AnsweredAssumed Answered

LDAP: Chaining: Weird Errors on Login

Question asked by neomlsra on Mar 7, 2009
Latest reply on Mar 16, 2009 by flefoll
I am trying to get LDAP Chaining working and here are the errors I get when logging into the system as either admin (local) or as an LDAP account:

javax.faces.FacesException: Error calling action method of component with id loginForm:submit
caused by:
javax.faces.el.EvaluationException: Exception while invoking expression #{LoginBean.login}
caused by:
org.alfresco.error.AlfrescoRuntimeException: Not implemented

Hide Details

javax.faces.FacesException: Error calling action method of component with id loginForm:submit
at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:72)
at javax.faces.component.UICommand.broadcast(UICommand.java:109)
at javax.faces.component.UIViewRoot._broadcastForPhase(UIViewRoot.java:97)
at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:171)
at org.apache.myfaces.lifecycle.InvokeApplicationExecutor.execute(InvokeApplicationExecutor.java:32)
at org.apache.myfaces.lifecycle.LifecycleImpl.executePhase(LifecycleImpl.java:95)
at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:70)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:139)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.alfresco.web.app.servlet.AuthenticationFilter.doFilter(AuthenticationFilter.java:94)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:845)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:595)
Caused by: javax.faces.el.EvaluationException: Exception while invoking expression #{LoginBean.login}
at org.apache.myfaces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:156)
at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:61)
… 22 more
Caused by: org.alfresco.error.AlfrescoRuntimeException: Not implemented
at org.alfresco.repo.security.authentication.DefaultMutableAuthenticationDao.loadUserByUsername(DefaultMutableAuthenticationDao.java:410)
at net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider.getUserFromBackend(DaoAuthenticationProvider.java:390)
at net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider.authenticate(DaoAuthenticationProvider.java:225)
at net.sf.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:159)
at net.sf.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:49)
at org.alfresco.repo.security.authentication.AuthenticationComponentImpl.authenticateImpl(AuthenticationComponentImpl.java:74)
at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent.authenticate(AbstractAuthenticationComponent.java:130)
at org.alfresco.repo.security.authentication.AuthenticationServiceImpl.authenticate(AuthenticationServiceImpl.java:118)
at org.alfresco.repo.security.authentication.ChainingAuthenticationServiceImpl.authenticate(ChainingAuthenticationServiceImpl.java:166)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:296)
at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:177)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:144)
at net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:80)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:166)
at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:49)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:166)
at org.alfresco.repo.audit.AuditComponentImpl.audit(AuditComponentImpl.java:275)
at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:69)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:166)
at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:107)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:166)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
at $Proxy24.authenticate(Unknown Source)
at org.alfresco.web.bean.LoginBean.login(LoginBean.java:274)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at org.apache.myfaces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:132)
… 23 more
Return to application
Logout

Here is my chaning-authentication-conextex.xml file:

<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>

<beans>  
  
   
    <!– Chaining of both the services and components –>
   
    <bean id="authenticationService" class="org.alfresco.repo.security.authentication.ChainingAuthenticationServiceImpl">
        <property name="authenticationServices">
            <list>
                <ref bean="authenticationServiceImplJAAS"/>
            </list>
        </property>
        <property name="mutableAuthenticationService">
            <ref bean="authenticationServiceImplAlfresco"/>
        </property>
        <property name="sysAdminCache">
            <ref bean="sysAdminCache"/>
        </property>
    </bean>
   
    <bean id="authenticationComponent" class="org.alfresco.repo.security.authentication.ChainingAuthenticationComponentImpl">
      <property name="authenticationComponents">
            <list>
                <ref bean="authenticationComponentImplJAAS"/>
            </list>
        </property>
        <property name="mutableAuthenticationComponent">
            <ref bean="authenticationComponentImplAlfresco"/>
        </property>
   </bean>
   
    <!– Alfresco Auth –>
   
    <bean id="authenticationServiceImplAlfresco" class="org.alfresco.repo.security.authentication.AuthenticationServiceImpl">
        <property name="authenticationDao">
            <ref bean="authenticationDaoAlfresco"/>
        </property>
        <property name="ticketComponent">
            <ref bean="ticketComponent"/>
        </property>
        <property name="authenticationComponent">
            <ref bean="authenticationComponentImplAlfresco"/>
        </property>
        <property name="sysAdminCache">
            <ref bean="sysAdminCache"/>
        </property>
    </bean>
   
    <bean id="authenticationDaoAlfresco" class="org.alfresco.repo.security.authentication.RepositoryAuthenticationDao">
        <property name="nodeService">
            <ref bean="nodeService"/>
        </property>
        <property name="tenantService">
            <ref bean="tenantService"/>
        </property>
        <property name="dictionaryService">
            <ref bean="dictionaryService"/>
        </property>
        <property name="namespaceService">
            <ref bean="namespaceService"/>
        </property>
        <property name="searchService">
            <ref bean="admSearchService"/>
        </property>
        <property name="retryingTransactionHelper">
          <ref bean="retryingTransactionHelper"/>
        </property>
        <property name="userNamesAreCaseSensitive">
            <value>${user.name.caseSensitive}</value>
        </property>
        <property name="passwordEncoder">
            <ref bean="passwordEncoder"/>
        </property>
    </bean>
   
    <bean id="authenticationComponentImplAlfresco" class="org.alfresco.repo.security.authentication.AuthenticationComponentImpl" parent="authenticationComponentBase">
        <property name="authenticationDao">
            <ref bean="authenticationDaoAlfresco"/>
        </property>
        <property name="authenticationManager">
            <ref bean="authenticationManager"/>
        </property>
        <property name="allowGuestLogin">
            <value>true</value>
        </property>
        <property name="nodeService">
            <ref bean="nodeService" />
        </property>
        <property name="personService">
            <ref bean="personService" />
        </property>
        <property name="transactionService">
            <ref bean="transactionService" />
        </property>
    </bean>
   
    <!– JAAS –>
   
    <bean id="authenticationServiceImplJAAS" class="org.alfresco.repo.security.authentication.AuthenticationServiceImpl">
        <property name="authenticationDao">
            <ref bean="authenticationDaoJAAS"/>
        </property>
        <property name="ticketComponent">
            <ref bean="ticketComponent"/>
        </property>
        <property name="authenticationComponent">
            <ref bean="authenticationComponentImplJAAS"/>
        </property>
        <property name="sysAdminCache">
            <ref bean="sysAdminCache"/>
        </property>
    </bean>
   
    <bean id="authenticationComponentImplJAAS" class="org.alfresco.repo.security.authentication.jaas.JAASAuthenticationComponent">
        <property name="realm">
            <value>PXD</value>
        </property>
        <property name="jaasConfigEntryName">
            <value>Alfresco</value>
        </property>
        <property name="nodeService">
            <ref bean="nodeService" />
        </property>
        <property name="personService">
            <ref bean="personService" />
        </property>
        <property name="transactionService">
            <ref bean="transactionService" />
        </property>
    </bean>
   
   <bean id="authenticationServiceLDAP" class="org.alfresco.repo.security.authentication.AuthenticationServiceImpl">
        <property name="authenticationDao">
            <ref bean="authenticationDaoLDAP" />
        </property>
        <property name="ticketComponent">
            <ref bean="ticketComponent" />
        </property>
        <property name="authenticationComponent">
            <ref bean="authenticationComponentLDAP" />
        </property>
    </bean>

    <bean id="authenticationComponentLDAP" class="org.alfresco.repo.security.authentication.ldap.LDAPAuthenticationComponentImpl">
        <property name="LDAPInitialDirContextFactory">
           <ref bean="ldapInitialDirContextFactory"/>
        </property>
        <property name="userNameFormat">
           <!– <value>{ldap.authentication.userNameFormat}</value> –>
         <value>%s</value>
       </property>
    </bean>

   
    <bean id="authenticationDaoLDAP" class="org.alfresco.repo.security.authentication.ntlm.NullMutableAuthenticationDao"/>
    <bean id="authenticationDaoJAAS" class="org.alfresco.repo.security.authentication.ntlm.NullMutableAuthenticationDao"/>
</beans>

I can get LDAP to work without the chaining file but with the chaining what I get above is it. I can also modify the chaining file to reflect some of the other posts where they have said it works but only LDAP works in those configurations for me and never the local admin account. I only get the message "unknown user or password"

Please Help … I have spent countless days and hours on this.

Regards…..

Additional:

Here is what my log looks like so you can see if anything pops out as being out of place outside of the chaining xxx xxxx.xml file.

09:25:01,603 INFO  [org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl] LDAP server does not fall back to anonymous bind for a string uid and password at ldap://dclc05.us.pioneernrc.pvt:389
09:25:01,619 INFO  [org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl] LDAP server does not fall back to anonymous bind for a simple dn and password at ldap://dclc05.us.pioneernrc.pvt:389
09:25:01,619 INFO  [org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl] LDAP server does not fall back to anonymous bind for known principal and invalid credentials at ldap://dclc05.us.pioneernrc.pvt:389
09:25:04,728 INFO  [org.alfresco.config.xml.XMLConfigService$PropertyConfigurer] Loading properties file from class path resource [alfresco/file-servers.properties]
09:25:06,228 DEBUG [org.alfresco.repo.importer.ImporterJob] preRegister called. Server=com.sun.jmx.mbeanserver.JmxMBeanServer@1a49182, name=log4j:logger=org.alfresco.repo.importer.ImporterJob
09:25:06,228 DEBUG [org.alfresco.repo.security.authentication.ldap] preRegister called. Server=com.sun.jmx.mbeanserver.JmxMBeanServer@1a49182, name=log4j:logger=org.alfresco.repo.security.authentication.ldap
09:25:06,228 DEBUG [org.alfresco.repo.importer.ExportSourceImporter] preRegister called. Server=com.sun.jmx.mbeanserver.JmxMBeanServer@1a49182, name=log4j:logger=org.alfresco.repo.importer.ExportSourceImporter
09:25:13,447 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] Schema managed by database dialect org.hibernate.dialect.MySQLInnoDBDialect.
09:25:19,573 INFO  [org.alfresco.repo.domain.schema.SchemaBootstrap] No changes were made to the schema.
09:25:21,291 INFO  [org.alfresco.repo.admin.ConfigurationChecker] The Alfresco root data directory ('dir.root') is: C:\Alfresco\alf_data
09:25:21,526 INFO  [org.alfresco.repo.admin.patch.PatchExecuter] Checking for patches to apply …
09:25:21,963 INFO  [org.alfresco.repo.admin.patch.PatchExecuter] No patches were required.
09:25:21,963 INFO  [org.alfresco.repo.module.ModuleServiceImpl] Found 1 module(s).
09:25:22,026 INFO  [org.alfresco.repo.module.ModuleServiceImpl] Starting module 'org.alfresco.module.vti' version 1.0.
09:25:22,323 ERROR [org.alfresco.smb.protocol.auth] No valid CIFS authentication combination available
09:25:22,323 ERROR [org.alfresco.smb.protocol.auth] Either enable Kerberos support or use an authentication component that supports MD4 hashed passwords
09:25:22,323 ERROR [org.alfresco.smb.protocol] CIFS server configuration error, Invalid CIFS authenticator configuration
org.alfresco.error.AlfrescoRuntimeException: Invalid CIFS authenticator configuration
   at org.alfresco.filesys.auth.cifs.EnterpriseCifsAuthenticator.initialize(EnterpriseCifsAuthenticator.java:389)
   at org.alfresco.jlan.smb.server.CIFSConfigSection.setAuthenticator(CIFSConfigSection.java:607)
   at org.alfresco.filesys.ServerConfigurationBean.processCIFSServerConfig(ServerConfigurationBean.java:881)
   at org.alfresco.filesys.ServerConfigurationBean.init(ServerConfigurationBean.java:546)
   at org.alfresco.filesys.ServerConfigurationBean.onApplicationEvent(ServerConfigurationBean.java:3098)
   at org.springframework.context.event.SimpleApplicationEventMulticaster$1.run(SimpleApplicationEventMulticaster.java:77)
   at org.springframework.core.task.SyncTaskExecutor.execute(SyncTaskExecutor.java:49)
   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:75)
   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:246)
   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:355)
   at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:244)
   at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:187)
   at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:49)
   at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3843)
   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4342)
   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
   at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525)
   at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:830)
   at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:719)
   at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490)
   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1149)
   at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
   at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
   at org.apache.catalina.core.StandardService.start(StandardService.java:516)
   at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
   at org.apache.catalina.startup.Catalina.start(Catalina.java:578)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:585)
   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
09:25:22,338 ERROR [org.alfresco.smb.protocol] FTP server configuration error, Wrong authentication setup for alfresco authenticator
org.alfresco.error.AlfrescoRuntimeException: Wrong authentication setup for alfresco authenticator
   at org.alfresco.filesys.ServerConfigurationBean.processFTPServerConfig(ServerConfigurationBean.java:1833)
   at org.alfresco.filesys.ServerConfigurationBean.init(ServerConfigurationBean.java:580)
   at org.alfresco.filesys.ServerConfigurationBean.onApplicationEvent(ServerConfigurationBean.java:3098)
   at org.springframework.context.event.SimpleApplicationEventMulticaster$1.run(SimpleApplicationEventMulticaster.java:77)
   at org.springframework.core.task.SyncTaskExecutor.execute(SyncTaskExecutor.java:49)
   at org.springframework.context.event.SimpleApplicationEventMulticaster.multicastEvent(SimpleApplicationEventMulticaster.java:75)
   at org.springframework.context.support.AbstractApplicationContext.publishEvent(AbstractApplicationContext.java:246)
   at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:355)
   at org.springframework.web.context.ContextLoader.createWebApplicationContext(ContextLoader.java:244)
   at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:187)
   at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:49)
   at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:3843)
   at org.apache.catalina.core.StandardContext.start(StandardContext.java:4342)
   at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
   at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
   at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525)
   at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:830)
   at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:719)
   at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490)
   at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1149)
   at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
   at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
   at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
   at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
   at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
   at org.apache.catalina.core.StandardService.start(StandardService.java:516)
   at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
   at org.apache.catalina.startup.Catalina.start(Catalina.java:578)
   at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
   at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
   at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
   at java.lang.reflect.Method.invoke(Method.java:585)
   at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
   at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
09:25:22,557 INFO  [org.alfresco.service.descriptor.DescriptorService] Alfresco JVM - v1.5.0_17-b04; maximum heap size 493.063MB
09:25:22,557 WARN  [org.alfresco.service.descriptor.DescriptorService] Alfresco JVM - WARNING - maximum heap size 493.063MB is less than recommended 512MB
09:25:22,557 INFO  [org.alfresco.service.descriptor.DescriptorService] Alfresco started (Labs): Current version 3.0.0 (Stable 1526) schema 1002 - Installed version 3.0.0 (Stable 1526) schema 1002
09:25:39,777 INFO  [org.alfresco.web.site.FrameworkHelper] Successfully Initialized Web Framework
09:25:42,246 INFO  [org.alfresco.web.scripts.DeclarativeRegistry] Registered 67 Web Scripts (+0 failed), 71 URLs
09:25:42,277 INFO  [org.alfresco.web.scripts.AbstractRuntimeContainer] Initialised Presentation Web Script Container (in 739.46106ms)
09:26:43,468 INFO  [org.alfresco.web.scripts.DeclarativeRegistry] Registered 101 Web Scripts (+0 failed), 105 URLs
09:26:43,468 INFO  [org.alfresco.web.scripts.AbstractRuntimeContainer] Initialised WebFramework Web Script Container (in 61113.375ms)
09:26:43,546 INFO  [org.alfresco.web.site.FrameworkHelper] Successfully Initialized Web Framework

Outcomes