[Using Sakai] Sakai 2.9 multiple LDAP servers

Fatemeh Asl aa2821 at nyumc.org
Thu Feb 28 10:31:32 PST 2013 

Hi everyone,

I have checked out sakai 2.9.x-all and trying
 to set it up to be albe to xlogin.
Our institution has two different LDAP servers
 and I have followed Steve's LDAP
integration instruction plus uncommented the 
Federating UserDirectoryProvider in
 /Providers/../WEB-INF/components.xml and also
 have defined 2 separate beans
named org.sakaiproject.user.api.
UserDirectoryProvider.provider1 and
org.sakaiproject.user.api.UserDirectoryProvider.
provider2 corresponding to each
one of our servers in jldap-bean.xml. 
I have an account on each one of these
server. The username is the same but the 
password is different (and actually
this is the case for a lot of our users). 
The problem is that I am never able to
login with my credential from second provider.
 when I try to loggin with my
second provider credentials sakai throws the
 following exception:

org.sakaiproject.portal.api.PortalHandlerException:
 java.lang.RuntimeException:
authenticateUser(): LDAPException during authentication
 attempt [userLogin =
aaaa][result code = No Such Object][error message = null]
    at
org.sakaiproject.portal.charon.handlers.ReLoginHandler.
doPost(ReLoginHandler.java:50)
caused by: java.lang.RuntimeException: authenticateUser():
 LDAPException during
authentication attempt [userLogin = aaaa][result code =
 No Such Object][error
message = null]
    at
org.sakaiproject.provider.user.FilterUserDirectoryProvider.
authenticateUser(FilterUserDirectoryProvider.java:513)
caused by: LDAPException: No Such Object (32) No Such Object
LDAPException: Matched DN: 
    at com.novell.ldap.LDAPResponse.getResultException(null:-1)
    at com.novell.ldap.LDAPResponse.chkResultCode(null:-1)
    at com.novell.ldap.LDAPConnection.chkResultCode(null:-1)
    at com.novell.ldap.LDAPConnection.bind(null:-1)
    at com.novell.ldap.LDAPConnection.bind(null:-1)
    at
edu.amc.sakai.user.SimpleLdapConnectionManager.bind
(SimpleLdapConnectionManager.java:109)
    at
edu.amc.sakai.user.SimpleLdapConnectionManager.
getBoundConnection(SimpleLdapConnectionManager.java:96)
    at
edu.amc.sakai.user.JLDAPDirectoryProvider.authenticateUser
(JLDAPDirectoryProvider.java:442)
    at
org.sakaiproject.provider.user.FilterUserDirectoryProvider.
authenticateUser(FilterUserDirectoryProvider.java:513)
    at
org.sakaiproject.provider.user.FilterUserDirectoryProvider.
authenticateUser(FilterUserDirectoryProvider.java:517)
    at
org.sakaiproject.user.impl.BaseUserDirectoryService.
getProviderAuthenticatedUser(BaseUserDirectoryService.java:1597)
    at
org.sakaiproject.user.impl.BaseUserDirectoryService.
authenticate(BaseUserDirectoryService.java:1540)
    at
org.sakaiproject.user.impl.UserAuthnComponent.
authenticate(UserAuthnComponent.java:108)
    at
org.sakaiproject.login.impl.LoginServiceComponent.
authenticate(LoginServiceComponent.java:90)
    at org.sakaiproject.login.tool.SkinnableLogin.doPost
(SkinnableLogin.java:250)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
    at
org.apache.catalina.core.ApplicationFilterChain.
internalDoFilter(ApplicationFilterChain.java:305)
    at
org.apache.catalina.core.ApplicationFilterChain.
doFilter(ApplicationFilterChain.java:210)
    at org.sakaiproject.util.RequestFilter.
doFilter(RequestFilter.java:634)
    at
org.apache.catalina.core.ApplicationFilterChain.
internalDoFilter(ApplicationFilterChain.java:243)
    at
org.apache.catalina.core.ApplicationFilterChain.
doFilter(ApplicationFilterChain.java:210)
    at
org.apache.catalina.core.ApplicationDispatcher.
invoke(ApplicationDispatcher.java:749)
    at
org.apache.catalina.core.ApplicationDispatcher.
processRequest(ApplicationDispatcher.java:487)
    at
org.apache.catalina.core.ApplicationDispatcher.
doForward(ApplicationDispatcher.java:379)
    at
org.apache.catalina.core.ApplicationDispatcher.
forward(ApplicationDispatcher.java:339)
    at
org.sakaiproject.tool.impl.ActiveToolComponent$MyActiveTool.
help(ActiveToolComponent.java:581)
    at
org.sakaiproject.portal.charon.SkinnableCharonPortal.
doLogin(SkinnableCharonPortal.java:972)
    at
org.sakaiproject.portal.charon.handlers.ReLoginHandler.
doGet(ReLoginHandler.java:65)
    at
org.sakaiproject.portal.charon.handlers.ReLoginHandler.
doPost(ReLoginHandler.java:50)
    at
org.sakaiproject.portal.charon.SkinnableCharonPortal.
doPost(SkinnableCharonPortal.java:1260)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
    at
org.apache.catalina.core.ApplicationFilterChain.
internalDoFilter(ApplicationFilterChain.java:305)
    at
org.apache.catalina.core.ApplicationFilterChain.
doFilter(ApplicationFilterChain.java:210)
    at org.sakaiproject.util.RequestFilter.
doFilter(RequestFilter.java:695)
    at
org.apache.catalina.core.ApplicationFilterChain.
internalDoFilter(ApplicationFilterChain.java:243)
    at
org.apache.catalina.core.ApplicationFilterChain.
doFilter(ApplicationFilterChain.java:210)
    at
org.apache.catalina.core.StandardWrapperValve.
invoke(StandardWrapperValve.java:222)
    at
org.apache.catalina.core.StandardContextValve.
invoke(StandardContextValve.java:123)
    at
org.apache.catalina.authenticator.AuthenticatorBase.
invoke(AuthenticatorBase.java:472)
    at org.apache.catalina.core.StandardHostValve.
invoke(StandardHostValve.java:171)
    at org.apache.catalina.valves.ErrorReportValve.
invoke(ErrorReportValve.java:99)
    at org.apache.catalina.valves.AccessLogValve.
invoke(AccessLogValve.java:936)
    at
org.apache.catalina.core.StandardEngineValve.
invoke(StandardEngineValve.java:118)
    at org.apache.catalina.connector.CoyoteAdapter.
service(CoyoteAdapter.java:407)
    at org.apache.coyote.ajp.AjpProcessor.
process(AjpProcessor.java:200)
    at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.
process(AbstractProtocol.java:589)
    at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.
run(JIoEndpoint.java:310)
    at
java.util.concurrent.ThreadPoolExecutor$Worker.
runTask(ThreadPoolExecutor.java:886)
    at
java.util.concurrent.ThreadPoolExecutor$Worker.
run(ThreadPoolExecutor.java:908)
    at java.lang.Thread.run(Thread.java:619)



My guess is that it tries to use the BindDn
 from the first prover while
connecting to second server. Because it already
 exists in userCache. I tried to
disable caching in sakai.properties but I couldn't. 

Let me mention that this setting is used to work
 perfectly fine with our sakai
2.7.1 version. the difference that I see between 2.7.1
 and 2.9 is the addition of 
		<property name="memoryService">
			<ref bean="org.sakaiproject.
memory.api.MemoryService"/>
		</property>
to UserDirectoryProvider bean in jldap-beans.xml, 
which is the caching memory
bean. I tried to instantiate separate instances of
 the memory bean for each one
of my userDirectoryProvider1 and userDirectoryProvider2
 in hope that would fix
the problem but I end up getting tones of errors.

Any help on this would be extremely appreciated.

Fatemeh

More information about the sakai-user mailing list