You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@lenya.apache.org by Richard Frovarp <ri...@sendit.nodak.edu> on 2008/05/01 22:35:22 UTC
Re: Support for Active Directory???
jazzhazze wrote:
> I've found the HTML-source of the error page that occurs when I try to add a
> LDAP-user. It looks like this:
>
> stacktracejava.lang.NullPointerException
> at java.util.Hashtable.put(Hashtable.java:396)
> at org.apache.lenya.ac.ldap.LDAPUser.bind(LDAPUser.java:359)
> at org.apache.lenya.ac.ldap.LDAPUser.getDirectoryEntry(LDAPUser.java:434)
> at org.apache.lenya.ac.ldap.LDAPUser.existsUser(LDAPUser.java:146)
> at org.apache.lenya.cms.ac.usecases.AddUser.validate(AddUser.java:75)
> at
> org.apache.lenya.cms.ac.usecases.AddUser.doCheckExecutionConditions(AddUser.java:96)
> at
>
Somehow the principal being passed in is null. You probably haven't set
the mgr-dn property in the ldap config file.
Richard
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
For additional commands, e-mail: user-help@lenya.apache.org
Re: Support for Active Directory???
Posted by jazzhazze <ha...@glocalnet.net>.
Thanks!
BTW, are there any "easy" ways (preferable ready-made recipes ) to include a
NTLM filter in Lenya to receive the user id, thus passing it on to
Shibboleth (for example) for verification against LDAP? A custom
authenticator in other words?
Andreas Hartmann wrote:
>
> jazzhazze schrieb:
>> Ok!
>> I have to admit that I'm not so very familiar with the Eclipse debugger.
>> How
>> does it work?
>
> I have added a little how-to to the documentation:
>
> https://lenya.zones.apache.org/cms/docu/live/docu20/tutorials/setupide.html
>
> -- Andreas
>
>>
>>
>> Andreas Hartmann wrote:
>>> jazzhazze schrieb:
>>>> Ok!
>>>> But then maybe the delegation doesn't work properly, i.e Lenya can't
>>>> verify
>>>> against LDAP that the password an user enter is correct.
>>>>
>>>> Is there any way to verify that the delegation procedures work fine?
>>> Have you tried to debug the authentication? You could step through the
>>> method in the Eclipse debugger, this will certainly help - at least if
>>> the problem is on the client side.
>>>
>>> -- Andreas
>>>
>>>
>>>> By the way, I will start another thread about Kupu, because it is very
>>>> frustrating...
>>>>
>>>>
>>>> Andreas Hartmann wrote:
>>>>> jazzhazze schrieb:
>>>>>> That really helped! Thank you!
>>>>>> Now it works to import users from AD. The only thing is that is seems
>>>>>> like
>>>>>> the AD passwords aren't imported along with the users? Thus it isn't
>>>>>> possible for the users to log in to Lenya using their AD passwords.
>>>>> AFAIK the passwords aren't imported, but the authentication is
>>>>> delegated
>>>>> to the LDAP server. I don't know if this information helps you,
>>>>> though.
>>>>>
>>>>> -- Andreas
>>>>>
>>>>>
>>>>>>
>>>>>> Richard Frovarp wrote:
>>>>>>> jazzhazze wrote:
>>>>>>>> I've found the HTML-source of the error page that occurs when I try
>>>>>>>> to
>>>>>>>> add a
>>>>>>>> LDAP-user. It looks like this:
>>>>>>>>
>>>>>>>> stacktracejava.lang.NullPointerException
>>>>>>>> at java.util.Hashtable.put(Hashtable.java:396)
>>>>>>>> at org.apache.lenya.ac.ldap.LDAPUser.bind(LDAPUser.java:359)
>>>>>>>> at
>>>>>>>> org.apache.lenya.ac.ldap.LDAPUser.getDirectoryEntry(LDAPUser.java:434)
>>>>>>>> at org.apache.lenya.ac.ldap.LDAPUser.existsUser(LDAPUser.java:146)
>>>>>>>> at
>>>>>>>> org.apache.lenya.cms.ac.usecases.AddUser.validate(AddUser.java:75)
>>>>>>>> at
>>>>>>>> org.apache.lenya.cms.ac.usecases.AddUser.doCheckExecutionConditions(AddUser.java:96)
>>>>>>>> at
>>>>>>>>
>>>>>>> Somehow the principal being passed in is null. You probably haven't
>>>>>>> set
>>>>>>> the mgr-dn property in the ldap config file.
>>>>>>>
>>>>>>> Richard
>>>>>>>
>>>>>>> ---------------------------------------------------------------------
>>>>>>> To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
>>>>>>> For additional commands, e-mail: user-help@lenya.apache.org
>>>>>>>
>>>>>>>
>>>>>>>
>>>>> --
>>>>> Andreas Hartmann, CTO
>>>>> BeCompany GmbH
>>>>> http://www.becompany.ch
>>>>> Tel.: +41 (0) 43 818 57 01
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
>>>>> For additional commands, e-mail: user-help@lenya.apache.org
>>>>>
>>>>>
>>>>>
>>>
>>> --
>>> Andreas Hartmann, CTO
>>> BeCompany GmbH
>>> http://www.becompany.ch
>>> Tel.: +41 (0) 43 818 57 01
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
>>> For additional commands, e-mail: user-help@lenya.apache.org
>>>
>>>
>>>
>>
>
>
> --
> Andreas Hartmann, CTO
> BeCompany GmbH
> http://www.becompany.ch
> Tel.: +41 (0) 43 818 57 01
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
> For additional commands, e-mail: user-help@lenya.apache.org
>
>
>
:clap::clap::clap::clap:
--
View this message in context: http://www.nabble.com/Support-for-Active-Directory----tp16720195p17229934.html
Sent from the Lenya - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
For additional commands, e-mail: user-help@lenya.apache.org
Re: Support for Active Directory???
Posted by Andreas Hartmann <an...@apache.org>.
jazzhazze schrieb:
> Ok!
> I have to admit that I'm not so very familiar with the Eclipse debugger. How
> does it work?
I have added a little how-to to the documentation:
https://lenya.zones.apache.org/cms/docu/live/docu20/tutorials/setupide.html
-- Andreas
>
>
> Andreas Hartmann wrote:
>> jazzhazze schrieb:
>>> Ok!
>>> But then maybe the delegation doesn't work properly, i.e Lenya can't
>>> verify
>>> against LDAP that the password an user enter is correct.
>>>
>>> Is there any way to verify that the delegation procedures work fine?
>> Have you tried to debug the authentication? You could step through the
>> method in the Eclipse debugger, this will certainly help - at least if
>> the problem is on the client side.
>>
>> -- Andreas
>>
>>
>>> By the way, I will start another thread about Kupu, because it is very
>>> frustrating...
>>>
>>>
>>> Andreas Hartmann wrote:
>>>> jazzhazze schrieb:
>>>>> That really helped! Thank you!
>>>>> Now it works to import users from AD. The only thing is that is seems
>>>>> like
>>>>> the AD passwords aren't imported along with the users? Thus it isn't
>>>>> possible for the users to log in to Lenya using their AD passwords.
>>>> AFAIK the passwords aren't imported, but the authentication is delegated
>>>> to the LDAP server. I don't know if this information helps you, though.
>>>>
>>>> -- Andreas
>>>>
>>>>
>>>>>
>>>>> Richard Frovarp wrote:
>>>>>> jazzhazze wrote:
>>>>>>> I've found the HTML-source of the error page that occurs when I try
>>>>>>> to
>>>>>>> add a
>>>>>>> LDAP-user. It looks like this:
>>>>>>>
>>>>>>> stacktracejava.lang.NullPointerException
>>>>>>> at java.util.Hashtable.put(Hashtable.java:396)
>>>>>>> at org.apache.lenya.ac.ldap.LDAPUser.bind(LDAPUser.java:359)
>>>>>>> at
>>>>>>> org.apache.lenya.ac.ldap.LDAPUser.getDirectoryEntry(LDAPUser.java:434)
>>>>>>> at org.apache.lenya.ac.ldap.LDAPUser.existsUser(LDAPUser.java:146)
>>>>>>> at
>>>>>>> org.apache.lenya.cms.ac.usecases.AddUser.validate(AddUser.java:75)
>>>>>>> at
>>>>>>> org.apache.lenya.cms.ac.usecases.AddUser.doCheckExecutionConditions(AddUser.java:96)
>>>>>>> at
>>>>>>>
>>>>>> Somehow the principal being passed in is null. You probably haven't
>>>>>> set
>>>>>> the mgr-dn property in the ldap config file.
>>>>>>
>>>>>> Richard
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
>>>>>> For additional commands, e-mail: user-help@lenya.apache.org
>>>>>>
>>>>>>
>>>>>>
>>>> --
>>>> Andreas Hartmann, CTO
>>>> BeCompany GmbH
>>>> http://www.becompany.ch
>>>> Tel.: +41 (0) 43 818 57 01
>>>>
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
>>>> For additional commands, e-mail: user-help@lenya.apache.org
>>>>
>>>>
>>>>
>>
>> --
>> Andreas Hartmann, CTO
>> BeCompany GmbH
>> http://www.becompany.ch
>> Tel.: +41 (0) 43 818 57 01
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
>> For additional commands, e-mail: user-help@lenya.apache.org
>>
>>
>>
>
--
Andreas Hartmann, CTO
BeCompany GmbH
http://www.becompany.ch
Tel.: +41 (0) 43 818 57 01
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
For additional commands, e-mail: user-help@lenya.apache.org
Re: Support for Active Directory???
Posted by jazzhazze <ha...@glocalnet.net>.
Ok!
I have to admit that I'm not so very familiar with the Eclipse debugger. How
does it work?
Andreas Hartmann wrote:
>
> jazzhazze schrieb:
>> Ok!
>> But then maybe the delegation doesn't work properly, i.e Lenya can't
>> verify
>> against LDAP that the password an user enter is correct.
>>
>> Is there any way to verify that the delegation procedures work fine?
>
> Have you tried to debug the authentication? You could step through the
> method in the Eclipse debugger, this will certainly help - at least if
> the problem is on the client side.
>
> -- Andreas
>
>
>>
>> By the way, I will start another thread about Kupu, because it is very
>> frustrating...
>>
>>
>> Andreas Hartmann wrote:
>>> jazzhazze schrieb:
>>>> That really helped! Thank you!
>>>> Now it works to import users from AD. The only thing is that is seems
>>>> like
>>>> the AD passwords aren't imported along with the users? Thus it isn't
>>>> possible for the users to log in to Lenya using their AD passwords.
>>> AFAIK the passwords aren't imported, but the authentication is delegated
>>> to the LDAP server. I don't know if this information helps you, though.
>>>
>>> -- Andreas
>>>
>>>
>>>>
>>>>
>>>> Richard Frovarp wrote:
>>>>> jazzhazze wrote:
>>>>>> I've found the HTML-source of the error page that occurs when I try
>>>>>> to
>>>>>> add a
>>>>>> LDAP-user. It looks like this:
>>>>>>
>>>>>> stacktracejava.lang.NullPointerException
>>>>>> at java.util.Hashtable.put(Hashtable.java:396)
>>>>>> at org.apache.lenya.ac.ldap.LDAPUser.bind(LDAPUser.java:359)
>>>>>> at
>>>>>> org.apache.lenya.ac.ldap.LDAPUser.getDirectoryEntry(LDAPUser.java:434)
>>>>>> at org.apache.lenya.ac.ldap.LDAPUser.existsUser(LDAPUser.java:146)
>>>>>> at
>>>>>> org.apache.lenya.cms.ac.usecases.AddUser.validate(AddUser.java:75)
>>>>>> at
>>>>>> org.apache.lenya.cms.ac.usecases.AddUser.doCheckExecutionConditions(AddUser.java:96)
>>>>>> at
>>>>>>
>>>>> Somehow the principal being passed in is null. You probably haven't
>>>>> set
>>>>> the mgr-dn property in the ldap config file.
>>>>>
>>>>> Richard
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
>>>>> For additional commands, e-mail: user-help@lenya.apache.org
>>>>>
>>>>>
>>>>>
>>>
>>> --
>>> Andreas Hartmann, CTO
>>> BeCompany GmbH
>>> http://www.becompany.ch
>>> Tel.: +41 (0) 43 818 57 01
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
>>> For additional commands, e-mail: user-help@lenya.apache.org
>>>
>>>
>>>
>>
>
>
> --
> Andreas Hartmann, CTO
> BeCompany GmbH
> http://www.becompany.ch
> Tel.: +41 (0) 43 818 57 01
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
> For additional commands, e-mail: user-help@lenya.apache.org
>
>
>
--
View this message in context: http://www.nabble.com/Support-for-Active-Directory----tp16720195p17099981.html
Sent from the Lenya - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
For additional commands, e-mail: user-help@lenya.apache.org
Re: Support for Active Directory???
Posted by Andreas Hartmann <an...@apache.org>.
jazzhazze schrieb:
> Ok!
> But then maybe the delegation doesn't work properly, i.e Lenya can't verify
> against LDAP that the password an user enter is correct.
>
> Is there any way to verify that the delegation procedures work fine?
Have you tried to debug the authentication? You could step through the
method in the Eclipse debugger, this will certainly help - at least if
the problem is on the client side.
-- Andreas
>
> By the way, I will start another thread about Kupu, because it is very
> frustrating...
>
>
> Andreas Hartmann wrote:
>> jazzhazze schrieb:
>>> That really helped! Thank you!
>>> Now it works to import users from AD. The only thing is that is seems
>>> like
>>> the AD passwords aren't imported along with the users? Thus it isn't
>>> possible for the users to log in to Lenya using their AD passwords.
>> AFAIK the passwords aren't imported, but the authentication is delegated
>> to the LDAP server. I don't know if this information helps you, though.
>>
>> -- Andreas
>>
>>
>>>
>>>
>>> Richard Frovarp wrote:
>>>> jazzhazze wrote:
>>>>> I've found the HTML-source of the error page that occurs when I try to
>>>>> add a
>>>>> LDAP-user. It looks like this:
>>>>>
>>>>> stacktracejava.lang.NullPointerException
>>>>> at java.util.Hashtable.put(Hashtable.java:396)
>>>>> at org.apache.lenya.ac.ldap.LDAPUser.bind(LDAPUser.java:359)
>>>>> at
>>>>> org.apache.lenya.ac.ldap.LDAPUser.getDirectoryEntry(LDAPUser.java:434)
>>>>> at org.apache.lenya.ac.ldap.LDAPUser.existsUser(LDAPUser.java:146)
>>>>> at org.apache.lenya.cms.ac.usecases.AddUser.validate(AddUser.java:75)
>>>>> at
>>>>> org.apache.lenya.cms.ac.usecases.AddUser.doCheckExecutionConditions(AddUser.java:96)
>>>>> at
>>>>>
>>>> Somehow the principal being passed in is null. You probably haven't set
>>>> the mgr-dn property in the ldap config file.
>>>>
>>>> Richard
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
>>>> For additional commands, e-mail: user-help@lenya.apache.org
>>>>
>>>>
>>>>
>>
>> --
>> Andreas Hartmann, CTO
>> BeCompany GmbH
>> http://www.becompany.ch
>> Tel.: +41 (0) 43 818 57 01
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
>> For additional commands, e-mail: user-help@lenya.apache.org
>>
>>
>>
>
--
Andreas Hartmann, CTO
BeCompany GmbH
http://www.becompany.ch
Tel.: +41 (0) 43 818 57 01
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
For additional commands, e-mail: user-help@lenya.apache.org
Re: Support for Active Directory???
Posted by jazzhazze <ha...@glocalnet.net>.
Ok!
But then maybe the delegation doesn't work properly, i.e Lenya can't verify
against LDAP that the password an user enter is correct.
Is there any way to verify that the delegation procedures work fine?
By the way, I will start another thread about Kupu, because it is very
frustrating...
Andreas Hartmann wrote:
>
> jazzhazze schrieb:
>> That really helped! Thank you!
>> Now it works to import users from AD. The only thing is that is seems
>> like
>> the AD passwords aren't imported along with the users? Thus it isn't
>> possible for the users to log in to Lenya using their AD passwords.
>
> AFAIK the passwords aren't imported, but the authentication is delegated
> to the LDAP server. I don't know if this information helps you, though.
>
> -- Andreas
>
>
>>
>>
>>
>> Richard Frovarp wrote:
>>> jazzhazze wrote:
>>>> I've found the HTML-source of the error page that occurs when I try to
>>>> add a
>>>> LDAP-user. It looks like this:
>>>>
>>>> stacktracejava.lang.NullPointerException
>>>> at java.util.Hashtable.put(Hashtable.java:396)
>>>> at org.apache.lenya.ac.ldap.LDAPUser.bind(LDAPUser.java:359)
>>>> at
>>>> org.apache.lenya.ac.ldap.LDAPUser.getDirectoryEntry(LDAPUser.java:434)
>>>> at org.apache.lenya.ac.ldap.LDAPUser.existsUser(LDAPUser.java:146)
>>>> at org.apache.lenya.cms.ac.usecases.AddUser.validate(AddUser.java:75)
>>>> at
>>>> org.apache.lenya.cms.ac.usecases.AddUser.doCheckExecutionConditions(AddUser.java:96)
>>>> at
>>>>
>>> Somehow the principal being passed in is null. You probably haven't set
>>> the mgr-dn property in the ldap config file.
>>>
>>> Richard
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
>>> For additional commands, e-mail: user-help@lenya.apache.org
>>>
>>>
>>>
>>
>
>
> --
> Andreas Hartmann, CTO
> BeCompany GmbH
> http://www.becompany.ch
> Tel.: +41 (0) 43 818 57 01
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
> For additional commands, e-mail: user-help@lenya.apache.org
>
>
>
--
View this message in context: http://www.nabble.com/Support-for-Active-Directory----tp16720195p17099639.html
Sent from the Lenya - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
For additional commands, e-mail: user-help@lenya.apache.org
Re: Support for Active Directory???
Posted by Andreas Hartmann <an...@apache.org>.
jazzhazze schrieb:
> That really helped! Thank you!
> Now it works to import users from AD. The only thing is that is seems like
> the AD passwords aren't imported along with the users? Thus it isn't
> possible for the users to log in to Lenya using their AD passwords.
AFAIK the passwords aren't imported, but the authentication is delegated
to the LDAP server. I don't know if this information helps you, though.
-- Andreas
>
>
>
> Richard Frovarp wrote:
>> jazzhazze wrote:
>>> I've found the HTML-source of the error page that occurs when I try to
>>> add a
>>> LDAP-user. It looks like this:
>>>
>>> stacktracejava.lang.NullPointerException
>>> at java.util.Hashtable.put(Hashtable.java:396)
>>> at org.apache.lenya.ac.ldap.LDAPUser.bind(LDAPUser.java:359)
>>> at
>>> org.apache.lenya.ac.ldap.LDAPUser.getDirectoryEntry(LDAPUser.java:434)
>>> at org.apache.lenya.ac.ldap.LDAPUser.existsUser(LDAPUser.java:146)
>>> at org.apache.lenya.cms.ac.usecases.AddUser.validate(AddUser.java:75)
>>> at
>>> org.apache.lenya.cms.ac.usecases.AddUser.doCheckExecutionConditions(AddUser.java:96)
>>> at
>>>
>> Somehow the principal being passed in is null. You probably haven't set
>> the mgr-dn property in the ldap config file.
>>
>> Richard
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
>> For additional commands, e-mail: user-help@lenya.apache.org
>>
>>
>>
>
--
Andreas Hartmann, CTO
BeCompany GmbH
http://www.becompany.ch
Tel.: +41 (0) 43 818 57 01
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
For additional commands, e-mail: user-help@lenya.apache.org
Re: Support for Active Directory???
Posted by jazzhazze <ha...@glocalnet.net>.
That really helped! Thank you!
Now it works to import users from AD. The only thing is that is seems like
the AD passwords aren't imported along with the users? Thus it isn't
possible for the users to log in to Lenya using their AD passwords.
Richard Frovarp wrote:
>
> jazzhazze wrote:
>> I've found the HTML-source of the error page that occurs when I try to
>> add a
>> LDAP-user. It looks like this:
>>
>> stacktracejava.lang.NullPointerException
>> at java.util.Hashtable.put(Hashtable.java:396)
>> at org.apache.lenya.ac.ldap.LDAPUser.bind(LDAPUser.java:359)
>> at
>> org.apache.lenya.ac.ldap.LDAPUser.getDirectoryEntry(LDAPUser.java:434)
>> at org.apache.lenya.ac.ldap.LDAPUser.existsUser(LDAPUser.java:146)
>> at org.apache.lenya.cms.ac.usecases.AddUser.validate(AddUser.java:75)
>> at
>> org.apache.lenya.cms.ac.usecases.AddUser.doCheckExecutionConditions(AddUser.java:96)
>> at
>>
>
> Somehow the principal being passed in is null. You probably haven't set
> the mgr-dn property in the ldap config file.
>
> Richard
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
> For additional commands, e-mail: user-help@lenya.apache.org
>
>
>
--
View this message in context: http://www.nabble.com/Support-for-Active-Directory----tp16720195p17053942.html
Sent from the Lenya - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
For additional commands, e-mail: user-help@lenya.apache.org
Re: Support for Active Directory???
Posted by Andreas Hartmann <an...@apache.org>.
jazzhazze schrieb:
> Maybe I should explain the purposes of my site to give a better understanding
> of the problems I'm facing.
>
> I'm building a new site for a department of our enterprise. All the
> enterprise's computers/users are connected to an intranet. My site should be
> accessible for all users who are connected to the intranet, except for
> certain pages. Those pages should be restricted to the users belonging to
> this specific department only. All users are stored in AD and the idea is
> that you should only need to login once, and that is when you logon to the
> intranet. The present outdated site, based on Java too, uses a
> LDAP-connection to verify if an user belongs to this department, thus
> granting or denying access to some of the pages.
>
> My idea was to build the site using Lenya and then importing all the users
> that are allowed to visit certain pages and create a specific group for
> them. As the site is only accessible from inside of the intranet I guess all
> users on the intranet belong to the "world" visitor group in Lenya.
>
> The point is that no visitor of the website, even the "special visitors"
> should have to login manually to the site (of course the admin, reviewer,
> site manager etc should log in).
IIUC you want single sign-on for certain users. This is not possible out
of the box, but can be achieved by implementing a custom authenticator.
There's a branch of 1.2 in SVN which supports SSO via Shibboleth. You
could try to use it as a starting point for implementing SSO for the
infrastructure of your enterprise.
-- Andreas
--
Andreas Hartmann, CTO
BeCompany GmbH
http://www.becompany.ch
Tel.: +41 (0) 43 818 57 01
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
For additional commands, e-mail: user-help@lenya.apache.org
Re: Support for Active Directory???
Posted by jazzhazze <ha...@glocalnet.net>.
Maybe I should explain the purposes of my site to give a better understanding
of the problems I'm facing.
I'm building a new site for a department of our enterprise. All the
enterprise's computers/users are connected to an intranet. My site should be
accessible for all users who are connected to the intranet, except for
certain pages. Those pages should be restricted to the users belonging to
this specific department only. All users are stored in AD and the idea is
that you should only need to login once, and that is when you logon to the
intranet. The present outdated site, based on Java too, uses a
LDAP-connection to verify if an user belongs to this department, thus
granting or denying access to some of the pages.
My idea was to build the site using Lenya and then importing all the users
that are allowed to visit certain pages and create a specific group for
them. As the site is only accessible from inside of the intranet I guess all
users on the intranet belong to the "world" visitor group in Lenya.
The point is that no visitor of the website, even the "special visitors"
should have to login manually to the site (of course the admin, reviewer,
site manager etc should log in). When a visitor should want to visit one of
the restricted pages, an automatic connection should be made to the AD,
verifying if the visitor should be granted access or not (just like it works
now with the present site).
I wonder if this is possible at all with Lenya??
Richard Frovarp wrote:
>
> jazzhazze wrote:
>> I've found the HTML-source of the error page that occurs when I try to
>> add a
>> LDAP-user. It looks like this:
>>
>> stacktracejava.lang.NullPointerException
>> at java.util.Hashtable.put(Hashtable.java:396)
>> at org.apache.lenya.ac.ldap.LDAPUser.bind(LDAPUser.java:359)
>> at
>> org.apache.lenya.ac.ldap.LDAPUser.getDirectoryEntry(LDAPUser.java:434)
>> at org.apache.lenya.ac.ldap.LDAPUser.existsUser(LDAPUser.java:146)
>> at org.apache.lenya.cms.ac.usecases.AddUser.validate(AddUser.java:75)
>> at
>> org.apache.lenya.cms.ac.usecases.AddUser.doCheckExecutionConditions(AddUser.java:96)
>> at
>>
>
> Somehow the principal being passed in is null. You probably haven't set
> the mgr-dn property in the ldap config file.
>
> Richard
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
> For additional commands, e-mail: user-help@lenya.apache.org
>
>
>
--
View this message in context: http://www.nabble.com/Support-for-Active-Directory----tp16720195p17079343.html
Sent from the Lenya - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@lenya.apache.org
For additional commands, e-mail: user-help@lenya.apache.org