AnsweredAssumed Answered

[Resolu]Synchronisation Alfresco + LDAP (Apache Directory)

Question asked by jack_8100 on Jul 28, 2008
Latest reply on Sep 30, 2008 by tebbaa
Bonjour,

Il s'agit sans doute du n-ième post à ce sujet, mais malgrés mes recherches sur les post deja présent sur le forum anglais et francais, je ne trouve pas de solution à mon problème.
Je travaille actuellement avec la version 2.9B community d'Alfresco et un serveur LDAP (apache directory).
Comme l'indique le titre de ce post, je cherche à utiliser l'authentification et la synchronisation d'alfresco via mon serveur LDAP.

Au lancement d'alfresco j'obtiens le message qui suit :
09:47:04,975 User:System WARN  [authentication.ldap.LDAPInitialDirContextFactoryImpl] LDAP server supports anonymous bind ldap://localhost:10389
09:47:05,007 User:System INFO  [authentication.ldap.LDAPInitialDirContextFactoryImpl] LDAP server does not support simple string user ids and invalid credentials at ldap://localhost:10389
09:47:05,022 User:System INFO  [authentication.ldap.LDAPInitialDirContextFactoryImpl] LDAP server does not fall back to anonymous bind for a simple dn and password at ldap://localhost:10389
09:47:05,038 User:System INFO  [authentication.ldap.LDAPInitialDirContextFactoryImpl] LDAP server does not fall back to anonymous bind for known principal and invalid credentials at ldap://localhost:10389


Je pense d'après le code source que c'est un comportement normal, je crois mais au niveau des log de mon serveur LDAP j'ai ce message :
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute c-FacsimileTelephoneNumber does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute enhancedSearchGuide does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute crossCertificatePair does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute supportedAlgorithms does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute deltaRevocationList does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute namingContexts does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute altServer does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute supportedExtension does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute facsimileTelephoneNumber does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute preferredDeliveryMethod does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute byteCode does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute telexNumber does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute teletexTerminalIdentifier does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute cACertificate does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute userCertificate does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute certificateRevocationList does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute authorityRevocationList does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute subtreeSpecification does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute searchGuide does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute userPKCS12 does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute jpegPhoto does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute audio does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute personalSignature does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute subtreeMaximumQuality does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute krb5Key does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute singleLevelQuality does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute subtreeMinimumQuality does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute c-TelexNumber does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute mailPreferenceOption does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute dSAQuality does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute javaSerializedData does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute photo does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute supportedControl does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute supportedSASLMechanisms does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute supportedLDAPVersion does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute dynamicSubtrees does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute entryTtl does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute nisNetgroupTriple does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute userSMIMECertificate does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute otherMailbox does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.schema.bootstrap.BootstrapAttributeTypeRegistry] - Attribute bootParameter does not have normalizer : using NoopNormalizer
[09:46:30] WARN [org.apache.directory.server.core.partition.impl.btree.BTreePartition] - Using default cache size of 100 for index on attribute 1.3.6.1.4.1.18060.0.4.1.2.2
[09:46:30] WARN [org.apache.directory.server.core.partition.impl.btree.BTreePartition] - Using default cache size of 100 for index on attribute 1.3.6.1.4.1.18060.0.4.1.2.3
[09:46:30] WARN [org.apache.directory.server.core.partition.impl.btree.BTreePartition] - Using default cache size of 100 for index on attribute 1.3.6.1.4.1.18060.0.4.1.2.1
[09:46:30] WARN [org.apache.directory.server.core.partition.impl.btree.BTreePartition] - Using default cache size of 100 for index on attribute 1.3.6.1.4.1.18060.0.4.1.2.6
[09:46:30] WARN [org.apache.directory.server.core.partition.impl.btree.BTreePartition] - Using default cache size of 100 for index on attribute 1.3.6.1.4.1.18060.0.4.1.2.7
[09:46:30] WARN [org.apache.directory.server.core.partition.impl.btree.BTreePartition] - Using default cache size of 100 for index on attribute 1.3.6.1.4.1.18060.0.4.1.2.4
[09:46:30] WARN [org.apache.directory.server.core.partition.impl.btree.BTreePartition] - Using default cache size of 100 for index on attribute 1.3.6.1.4.1.18060.0.4.1.2.5
[09:46:31] WARN [org.apache.directory.server.core.partition.impl.btree.BTreePartition] - Using default cache size of 100 for index on attribute 1.3.6.1.4.1.18060.0.4.1.2.2
[09:46:31] WARN [org.apache.directory.server.core.partition.impl.btree.BTreePartition] - Using default cache size of 100 for index on attribute 1.3.6.1.4.1.18060.0.4.1.2.3
[09:46:31] WARN [org.apache.directory.server.core.partition.impl.btree.BTreePartition] - Using default cache size of 100 for index on attribute 1.3.6.1.4.1.18060.0.4.1.2.1
[09:46:31] WARN [org.apache.directory.server.core.partition.impl.btree.BTreePartition] - Using default cache size of 100 for index on attribute 1.3.6.1.4.1.18060.0.4.1.2.6
[09:46:31] WARN [org.apache.directory.server.core.partition.impl.btree.BTreePartition] - Using default cache size of 100 for index on attribute 1.3.6.1.4.1.18060.0.4.1.2.7
[09:46:31] WARN [org.apache.directory.server.core.partition.impl.btree.BTreePartition] - Using default cache size of 100 for index on attribute 1.3.6.1.4.1.18060.0.4.1.2.4
[09:46:31] WARN [org.apache.directory.server.core.partition.impl.btree.BTreePartition] - Using default cache size of 100 for index on attribute 1.3.6.1.4.1.18060.0.4.1.2.5
[09:46:31] WARN [org.apache.directory.server.core.DefaultDirectoryService] - You didn't change the admin password of directory service instance 'default'.  Please update the admin password as soon as possible to prevent a possible security breach.
[09:47:04] ERROR [org.apache.directory.shared.ldap.codec.LdapMessageGrammar] - Incorrect DN given : daftAsABrush (0x64 0x61 0x66 0x74 0x41 0x73 0x41 0x42 0x72 0x75 0x73 0x68 ) is invalid : Bad DN : daftAsABrush
[09:47:05] ERROR [org.apache.directory.server.core.authn.SimpleAuthenticator] - Authentication error : cn=daftAsABrush,dc=woof

Ce qui pourrait peut etre expliquer qu'au moment de l'authentification à alfresco via le navigateur j'ai le message suivant :
09:52:40,721 User:guest ERROR [[localhost].[/alfresco].[Faces Servlet]] "Servlet.service()" pour la servlet Faces Servlet a gÚnÚrÚ une exception
org.alfresco.error.AlfrescoRuntimeException: Not implemented
        at org.alfresco.repo.security.authentication.DefaultMutableAuthenticationDao.loadUserByUsername(DefaultMutableAuthenticationDao.java:410)
        at net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider.getUserFromBackend(DaoAuthenticationProvider.java:390)
        at net.sf.acegisecurity.providers.dao.DaoAuthenticationProvider.authenticate(DaoAuthenticationProvider.java:225)
        at net.sf.acegisecurity.providers.ProviderManager.doAuthentication(ProviderManager.java:159)
        at net.sf.acegisecurity.AbstractAuthenticationManager.authenticate(AbstractAuthenticationManager.java:49)
        at org.alfresco.repo.security.authentication.AuthenticationComponentImpl.authenticateImpl(AuthenticationComponentImpl.java:74)
        at org.alfresco.repo.security.authentication.AbstractAuthenticationComponent.authenticate(AbstractAuthenticationComponent.java:74)
        at org.alfresco.repo.security.authentication.AuthenticationServiceImpl.authenticate(AuthenticationServiceImpl.java:114)
        at org.alfresco.repo.security.authentication.ChainingAuthenticationServiceImpl.authenticate(ChainingAuthenticationServiceImpl.java:164)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:281)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:187)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:154)
        at net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:80)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)
        at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:49)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)
        at org.alfresco.repo.audit.AuditComponentImpl.audit(AuditComponentImpl.java:241)
        at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:69)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)
        at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:107)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:210)
        at $Proxy20.authenticate(Unknown Source)
        at org.alfresco.web.bean.LoginBean.login(LoginBean.java:247)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
        at java.lang.reflect.Method.invoke(Method.java:597)
        at org.apache.myfaces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:132)
        at org.apache.myfaces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:61)
        at javax.faces.component.UICommand.broadcast(UICommand.java:109)
        at javax.faces.component.UIViewRoot._broadcastForPhase(UIViewRoot.java:97)
        at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:171)
        at org.apache.myfaces.lifecycle.InvokeApplicationExecutor.execute(InvokeApplicationExecutor.java:32)
        at org.apache.myfaces.lifecycle.LifecycleImpl.executePhase(LifecycleImpl.java:95)
        at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:70)
        at javax.faces.webapp.FacesServlet.service(FacesServlet.java:139)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
        at org.alfresco.web.app.servlet.AuthenticationFilter.doFilter(AuthenticationFilter.java:94)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)
        at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
        at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
        at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
        at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
        at java.lang.Thread.run(Thread.java:619)

Outcomes