[Using Sakai] Sakai 2.9 multiple LDAP servers
Fatemeh Asl
aa2821 at nyumc.org
Thu Feb 28 12:03:23 PST 2013
Sam,
Yes, we have the same username in both LDAPs.
May be I needed to post more of the log; this is the part that comes
right before the LDAP exception that I posted before.
2013-02-28 14:20:04,710 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getUserByEid(): [eid = aaaa]
2013-02-28 14:20:04,710 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getCachedUserEntry(): [eid = aaaa]
2013-02-28 14:20:04,710 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getCachedUserEntry(): cache access [found entry = true
][entry expired = false]
2013-02-28 14:20:04,710 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getUserByEid(): found cached user [eid = aaaa]
2013-02-28 14:20:04,710 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - mapUserDataOntoUserEdit() [cache record =
edu.amc.sakai.user.LdapUserData at 779bc3e1[
eid=aaaa
firstName=Fatemeh
preferredFirstName=<null>
lastName=Asl
email=Fatemah.Asl at MYUNIV.org
type=
properties={distinguishedName=CN=aaaa,OU=
MYUNIV Users,DC=MYUNIV,DC=org,
udp.dn=CN=aaaa,OU=MYUNIV Users,DC=MYUNIV,DC=org}
]]
2013-02-28 14:20:04,712 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): [userLogin = aaaa]
2013-02-28 14:20:04,712 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): allocating connection for login
[userLogin = aaaa]
2013-02-28 14:20:04,934 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - lookupUserEntryDN(): [eid = aaaa][reusing conn = true]
2013-02-28 14:20:04,935 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getUserByEid(): [eid = aaaa]
2013-02-28 14:20:04,935 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getCachedUserEntry(): [eid = aaaa]
2013-02-28 14:20:04,935 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getCachedUserEntry(): cache access [found entry = true]
[entry expired = false]
2013-02-28 14:20:04,935 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getUserByEid(): found cached user [eid = aaaa]
2013-02-28 14:20:04,935 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): returning connection to pool
[userLogin = aaaa]
2013-02-28 14:20:04,936 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): attempting to allocate bound
connection [userLogin =
aaaa][bind dn [CN=aaaa,OU=MYUNIV Users,DC=MYUNIV,DC=org]
2013-02-28 14:20:05,154 WARN ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): invalid credentials
[userLogin = aaaa]
2013-02-28 14:20:05,154 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): [userLogin = aaaa]
2013-02-28 14:20:05,154 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): allocating connection for login
[userLogin = aaaa]
2013-02-28 14:20:05,280 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - lookupUserEntryDN(): [eid = aaaa][reusing conn = true]
2013-02-28 14:20:05,280 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getUserByEid(): [eid = aaaa]
2013-02-28 14:20:05,280 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getCachedUserEntry(): [eid = aaaa]
2013-02-28 14:20:05,281 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getCachedUserEntry(): cache access
[found entry = true][entry expired = false]
2013-02-28 14:20:05,281 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - getUserByEid(): found cached user [eid = aaaa]
2013-02-28 14:20:05,281 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): returning connection to pool
[userLogin = aaaa]
2013-02-28 14:20:05,281 DEBUG ajp-bio-9110-exec-4 edu.amc.sakai.user.
JLDAPDirectoryProvider - authenticateUser(): attempting to allocate bound
connection [userLogin = aaaa][bind dn [CN=aaaa,OU=MYUNIV
Users,DC=MYUNIV,DC=org]
After it finds me by getCachedUserEntry(), first tries to authenticate me
against the first LDAP but it gets
' invalid credentials [userLogin = aaaa]'. Then it takes the nextprovider
but uses the same baseDN to
bound: attempting to allocate bound
connection [userLogin = aaaa][bind dn
[CN=aaaa,OU=MYUNIV Users,DC=MYUNIV,DC=org]
If this is not coming from the cache, it should be coming
from sakai local db SAKAI_USER_ID_MAP table,
I think. So how can I make sakai to search for external
users by email, which is unique rather than by
username (eid)?
By the way, I don't have any problem when I only use one LDAP, and any of them.
Thanks
Fatemeh
More information about the sakai-user
mailing list