[Using Sakai] sakai ldap problem
Latif SAĞLAM
lsaglam at anadolu.edu.tr
Fri Jul 29 07:42:31 PDT 2011
I installed sakai 2.8 binary as follows http://source.sakaiproject.org/release/2.8.0/artifacts/sakai-bin-2.8.0.zip<https://cas.porsuk.anadolu.edu.tr/owa/redir.aspx?C=69f5a103a7a24669bd3381b5b15ecd0d&URL=http%3a%2f%2fsource.sakaiproject.org%2frelease%2f2.8.0%2fartifacts%2fsakai-bin-2.8.0.zip>
My setenv.bat file is below
set JAVA_OPTS=-server -Xms512m -Xmx1024m -XX:PermSize=128m -XX:MaxPermSize=256m -XX:NewSize=192m -XX:MaxNewSize=384m -Djava.awt.headless=true -Duser.language=tr -Duser.region=TR -Dhttp.agent=Sakai -Dorg.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING=false -Dsun.lang.ClassLoader.allowArraySyntax=true
I installed correctly and it Works.
------------**************------------
my pom.xml in C:\opt\tomcat\components\sakai-provider-pack\META-INF\maven\org.sakaiproject\sakai-provider-pack below
<?xml version="1.0"?>
<project xmlns="http://maven.apache.org/POM/4.0.0">
<modelVersion>4.0.0</modelVersion>
<parent>
<artifactId>providers-base</artifactId>
<groupId>org.sakaiproject</groupId>
<version>2.8.0</version>
<relativePath>../pom.xml</relativePath>
</parent>
<name>sakai-provider-pack</name>
<groupId>org.sakaiproject</groupId>
<artifactId>sakai-provider-pack</artifactId>
<organization>
<name>University of Michigan</name>
<url>http://sakaiproject.org/</url>
</organization>
<inceptionYear>2003</inceptionYear>
<packaging>sakai-component</packaging>
<properties>
<deploy.target>components</deploy.target>
</properties>
<dependencies>
<!-- Needed for the sample provider
-->
<dependency>
<groupId>org.sakaiproject</groupId>
<artifactId>sakai-sample-provider</artifactId>
</dependency>
<!-- -->
<!--Needed for the JLDAP Provider -->
<dependency>
<groupId>org.sakaiproject</groupId>
<artifactId>sakai-jldap-provider</artifactId>
<version>${sakai.version}</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<dependency>
<groupId>openldap</groupId>
<artifactId>ldap</artifactId>
<version>2005.03.29</version>
<properties>
<war.bundle>true</war.bundle>
</properties>
</dependency>
<!-- Needed for the Kerberos Provider-->
<dependency>
<groupId>org.sakaiproject</groupId>
<artifactId>sakai-kerberos-provider</artifactId>
</dependency>
<!-- Needed for the IMS Enterprise Provider
<dependency>
<groupId>org.sakaiproject</groupId>
<artifactId>sakai-imsent-provider</artifactId>
</dependency>
-->
<!--
Needed for the (new as of Sakai 2.3) CM-based
AuthzGroupProvider and legacy CourseManagementProvider
-->
<dependency>
<groupId>org.sakaiproject</groupId>
<artifactId>sakai-coursemanagement-authz-provider-impl</artifactId>
</dependency>
<!-- Needed for the Federated provider
<dependency>
<groupId>org.sakaiproject</groupId>
<artifactId>sakai-federating-provider</artifactId>
</dependency>
-->
<!-- Needed for the All Hands Provider
<dependency>
<groupId>org.sakaiproject</groupId>
<artifactId>sakai-allhands-provider</artifactId>
</dependency>
-->
<!-- Needed for the K2 Hybrid Provider
-->
<dependency>
<groupId>org.sakaiproject.provider</groupId>
<artifactId>sakai-hybrid-provider</artifactId>
<version>2.8.0</version>
</dependency>
<dependency>
<groupId>openldap</groupId>
<artifactId>ldap</artifactId>
<version>2.6.ORC1-SNAPSHOT</version>
</dependency>
</dependencies>
<build>
<resources/>
</build>
</project>
---------------------------------------------------------**************************-----------------------
In C:\opt\tomcat\components\sakai-provider-pack\WEB-INF components.xml file ok
<!-- Uncomment and configure to use the JLDAPDirectoryProvider -->
<import resource="jldap-beans.xml" />
C:\opt\tomcat\components\sakai-provider-pack\WEB-INF jldap-beans.xml file like this
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
<beans>
<bean id="org.sakaiproject.user.api.UserDirectoryProvider"
class="edu.amc.sakai.user.JLDAPDirectoryProvider" init-method="init"
destroy-method="destroy" singleton="true">
<property name="memoryService">
<ref bean="org.sakaiproject.memory.api.MemoryService"/>
</property>
<!-- Required. Host name or address of your LDAP server -->
<property name="ldapHost">
<value>10.10.4.180</value>
</property>
<!-- Optional. LDAP connection port. Typically defaults to
JLDAPDirectoryProvider.DEFAULT_LDAP_PORT (389). Secured
connections are usually on 636 -->
<property name="ldapPort">
<value>10389</value>
</property>
<!-- If secureConnection is true, a keystore location must be provided
unless javax.net.ssl.trustStore system property has already been
set -->
<!--property name="keystoreLocation">
<value>/usually/set/at/startup</value>
</property-->
<!-- If secureConnection is true, a keystore password must be provided
unless javax.net.ssl.trustStorePassword system property has already
been set -->
<!--property name="keystorePassword">
<value>usually-set-at-startup</value>
</property-->
<!-- Optional. DN to which to bind for directory searches.
Typically only necessary if autoBind is true -->
<!--property name="ldapUser">
<value>CN=ctest,OU=Test,DC=anadolu1,DC=edu,DC=tr<value>
</property-->
<!-- Optional. Password for ldapUser defined above -->
<!--property name="ldapPassword">
<value>c123456</value>
</property-->
<!-- Optional. Enables/disables secure LDAP connections.
defaults to JLDAPDirectoryProvider.DEFAULT_IS_SECURE_CONNECTION (false) -->
<!--property name="secureConnection">
<value>true</value>
</property-->
<!-- Optional. If secureConnection is true, this socket factory
will be assigned globally to LDAPConnections. Defaults to an
instance of com.novell.ldap.LDAPJSSESecureSocketFactory, which
is appropriate for SSL connections. Use
com.novell.ldap.LDAPJSSEStartTLSFactory for TLS. -->
<!-- property name="secureSocketFactory">
<bean class="com.novell.ldap.LDAPJSSESecureSocketFactory" />
</property -->
<!-- Optional. Indicate if connection allocation should
implicitly bind as ${ldapUser}. Defaults to false -->
<!--property name="autoBind">
<value>true</value>
</property-->
<!-- Optional, but usually specified. Base DN for directory searches. -->
<property name="basePath">
<value>ou=people,dc=anadolu,dc=edu,dc=tr</value>
</property>
<!-- Optional. Indicate if connections should follow
referrals. Defaults to
JLDAPDirectoryProvider.DEFAULT_IS_FOLLOW_REFERRALS (false)-->
<!-- property name="followReferrals">
<value>false</value>
</property -->
<!-- Optional. LDAP operation timeout in millis. Defaults
to JLDAPDirectoryProvider.DEFAULT_OPERATION_TIMEOUT_MILLIS (5000) -->
<!-- property name="operationTimeout">
<value>5000</value>
</property -->
<!-- Optional. Control depth of all searches. Possible values:
0 - LDAPConnection.SCOPE_BASE - base object only
1 - LDAPConnection.SCOPE_ONE - immediate children of base object
2 - LDAPConnection.SCOPE_SUB - recursive
Defaults to JLDAPDirectoryProvider.DEFAULT_SEARCH_SCOPE (2) -->
<!-- property name="searchScope">
<value>2</value>
</property -->
<!-- Optional. User entry cache ttl in millis. Defaults
to JLDAPDirectoryProvider.DEFAULT_CACHE_TTL (300000)-->
<!-- property name="cacheTTL">
<value>300000</value>
</property -->
<!-- Optional. Control case-sensitivity of cache keys (User.eid values).
Defaults to false. (Note that this is a departure from historical
behavior.) -->
<!--property name="caseSensitiveCacheKeys">
<value>false</value>
</property-->
<!-- Optional. Control the return value of
JLDAPDirectoryProvider.authenticateWithProviderFirst(String)
on a global basis. Defaults to
JLDAPDirectoryProvider.DEFAULT_AUTHENTICATE_WITH_PROVIDER_FIRST. -->
<!-- property name="authenticateWithProviderFirst">
<value>false</value>
</property -->
<!-- Optional. Control whether or not authentication is attempted
on a global basis. "true" enables authentication attempts (but
does not automatically grant all authN attempts), "false"
short-circuits that process and refuses all authN
attempts. Defaults to
JLDAPDirectoryProvider.DEFAULT_ALLOW_AUTHENTICATION -->
<!-- property name="allowAuthentication">
<value>true</value>
</property -->
<!-- Optional. Defaults to an instance of
edu.amc.sakai.user.SimpleLdapConnectionManager -->
<!-- property name="ldapConnectionManager">
<bean class="edu.amc.sakai.user.SimpleLdapConnectionManager" />
</property -->
<!-- Optional. Use Connection Pooling?
Defaults to JLDAPDirectoryProvider.DEFAULT_POOLING (false).
Has no effect if ldapConnectionManager has been explicitly
assigned (unless that object honors this flag, of course). -->
<!-- property name="pooling">
<value>false</value>
</property -->
<!-- Optional. Maxmimum number of connections in the pool
Defaults to JLDAPDirectoryProvider.DEFAULT_POOL_MAX_CONNS (10) -->
<!-- property name="poolMaxConns">
<value>10</value>
</property -->
<!-- Optional. Defaults to an instance of
edu.amc.sakai.user.SimpleLdapAttributeMapper -->
<property name="ldapAttributeMapper">
<ref bean="edu.amc.sakai.user.LdapAttributeMapper" />
</property>
<!-- Optional. Only considered if ldapAttributeMapper is not explicitly
assigned. That is, if you choose to use the default LdapAttributeMapper
implementation, it is sufficient to specify attribute mappings here
and dispense with defining a edu.amc.sakai.user.LdapAttributeMapper bean.
This preserves forward compatibility of pre-2.5 config -->
<!-- property name="attributeMappings">
<map>
<entry key="logicalAttrName">
<value>physicalAttrName</value>
</entry>
</map>
</property -->
<!-- Optional. If you don't provide an eidValidator the system
defaults to allowing searches on any EID, including empty
and null Strings. -->
<property name="eidValidator">
<bean class="edu.amc.sakai.user.RegexpBlacklistEidValidator">
<property name="regexpFlags">
<bean id="java.util.regex.Pattern.CASE_INSENSITIVE"
class="org.springframework.beans.factory.config.FieldRetrievingFactoryBean" />
</property>
<property name="eidBlacklist">
<list>
<value>null</value>
<!--value>nobody</value-->
<!--value>adversary</value-->
</list>
</property>
</bean>
</property>
<property name="searchAliases"><value>false</value></property>
</bean>
<!-- An optional bean definition which can be used to customize LDAP
attribute to Sakai User instance member mapping behaviors. This
example describes availabel configuration options for SimpleLdapAttributeMapper
(the default LdapAttributeMapper implementation). -->
<bean id="edu.amc.sakai.user.LdapAttributeMapper"
class="edu.amc.sakai.user.SimpleLdapAttributeMapper"
init-method="init"
singleton="true">
<!-- A typical set of attribute mappings. Keys are logical
names expected by the application. Values are physical LDAP
attribute names. If not specified or empty, defaults to
AttributeMappingConstants.DEFAULT_ATTR_MAPPINGS. -->
<property name="attributeMappings">
<map>
<entry key="login"><value>uid</value></entry>
<entry key="firstName"><value>givenName</value></entry>
<entry key="preferredFirstName"><value>preferredName</value></entry>
<entry key="lastName"><value>sn</value></entry>
<entry key="email"><value>email</value></entry>
<!--entry key="groupMembership"><value>groupMembership</value></entry--s>
</map>
</property>
<!-- Several options for calculating Sakai user types based
on LDAP attributes. Defaults to an instance of EmptyStringUserTypeMapper -->
<property name="userTypeMapper">
<!-- Select one of the following beans -->
<ref bean="edu.amc.sakai.user.EmptyStringUserTypeMapper" />
<!-- ref bean="edu.amc.sakai.user.EntryAttributeToUserTypeMapper" /-->
<!-- ref bean="edu.amc.sakai.user.EntryContainerRdnToUserTypeMapper" /-->
<!-- ref bean="edu.amc.sakai.user.StringUserTypeMapper" /-->
</property>
</bean>
<!-- /// Begin Sample UserTypeMapper Beans /// -->
<!-- Will usually only need at most one of the following UserTypeMapper
beans. Three "standard" options shown here for documentation purposes. The
"active" bean will be selected by a bean reference in the userTypeMapper
property definition above. -->
<!-- EmptyStringUserTypeMapper assigns gives all users an
empty string as their Sakai "type" -->
<bean id="edu.amc.sakai.user.EmptyStringUserTypeMapper"
class="edu.amc.sakai.user.EmptyStringUserTypeMapper"
singleton="true" />
<!-- StringUserTypeMapper assigns a configurable String to all
users as their Sakai "type". -->
<bean id="edu.amc.sakai.user.StringUserTypeMapper"
class="edu.amc.sakai.user.StringUserTypeMapper"
singleton="true">
<!-- property name="userType">
<value>Registered</value>
</property -->
</bean>
<!-- EntryAttributeToUserTypeMapper calculates Sakai user
types by simply passing attribute values through a map with
configurable "miss" behavior. -->
<bean id="edu.amc.sakai.user.EntryAttributeToUserTypeMapper"
class="edu.amc.sakai.user.EntryAttributeToUserTypeMapper"
singleton="true">
<!-- Optional. If not present or empty, behavior is
determined by the value of returnLiteralAttributeValueIfNoMapping
(see below). -->
<!-- property name="attributeValueToSakaiUserTypeMap">
<map>
<entry key="faculty"><value>faculty</value></entry>
<entry key="students"><value>student</value></entry>
</map>
</property -->
<!-- Required. The logical name of the LDAP attribute which
defines Sakai users' types. Value should be a key into the
attribute mappings associated with this LdapAttributeMapper
instance. -->
<property name="logicalAttributeName">
<value>groupMembership</value>
</property>
<!-- Optional. Defaults to false -->
<!-- property name="returnLiteralAttributeValueIfNoMapping">
<value>false</value>
</property -->
<!-- Optional. Only considered if returnLiteralAttributeValueIfNoMapping
is false. Defaults to null. -->
<!-- property name="defaultSakaiUserType">
<null />
</property -->
</bean>
<!-- EntryContainerRdnToUserTypeMapper calculates Sakai user
types by filtering a user entry's most-local RDN through the
assigned map. -->
<bean id="edu.amc.sakai.user.EntryContainerRdnToUserTypeMapper"
class="edu.amc.sakai.user.EntryContainerRdnToUserTypeMapper"
singleton="true">
<!-- Optional. Maps between container RDN values and Sakai user types -->
<!-- property name="rdnToSakaiUserTypeMap">
<map>
<entry key="facultyStaff"><value>faculty</value></entry>
<entry key="students"><value>student</value></entry>
</map>
</property -->
<!-- Optional. Defaults to false. -->
<!-- property name="returnLiteralRdnValueIfNoMapping">
<value>false</value>
</property -->
</bean>
<!-- /// End Sample UserTypeMapper Beans /// -->
</beans>
--------------------------***********************------------------------
But i cannot login with testuser. What should I do?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-user/attachments/20110729/3fb5e5ba/attachment-0001.html
More information about the sakai-user
mailing list