContextFactoryImpl] LDAP s
erver does not fall back to anonymous bind for a simple dn and password at ldap:
//sunportal.ptqs-int.it:389
09:11:49,280 INFO  [authentication.ldap.LDAPInitialDirContextFactoryImpl] LDAP s
erver does not fall back to anonymous bind for known principal and invalid crede
ntials at ldap://sunportal.ptqs-int.it:389 [/b]
thank anyone can help me! Elisabetta

Outcomes