[Using Sakai] Sakai 2.9 multiple LDAP servers

Fatemeh Asl aa2821 at nyumc.org
Thu Feb 28 12:03:23 PST 2013 

Sam,

Yes, we have the same username  in both LDAPs. 

May be I needed to post more of the log; this is the part that comes
 right before the LDAP exception that I posted before.


2013-02-28 14:20:04,710 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getUserByEid(): [eid = aaaa]
2013-02-28 14:20:04,710 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getCachedUserEntry(): [eid = aaaa]
2013-02-28 14:20:04,710 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getCachedUserEntry(): cache access [found entry = true
][entry expired = false]
2013-02-28 14:20:04,710 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getUserByEid(): found cached user [eid = aaaa]
2013-02-28 14:20:04,710 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - mapUserDataOntoUserEdit() [cache record = 
edu.amc.sakai.user.LdapUserData at 779bc3e1[
  eid=aaaa
  firstName=Fatemeh
  preferredFirstName=<null>
  lastName=Asl
  email=Fatemah.Asl at MYUNIV.org
  type=
  properties={distinguishedName=CN=aaaa,OU=
MYUNIV Users,DC=MYUNIV,DC=org, 
udp.dn=CN=aaaa,OU=MYUNIV Users,DC=MYUNIV,DC=org}
]]
2013-02-28 14:20:04,712 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): [userLogin = aaaa]
2013-02-28 14:20:04,712 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): allocating connection for login
 [userLogin = aaaa]
2013-02-28 14:20:04,934 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - lookupUserEntryDN(): [eid = aaaa][reusing conn = true]
2013-02-28 14:20:04,935 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getUserByEid(): [eid = aaaa]
2013-02-28 14:20:04,935 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getCachedUserEntry(): [eid = aaaa]
2013-02-28 14:20:04,935 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getCachedUserEntry(): cache access [found entry = true]
[entry expired = false]
2013-02-28 14:20:04,935 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getUserByEid(): found cached user [eid = aaaa]
2013-02-28 14:20:04,935 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): returning connection to pool
 [userLogin = aaaa]
2013-02-28 14:20:04,936 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): attempting to allocate bound
 connection [userLogin = 
aaaa][bind dn [CN=aaaa,OU=MYUNIV Users,DC=MYUNIV,DC=org]
2013-02-28 14:20:05,154  WARN ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): invalid credentials
 [userLogin = aaaa]
2013-02-28 14:20:05,154 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): [userLogin = aaaa]
2013-02-28 14:20:05,154 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): allocating connection for login
 [userLogin = aaaa]
2013-02-28 14:20:05,280 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - lookupUserEntryDN(): [eid = aaaa][reusing conn = true]
2013-02-28 14:20:05,280 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getUserByEid(): [eid = aaaa]
2013-02-28 14:20:05,280 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getCachedUserEntry(): [eid = aaaa]
2013-02-28 14:20:05,281 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getCachedUserEntry(): cache access
 [found entry = true][entry expired = false]
2013-02-28 14:20:05,281 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getUserByEid(): found cached user [eid = aaaa]
2013-02-28 14:20:05,281 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): returning connection to pool
 [userLogin = aaaa]
2013-02-28 14:20:05,281 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): attempting to allocate bound 
connection [userLogin = aaaa][bind dn [CN=aaaa,OU=MYUNIV
 Users,DC=MYUNIV,DC=org]


After it finds me by getCachedUserEntry(), first tries to authenticate me
 against the first LDAP but it gets 
' invalid credentials [userLogin = aaaa]'. Then it takes the nextprovider
 but uses the same baseDN to 
bound: attempting to allocate bound 
connection [userLogin = aaaa][bind dn 
[CN=aaaa,OU=MYUNIV Users,DC=MYUNIV,DC=org]

If this is not coming from the cache, it should be coming
 from sakai local db SAKAI_USER_ID_MAP table, 
I think. So how can I make sakai to search for external
 users by email, which is unique rather than by 
username (eid)?

By the way, I don't have any problem when I only use one LDAP, and any of them.

Thanks
Fatemeh

More information about the sakai-user mailing list