AnsweredAssumed Answered

Please help with connecting Activiti and Active Directory

Question asked by bizilux on Feb 5, 2016
Latest reply on Feb 11, 2016 by jbarrez
Hello all, long story short, im doing this pilot/test project for a company, and also writing Bachelor's degree on topic "Use of Alfresco Activiti for process reeingineering" at the same time. Problem is, I am catastrophically stuck at this AD problem for the past 1 month.

Alfresco is on version 5.0.2.5 and Activiti is on 1.3.3
 
I used "demo setup" from activiti-share-connector-1.3.2, and it is working. If I started a process in activiti, it was shown in Alfresco dashboard too.
 
Then I configured Active Directory for Alfresco, that worked too. It imported all 1600 users and groups. Configuration file for that is located on this path (and also attached it)
C:\Alfresco\Alfresco-5.0.2.5-january\tomcat\webapps\alfresco\WEB-INF\classes\alfresco\extension\subsystems\Authentication\ldap\ldap1\ldap-authentication.properties
 
Then I wanted to configure AD on Activiti too. And it is not working with similar settings. Configuration file for that is located on this path (and also attached it)
C:\Alfresco\Activiti-1.3.3-january\tomcat\webapps\activiti-app\WEB-INF\classes\META-INF\activiti-app\activiti-ldap.properties
 
I also enabled debugging by setting log4j.logger.com.activti.idm.ldap=debug in log4j.properties file. Unfortunately it doesn't provide much information. All it does is it shows this message when we try to log in:
 
09:43:23,392 [http-nio-8080-exec-4] DEBUG com.activti.idm.ldap.auth.ActivitiActiveDirectoryAuthenticationProvider  - Authentication for luka.bizjak@skb.si failed:javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1 ]
09:43:23,392 [http-nio-8080-exec-4] INFO  com.activti.idm.ldap.auth.ActivitiActiveDirectoryAuthenticationProvider  - Active Directory authentication failed: Supplied password was invalid
 
I believe that Activiti doesn't import users from AD, so problem has to be in importing part.
 
Also catalina.log and localhost.log don't show any errors at all.
 
 
So can you help please?
ldap-authentication.properties file is from Alfresco AD configuration, and that works. Can you create/fix file for Activiti AD configuration out of that Alfresco's working file?

I would be eternally grateful, this is the only thing standing between me and my graduation.

PS: I only removed "ldap.synchronization.java.naming.security.credentials" so that it is hidden.
PSS: I had to change .properties extension to .txt, so that i could upload ithere. You can simply change it back to .properties if you want

Outcomes