[Deploying Sakai] SAKAI 2.7.1 - LDAP
Richard Gliebe
richard.gliebe at fhv.at
Mon Dec 13 01:46:54 PST 2010
On 12/13/10 1:44 AM Steve Swinsburg wrote:
> Hi Richard,
Hi Steve,
thanks for your anwer.
I've edit the *.xml Files for LDAP, but after restarting tomcat, I still
getting "Alert: invalid login"
Here are my LDAP settings.
$CATALINA_HOME/components/sakai-provider-pack/META-INF/maven/org.sakaiproject/sakai-provider-pack/pom.xml:
....
<!-- Needed for the JLDAP Provider -->
<dependency>
<groupId>org.sakaiproject</groupId>
<artifactId>sakai-jldap-provider</artifactId>
</dependency>
<dependency>
<groupId>openldap</groupId>
<artifactId>ldap</artifactId>
<version>2005.03.29</version>
</dependency>
<!-- -->
....
$CATALINE_HOME/components/sakai-provider-pack/WEB-INF/components.xml:
....
<!-- Uncomment and configure to use the JLDAPDirectoryProvider -->
<import resource="jldap-beans.xml" />
....
$CATALINA_HOME/components/sakai-provider-pack/WEB-INF/jldap-beans.xml:
....
<!-- Required. Host name or address of your LDAP server -->
<property name="ldapHost">
<value>our.ldap.host.fqdn</value>
</property>
<!-- Optional. LDAP connection port. Typically defaults to
JLDAPDirectoryProvider.DEFAULT_LDAP_PORT (389). Secured connections are
usually on 636 -->
<property name="ldapPort">
<value>636</value>
</property>
....
<!-- Optional. DN to which to bind for directory searches.
Typically only necessary if autoBind is true -->
<property name="ldapUser">
<value>uid=xxx,ou=xxx,ou=xxx,dc=xxx,dc=xxx</value>
</property>
<!-- Optional. Password for ldapUser defined above -->
<property name="ldapPassword">
<value>ldappassword</value>
</property>
<!-- Optional. Enables/disables secure LDAP connections.
defaults to JLDAPDirectoryProvider.DEFAULT_IS_SECURE_CONNECTION (false) -->
<property name="secureConnection">
<value>true</value>
</property>
....
<property name="autoBind">
<value>false</value>
</property>
....
<!-- Optional, but usually specified. Base DN for directory searches. -->
<property name="basePath">
<value>ou=xxx,ou=xxx,dc=xxx,dc=xxx</value>
</property>
....
<property name="attributeMappings">
<map>
<entry key="login"><value>cn</value></entry>
<entry key="firstName"><value>givenName</value></entry>
<entry key="lastName"><value>sn</value></entry>
<entry key="email"><value>mail</value></entry>
<entry key="groupMembership"><value>fhvisaismemberof</value></entry>
</map>
</property>
....
No Errors found in the catalina log Files, also no errors found in the
logfiles from our ldap server.
a ldapsearch from our sakai server to our ldap server works:
....
# ldapsearch -H ldaps://our.ldap.server.fydn -x -W -D
'uid=xxx,ou=xxx,ou=xxx,dc=xxx,dc=xxx' 'uid=xxx'
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <dc=xxx,dc=xxx> (default) with scope subtree
# filter: uid=xxx
# requesting: ALL
#
... and so an ...
Is there a way to start a debugging mode?
many thanks for your hints.
Richard
>
> Technically you need the source as there are source files you need to modify, however since this particular modification only touches XML config files, which are read and do not provide any filtered values, it is possible you can do it in the deployed version.
>
> cheers,
> Steve
More information about the production
mailing list