You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@lenya.apache.org by "J. Wolfgang Kaltz" <ka...@interactivesystems.info> on 2004/11/02 16:28:11 UTC
Re: LDAP Integration and Windows 2003
Linczak, Jonathan W. wrote:
> You've basically nailed the question I have been trying to desparately answer. I've modified quite a few things in the source file LDAPUser.java in order to accommodate for connecting to Active Directory, but the farthest my colleague and I have ever been able to get is to the point where it connects, binds, and does a search, but it can never find the LDAP user we are trying to enter into Lenya. The existsUser() function always comes back with null, so the user-admin.js file takes us right back to the form, telling us the user doesn't exist.
>
> I even tried to hack backwards and assume that the user was entered by creating a .iml file in pubs/default/config/ac/passwd/ that made the user an LDAP user with a certain ldapid, but when I log in, it keeps telling me that I cannot authenticate. Part of me thinks I don't understand everything that's going on here in the Java code (for example, does context.search search on one level or a sub-tree level?). If anyone has ever successfully gotten LDAP to work with Active Directory without anonymous binding, please speak up!! I think there's a real need here to get something working and a tutorial written, because it would help attract more users to this wonderful product.
Jon,
I'm currently trying out the changes to LDAPUser.java suggested by
Markus in another thread, that is recursive searching etc. If you like,
I can test whether I can authenticate via your Active Directory server,
if you provide me with a test user and the necessary data. Myself, I
don't have access to an MS Active Directory server (using OpenLDAP here)
to test that.
Mail me with the test data if you're interested.
Wolfgang
---------------------------------------------------------------------
To unsubscribe, e-mail: lenya-user-unsubscribe@cocoon.apache.org
For additional commands, e-mail: lenya-user-help@cocoon.apache.org
Re: LDAP Integration and Windows 2003
Posted by Jonathan Linczak <li...@hiram.edu>.
On Nov 2, 2004, at 10:59 AM, J. Wolfgang Kaltz wrote:
> Jonathan Linczak wrote:
>> Hi Wolfgang, I want to thank you first and foremost for being the
>> first person to try to come to my aid on LDAP and Active Directory
>> integration with Lenya, and I apologize if my frustrations are coming
>> out harshly to the community, but I just figured people were
>> overlooking something that many people would like to have. So, I sat
>> down and spent some quality time with the source file LDAPUser.java
>> and actually put together something that *finally* lets me connect to
>> Active Directory in the way that we needed it. I'm going to try to
>> put up a Wiki document outlining changes that I made to the source
>> file as well as the ldap.properties file in the hopes that we're not
>> the only one who has this Active Directory setup. I welcome people
>> to be able to look at the source file I created and see if there are
>> any bad Java programming habits that need to be cleaned up - I'm
>> still a rookie at Java stuff.
>> I will post the link here when the Wiki doc is completed, but for
>> those that want info quickly, send me an email and I'll try my best
>> to send you the info.
>
> Jon,
> no worries, I think it's simply a priority issue from the dev side;
> myself I currently have one or two hours free per day to work on
> Lenya, so I can try to help out on stuff I already know, such as
> LDAP.
>
> I don't think a new Wiki entry is appropriate here, lets try to put
> together a patch integrating your requirements, plus Markus's
> requirements from the other thread, into a common source file which
> can then make it into standard Lenya, probably not in the 1.2.1
> release but surely the next. I'm trying to integrate the changes in a
> way that the code is backwards compatible, that is, that existing
> ldap.properties settings will still work, and that "new stuff" is
> activated through new property entries.
>
> If it's alright with you, I suggest you either post your code changes
> to the lenya-dev list (more appropriate than this one), explaining why
> you changed what you did; or to post a patch to bugzilla. All
> discussions about source code changes are meant to happen on the dev
> mailing list (though personally I have no objections to being mailed
> directly)
>
> Til later then !
Thanks, that's very understandable on priorities - I sometimes forget
that people have real jobs outside of developing on Lenya. :) I have
gone with your suggestion and posted the code changes to the dev list
in the hopes it may be incorporated into a later release.
Jon
---------------------------------------------------------------------
To unsubscribe, e-mail: lenya-user-unsubscribe@cocoon.apache.org
For additional commands, e-mail: lenya-user-help@cocoon.apache.org
Re: LDAP Integration and Windows 2003
Posted by "J. Wolfgang Kaltz" <ka...@interactivesystems.info>.
Jonathan Linczak wrote:
> Hi Wolfgang, I want to thank you first and foremost for being the first
> person to try to come to my aid on LDAP and Active Directory integration
> with Lenya, and I apologize if my frustrations are coming out harshly to
> the community, but I just figured people were overlooking something that
> many people would like to have. So, I sat down and spent some quality
> time with the source file LDAPUser.java and actually put together
> something that *finally* lets me connect to Active Directory in the way
> that we needed it. I'm going to try to put up a Wiki document outlining
> changes that I made to the source file as well as the ldap.properties
> file in the hopes that we're not the only one who has this Active
> Directory setup. I welcome people to be able to look at the source file
> I created and see if there are any bad Java programming habits that need
> to be cleaned up - I'm still a rookie at Java stuff.
>
> I will post the link here when the Wiki doc is completed, but for those
> that want info quickly, send me an email and I'll try my best to send
> you the info.
Jon,
no worries, I think it's simply a priority issue from the dev side;
myself I currently have one or two hours free per day to work on Lenya,
so I can try to help out on stuff I already know, such as LDAP.
I don't think a new Wiki entry is appropriate here, lets try to put
together a patch integrating your requirements, plus Markus's
requirements from the other thread, into a common source file which can
then make it into standard Lenya, probably not in the 1.2.1 release but
surely the next. I'm trying to integrate the changes in a way that the
code is backwards compatible, that is, that existing ldap.properties
settings will still work, and that "new stuff" is activated through new
property entries.
If it's alright with you, I suggest you either post your code changes to
the lenya-dev list (more appropriate than this one), explaining why you
changed what you did; or to post a patch to bugzilla. All discussions
about source code changes are meant to happen on the dev mailing list
(though personally I have no objections to being mailed directly)
Til later then !
---------------------------------------------------------------------
To unsubscribe, e-mail: lenya-user-unsubscribe@cocoon.apache.org
For additional commands, e-mail: lenya-user-help@cocoon.apache.org
Re: LDAP Integration and Windows 2003
Posted by Jonathan Linczak <li...@hiram.edu>.
On Nov 2, 2004, at 10:28 AM, J. Wolfgang Kaltz wrote:
> Linczak, Jonathan W. wrote:
>> You've basically nailed the question I have been trying to
>> desparately answer. I've modified quite a few things in the source
>> file LDAPUser.java in order to accommodate for connecting to Active
>> Directory, but the farthest my colleague and I have ever been able to
>> get is to the point where it connects, binds, and does a search, but
>> it can never find the LDAP user we are trying to enter into Lenya.
>> The existsUser() function always comes back with null, so the
>> user-admin.js file takes us right back to the form, telling us the
>> user doesn't exist.
>> I even tried to hack backwards and assume that the user was entered
>> by creating a .iml file in pubs/default/config/ac/passwd/ that made
>> the user an LDAP user with a certain ldapid, but when I log in, it
>> keeps telling me that I cannot authenticate. Part of me thinks I
>> don't understand everything that's going on here in the Java code
>> (for example, does context.search search on one level or a sub-tree
>> level?). If anyone has ever successfully gotten LDAP to work with
>> Active Directory without anonymous binding, please speak up!! I
>> think there's a real need here to get something working and a
>> tutorial written, because it would help attract more users to this
>> wonderful product.
>
> Jon,
> I'm currently trying out the changes to LDAPUser.java suggested by
> Markus in another thread, that is recursive searching etc. If you
> like, I can test whether I can authenticate via your Active Directory
> server, if you provide me with a test user and the necessary data.
> Myself, I don't have access to an MS Active Directory server (using
> OpenLDAP here) to test that.
>
> Mail me with the test data if you're interested.
>
> Wolfgang
Hi Wolfgang, I want to thank you first and foremost for being the first
person to try to come to my aid on LDAP and Active Directory
integration with Lenya, and I apologize if my frustrations are coming
out harshly to the community, but I just figured people were
overlooking something that many people would like to have. So, I sat
down and spent some quality time with the source file LDAPUser.java and
actually put together something that *finally* lets me connect to
Active Directory in the way that we needed it. I'm going to try to put
up a Wiki document outlining changes that I made to the source file as
well as the ldap.properties file in the hopes that we're not the only
one who has this Active Directory setup. I welcome people to be able
to look at the source file I created and see if there are any bad Java
programming habits that need to be cleaned up - I'm still a rookie at
Java stuff.
I will post the link here when the Wiki doc is completed, but for those
that want info quickly, send me an email and I'll try my best to send
you the info.
Jon
---------------------------------------------------------------------
To unsubscribe, e-mail: lenya-user-unsubscribe@cocoon.apache.org
For additional commands, e-mail: lenya-user-help@cocoon.apache.org