You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-user@portals.apache.org by cnguyen8 <cn...@hotmail.com> on 2012/03/01 20:31:24 UTC
Re: ldap configuration: a configuration starting to work
Hi ,
I'm trying to follow you guide but i'm still not fully understand.
I'm new with apacheDS and jetspeed.
Current setup -
Jetspeed 2.2.2
ApacheDS 1.5.5
I've configured so that Jetspeed 2.2.2 will use LDAP server.
on ApacheDS I have it stand alone running in the background.
Using Apache Studio, I connect to ApachedS.
>From ApacheDS console, I can see that when ever i try to login into
jetspeed.
It display information that user try to login but fail.
So I'm thinking that I need to load Jetspeed 2.2.2 schema into ApacheDS.
Using the jetspeed schema provided at the
http://portals.apache.org/jetspeed-2/deployguide/ldap.html doesn't do
anything. So when i try to import setup2.ldif, it fail because ApacheDS
doesn't know j2-classname:
This is where it starting to fail to import:
#!RESULT ERROR
#!CONNECTION ldap://localhost:10389
#!DATE 2012-03-01T13:46:47.187
#!ERROR [LDAP: error code 16 - NO_SUCH_ATTRIBUTE: failed for Add Request
: ClientEntry dn: cn=accounting,ou=Groups,ou=rootOrg,o=sevenSeas
objectClass: jetspeed-2-group objectClass: groupOfUniqueNames
objectClass: top uid: accounting uniquemember: user,local,sublocal
cn: accounting j2-classname: accounting : OID for name
'jetspeed-2-group' was not found within the OID registry]
dn: cn=accounting,ou=Groups,ou=rootOrg,o=sevenSeas
objectClass: jetspeed-2-group
objectClass: groupOfUniqueNames
objectClass: top
cn: accounting
j2-classname: accounting
uid: accounting
uniquemember: user,local,sublocal
Can you explain how did you manage to load this file? Assume you did load
jetspeed schema into apacheDS. How did you do it?
I tried to manual create a user in the apacheDS, but login still fail. It
did display my login information use as username, surname and such, but with
fail message.
Thanks
jerome.dupont wrote:
>
>
>
> Hello
>
> I'm still trying to make ldap work, and now it work more or less.
> I post this message to publish a working example in the web, and because
> I have some questions.
>
>
> 1/ Basic configuration: Jetpeed connects to ldap, and I have some users
> with which I can log in.
>
> With
> _ apacheDS 1.5.5 (NOT 1.5.7)
> _ loading jetspeed schema (but it doesn't seem absolutly necessary) (see
> in previous post)
> _ loading an appropriate users example file (consistent with default
> jetspeed 2.2.1 configuration.)
> I some example in test code, in ldif exemple (setup2):
>
> ./jetspeed-2-2.2.1/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/mapping/ldap/setup2/resources/setup2.ldif
>
>
> ./jetspeed-2-2.2.1/components/jetspeed-security/src/test/java/org/apache/jetspeed/security/mapping/ldap/setup1/resources/setup1.ldif
>
> I've imported setup2 in my ldap.
> _ matching property file with my ldap structure.
> this is the content of
> ./webapps/jetspeed/WEB-INF/conf/override.properties in my jetspeed demo
> configuration
> It's consistent with LDAP content
>
> #-------------------------------------------------------------------------
> # LDAP
> #-------------------------------------------------------------------------
>
> ldap.url=ldap://localhost:10389
> ldap.base=o=sevenSeas
> ldap.userDn=uid=admin,ou=system
> ldap.password=secret
> ldap.context.factory=com.sun.jndi.ldap.LdapCtxFactory
> ldap.user.filter=(objectclass=person)
> ldap.search.scope=2
> ldap.user.searchBase=o=Jetspeed
> ldap.user.entryPrefix=uid
> ldap.role.searchBase=ou=Roles,o=Jetspeed
> ldap.role.filter = (objectClass=groupOfUniqueNames)
> ldap.group.searchBase=ou=Groups,o=Jetspeed
> ldap.group.filter = (objectClass=groupOfUniqueNames)
> ldap.context.pool.maxActive = 20
> ldap.context.pool.maxIdle = 20
>
> #Turn on LDAP Security
> spring.filter.key = portal.ldap
>
> 2/ Setting manually a role to a user
> After this step I can connect, BUT no user has admin role
>
> I've search in xml and source code.
> Seemly, the relationship used to search (user<->role, or user <-> group,
> etc) are defined in
> Jetspeed-2.2.1/webapps/jetspeed/WEB-INF/assembly/security-ldap.xml file
>
> In xml file, we can see that user isMemberOf role will defined the
> relationship (in the ldif example it's something else, uniqueMember)
> When you look at AttributeBasedRelationDAO.java, there a very
> interesting comment.
> If I got the point, the bean is very generic, and permits to define a
> relation isMemberOf (user isMemberOf) or in the other sens member (role
> member user)
>
> Since I could not create a relation david isMemberOf admin (not in ldap
> schema), I've created the relation in the role member user direction.
> So I've added an attribute to cn=admin ldap object, which was attribute
> name: member, attribute value
> cn=David,o=Peoples,o=SanFrancisco,o=Jetspeed,o=sevenSeas
> And it worked David became magically administrator
>
>
> Alternatively, I could have changed the xml file to make it match to my
> ldap content (using uniqueMember rather thar member), but I didn't to
> change this part of jetspeed configuration.
> <bean id="UserRoleRelationDAO"
> class="org.apache.jetspeed.security.mapping.ldap.dao.impl.AttributeBasedRelationDAO">
>
> <meta key="j2:cat" value="ldapSecurity"/>
> <property name="relationAttribute" value="member"/>
> <property name="attributeContainsInternalId" value="true"/>
> <property name="useFromEntityAttribute" value="false"/>
> <property name="relationType">
> <bean
> class="org.apache.jetspeed.security.mapping.impl.SecurityEntityRelationTypeImpl">
>
> <constructor-arg index="0" value="isMemberOf"/>
> <constructor-arg index="1" value="user"/>
> <constructor-arg index="2" value="role"/>
> </bean></property></bean>
>
>
>
> 3/ Adding an user
>
> When I create a user through the register portlet, the user is created
> inthe ldap , but I have an exception
>
> Welcome. Please fill out the following form to become a registered user.
>
> [Failed to add
> user.org.apache.jetspeed.administration.RegistrationException:
> org.apache.jetspeed.security.SecurityException: The role user does not
> exist.]
>
> In the ldap, the user is created in o=Jetspeed,o=sevenSeas
> It's probably constructed from these properties
> ldap.base=o=sevenSeas
> ldap.user.searchBase=o=Jetspeed
> Right?
>
> 4/ jetspeed defaut schema
>
> What is the utility of jetspeed ldap schema (j2-role and all that stuff)?
>
> Is it necessary?
> If Yes, I suppose that the configuration has to be changed.
> Does exists somewhere a configuration with that schema?
>
> Any answer or clarification would be useful.
> I hope this post will help other people trying to ldapize jetspeed.
>
> Regards,
> Jérôme
>
> Exposition Enluminures en terre d'Islam entre abstraction et figuration
> - jusqu'au 25 septembre 2011 - BnF - Richelieu / Galerie Mansart Avant
> d'imprimer, pensez à l'environnement.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-user-help@portals.apache.org
>
>
>
--
View this message in context: http://old.nabble.com/Re%3A-ldap-configuration%3A-a-configuration-starting-to-work-tp32354906p33423806.html
Sent from the Jetspeed - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org
Re: ldap configuration: a configuration starting to work
Posted by cnguyen8 <cn...@hotmail.com>.
Hi,
Thank you for reply.
What are the properties to use in the jetspeed.properties?
The default one only have base= sevenSeas, ou=roles, ou=groups, and
ou=users.
I've also created my own ldif file as well base on the jetspeed.properties
above.
and i was able to login.
But i can't change the user role.
if i want user cnguyen to be an admin, by changing the role in jetspeed, no
go.
only admin user can be admin.
You said you were able to do it, how did you do that?
jerome.dupont wrote:
>
> Since this summer, I use my own schema (changing xml ldap ), so I don't
> have anymore schema import problem :-)
> But if I remember well, I imported the schema in apache
>
> You can find it in the directory
> components/jetspeed-security-schema/src/main/schema/jetspeed.schema)
> and converted it to ldif file
>
> You can find on the net tools to convert schemas to ldif
>
> Alternatively, I found on my disk a ldif I had generated in July (happy
> holidays this summer :-), this is its content (normally it's importable in
> apache 1.5.5, but I'm not sure).
> After that you should be able to create user from jetspeed.
>
> Sorry for the long post, but I don't know how to post an attached file
>
> # Generated by Apache Directory Studio on 31 juillet 2011 21:37:20
>
> # SCHEMA "JETSPEED"
> dn: cn=jetspeed, ou=schema
> objectclass: metaSchema
> objectclass: top
> cn: jetspeed
> m-dependencies: system
> m-dependencies: inetorgperson
> m-dependencies: core
>
> dn: ou=attributeTypes, cn=jetspeed, ou=schema
> objectclass: organizationalUnit
> objectclass: top
> ou: attributetypes
>
> dn: m-oid=1.3.6.1.4.1.8100.1.2.3.1, ou=attributeTypes, cn=jetspeed,
> ou=schema
> objectclass: metaAttributeType
> objectclass: metaTop
> objectclass: top
> m-oid: 1.3.6.1.4.1.8100.1.2.3.1
> m-name: j2-classname
> m-description: The java class name of the object.
> m-equality: caseIgnoreIA5Match
> m-syntax: 1.3.6.1.4.1.1466.115.121.1.26
> m-length: 0
> m-singleValue: TRUE
>
> dn: m-oid=1.3.6.1.4.1.8100.1.2.3.2, ou=attributeTypes, cn=jetspeed,
> ou=schema
> objectclass: metaAttributeType
> objectclass: metaTop
> objectclass: top
> m-oid: 1.3.6.1.4.1.8100.1.2.3.2
> m-name: j2-action
> m-description: An action associated with a permission. This is a
> multi-valued at
> tribute.
> m-equality: caseIgnoreIA5Match
> m-syntax: 1.3.6.1.4.1.1466.115.121.1.26
> m-length: 0
>
> dn: m-oid=1.3.6.1.4.1.8100.1.2.3.3, ou=attributeTypes, cn=jetspeed,
> ou=schema
> objectclass: metaAttributeType
> objectclass: metaTop
> objectclass: top
> m-oid: 1.3.6.1.4.1.8100.1.2.3.3
> m-name: j2-role
> m-description: The UID of an associated Role. This is a multi-valued
> attribute.
> m-equality: caseExactIA5Match
> m-syntax: 1.3.6.1.4.1.1466.115.121.1.26
> m-length: 0
>
> dn: m-oid=1.3.6.1.4.1.8100.1.2.3.4, ou=attributeTypes, cn=jetspeed,
> ou=schema
> objectclass: metaAttributeType
> objectclass: metaTop
> objectclass: top
> m-oid: 1.3.6.1.4.1.8100.1.2.3.4
> m-name: j2-group
> m-description: The UID of an associated Group. This is a multi-valued
> attribute.
>
> m-equality: caseExactIA5Match
> m-syntax: 1.3.6.1.4.1.1466.115.121.1.26
> m-length: 0
>
> dn: m-oid=1.3.6.1.4.1.8100.1.2.3.5, ou=attributeTypes, cn=jetspeed,
> ou=schema
> objectclass: metaAttributeType
> objectclass: metaTop
> objectclass: top
> m-oid: 1.3.6.1.4.1.8100.1.2.3.5
> m-name: j2-permission
> m-description: The UID of an associated Permission
> m-equality: caseExactIA5Match
> m-syntax: 1.3.6.1.4.1.1466.115.121.1.26
> m-length: 0
>
> dn: m-oid=1.3.6.1.4.1.8100.1.2.3.6, ou=attributeTypes, cn=jetspeed,
> ou=schema
> objectclass: metaAttributeType
> objectclass: metaTop
> objectclass: top
> m-oid: 1.3.6.1.4.1.8100.1.2.3.6
> m-name: creation-date
> m-description: create date
> m-equality: caseIgnoreIA5Match
> m-syntax: 1.3.6.1.4.1.1466.115.121.1.26
> m-length: 0
> m-singleValue: TRUE
>
> dn: m-oid=1.3.6.1.4.1.8100.1.2.3.7, ou=attributeTypes, cn=jetspeed,
> ou=schema
> objectclass: metaAttributeType
> objectclass: metaTop
> objectclass: top
> m-oid: 1.3.6.1.4.1.8100.1.2.3.7
> m-name: modified-date
> m-description: modified date
> m-equality: caseIgnoreIA5Match
> m-syntax: 1.3.6.1.4.1.1466.115.121.1.26
> m-length: 0
> m-singleValue: TRUE
>
> dn: ou=comparators, cn=jetspeed, ou=schema
> objectclass: organizationalUnit
> objectclass: top
> ou: comparators
>
> dn: ou=ditContentRules, cn=jetspeed, ou=schema
> objectclass: organizationalUnit
> objectclass: top
> ou: ditcontentrules
>
> dn: ou=ditStructureRules, cn=jetspeed, ou=schema
> objectclass: organizationalUnit
> objectclass: top
> ou: ditstructurerules
>
> dn: ou=matchingRules, cn=jetspeed, ou=schema
> objectclass: organizationalUnit
> objectclass: top
> ou: matchingrules
>
> dn: ou=matchingRuleUse, cn=jetspeed, ou=schema
> objectclass: organizationalUnit
> objectclass: top
> ou: matchingruleuse
>
> dn: ou=nameForms, cn=jetspeed, ou=schema
> objectclass: organizationalUnit
> objectclass: top
> ou: nameforms
>
> dn: ou=normalizers, cn=jetspeed, ou=schema
> objectclass: organizationalUnit
> objectclass: top
> ou: normalizers
>
> dn: ou=objectClasses, cn=jetspeed, ou=schema
> objectclass: organizationalUnit
> objectclass: top
> ou: objectClasses
>
> dn: m-oid=1.3.6.1.4.1.8100.1.2.4.1, ou=objectClasses, cn=jetspeed,
> ou=schema
> objectclass: metaObjectClass
> objectclass: metaTop
> objectclass: top
> m-oid: 1.3.6.1.4.1.8100.1.2.4.1
> m-name: jetspeed-2-group
> m-description: Jetspeed-2 group
> m-supObjectClass: groupOfUniqueNames
> m-must: j2-classname
> m-must: uid
> m-may: j2-role
> m-may: creation-date
> m-may: modified-date
> m-may: cn
> m-may: ou
>
> dn: m-oid=1.3.6.1.4.1.8100.1.2.4.3, ou=objectClasses, cn=jetspeed,
> ou=schema
> objectclass: metaObjectClass
> objectclass: metaTop
> objectclass: top
> m-oid: 1.3.6.1.4.1.8100.1.2.4.3
> m-name: jetspeed-2-role
> m-description: Jetspeed-2 role
> m-supObjectClass: groupOfUniqueNames
> m-must: j2-classname
> m-must: uid
> m-may: creation-date
> m-may: modified-date
> m-may: cn
> m-may: ou
>
> dn: m-oid=1.3.6.1.4.1.8100.1.2.4.4, ou=objectClasses, cn=jetspeed,
> ou=schema
> objectclass: metaObjectClass
> objectclass: metaTop
> objectclass: top
> m-oid: 1.3.6.1.4.1.8100.1.2.4.4
> m-name: jetspeed-2-user
> m-description: Jetspeed-2 user
> m-supObjectClass: inetOrgPerson
> m-must: cn
> m-must: uid
> m-may: j2-role
> m-may: j2-group
> m-may: j2-permission
> m-may: creation-date
> m-may: modified-date
>
> dn: m-oid=1.3.6.1.4.1.8100.1.2.4.2, ou=objectClasses, cn=jetspeed,
> ou=schema
> objectclass: metaObjectClass
> objectclass: metaTop
> objectclass: top
> m-oid: 1.3.6.1.4.1.8100.1.2.4.2
> m-name: jetspeed-2-permission
> m-description: Jetspeed-2 permission
> m-must: j2-classname
> m-must: uid
> m-may: j2-action
> m-may: creation-date
> m-may: modified-date
>
> dn: ou=syntaxCheckers, cn=jetspeed, ou=schema
> objectclass: organizationalUnit
> objectclass: top
> ou: syntaxcheckers
>
> dn: ou=syntaxes, cn=jetspeed, ou=schema
> objectclass: organizationalUnit
> objectclass: top
> ou: syntaxes
>
>
>
>
>
> |----------->
> | |
> | |
> | |
> | |
> | |
> |----------->
>
> >--------------------------------------------------------------------------------------------------------------------------------------------|
> |
> |
> |
> |
> | Message de : cnguyen8 <cn...@hotmail.com>
> |
> | 01/03/2012 20:31
> |
> |
> |
> |
> |
> |
> |
> |
> |
> |
> |
> | Veuillez répondre à "Jetspeed Users
> List" <je...@portals.apache.org> |
> |
> |
> |
> |
> |
> |
> |
> |
> |
> |
> |
> |
> |
> |
> |
> Pour|
> | jetspeed-user@portals.apache.org
> |
> |
> Copie|
> |
> |
> |
> Objet|
> | Re: ldap configuration: a configuration starting to work
> |
> |
> |
>
> >--------------------------------------------------------------------------------------------------------------------------------------------|
>
>
>
>
>
> Hi ,
>
> I'm trying to follow you guide but i'm still not fully understand.
> I'm new with apacheDS and jetspeed.
>
> Current setup -
> Jetspeed 2.2.2
> ApacheDS 1.5.5
>
> I've configured so that Jetspeed 2.2.2 will use LDAP server.
> on ApacheDS I have it stand alone running in the background.
> Using Apache Studio, I connect to ApachedS.
> From ApacheDS console, I can see that when ever i try to login into
> jetspeed.
> It display information that user try to login but fail.
>
> So I'm thinking that I need to load Jetspeed 2.2.2 schema into ApacheDS.
> Using the jetspeed schema provided at the
> http://portals.apache.org/jetspeed-2/deployguide/ldap.html doesn't do
> anything. So when i try to import setup2.ldif, it fail because ApacheDS
> doesn't know j2-classname:
>
> This is where it starting to fail to import:
>
> #!RESULT ERROR
> #!CONNECTION ldap://localhost:10389
> #!DATE 2012-03-01T13:46:47.187
> #!ERROR [LDAP: error code 16 - NO_SUCH_ATTRIBUTE: failed for Add
> Request
> : ClientEntry dn: cn=accounting,ou=Groups,ou=rootOrg,o=sevenSeas
> objectClass: jetspeed-2-group objectClass: groupOfUniqueNames
> objectClass: top uid: accounting uniquemember: user,local,sublocal
>
> cn: accounting j2-classname: accounting : OID for name
> 'jetspeed-2-group' was not found within the OID registry]
> dn: cn=accounting,ou=Groups,ou=rootOrg,o=sevenSeas
> objectClass: jetspeed-2-group
> objectClass: groupOfUniqueNames
> objectClass: top
> cn: accounting
> j2-classname: accounting
> uid: accounting
> uniquemember: user,local,sublocal
>
>
> Can you explain how did you manage to load this file? Assume you did load
> jetspeed schema into apacheDS. How did you do it?
>
> I tried to manual create a user in the apacheDS, but login still fail. It
> did display my login information use as username, surname and such, but
> with
> fail message.
>
> Thanks
>
>
>
>
>
> Exposition Le Théâtre de la Huchette - jusqu'au 8 avril 2012 - BnF -
> François-Mitterrand Avant d'imprimer, pensez à l'environnement.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-user-help@portals.apache.org
>
>
>
--
View this message in context: http://old.nabble.com/Re%3A-ldap-configuration%3A-a-configuration-starting-to-work-tp32354906p33429771.html
Sent from the Jetspeed - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org
Re: ldap configuration: a configuration starting to work
Posted by je...@bnf.fr.
Since this summer, I use my own schema (changing xml ldap ), so I don't
have anymore schema import problem :-)
But if I remember well, I imported the schema in apache
You can find it in the directory
components/jetspeed-security-schema/src/main/schema/jetspeed.schema)
and converted it to ldif file
You can find on the net tools to convert schemas to ldif
Alternatively, I found on my disk a ldif I had generated in July (happy
holidays this summer :-), this is its content (normally it's importable in
apache 1.5.5, but I'm not sure).
After that you should be able to create user from jetspeed.
Sorry for the long post, but I don't know how to post an attached file
# Generated by Apache Directory Studio on 31 juillet 2011 21:37:20
# SCHEMA "JETSPEED"
dn: cn=jetspeed, ou=schema
objectclass: metaSchema
objectclass: top
cn: jetspeed
m-dependencies: system
m-dependencies: inetorgperson
m-dependencies: core
dn: ou=attributeTypes, cn=jetspeed, ou=schema
objectclass: organizationalUnit
objectclass: top
ou: attributetypes
dn: m-oid=1.3.6.1.4.1.8100.1.2.3.1, ou=attributeTypes, cn=jetspeed,
ou=schema
objectclass: metaAttributeType
objectclass: metaTop
objectclass: top
m-oid: 1.3.6.1.4.1.8100.1.2.3.1
m-name: j2-classname
m-description: The java class name of the object.
m-equality: caseIgnoreIA5Match
m-syntax: 1.3.6.1.4.1.1466.115.121.1.26
m-length: 0
m-singleValue: TRUE
dn: m-oid=1.3.6.1.4.1.8100.1.2.3.2, ou=attributeTypes, cn=jetspeed,
ou=schema
objectclass: metaAttributeType
objectclass: metaTop
objectclass: top
m-oid: 1.3.6.1.4.1.8100.1.2.3.2
m-name: j2-action
m-description: An action associated with a permission. This is a
multi-valued at
tribute.
m-equality: caseIgnoreIA5Match
m-syntax: 1.3.6.1.4.1.1466.115.121.1.26
m-length: 0
dn: m-oid=1.3.6.1.4.1.8100.1.2.3.3, ou=attributeTypes, cn=jetspeed,
ou=schema
objectclass: metaAttributeType
objectclass: metaTop
objectclass: top
m-oid: 1.3.6.1.4.1.8100.1.2.3.3
m-name: j2-role
m-description: The UID of an associated Role. This is a multi-valued
attribute.
m-equality: caseExactIA5Match
m-syntax: 1.3.6.1.4.1.1466.115.121.1.26
m-length: 0
dn: m-oid=1.3.6.1.4.1.8100.1.2.3.4, ou=attributeTypes, cn=jetspeed,
ou=schema
objectclass: metaAttributeType
objectclass: metaTop
objectclass: top
m-oid: 1.3.6.1.4.1.8100.1.2.3.4
m-name: j2-group
m-description: The UID of an associated Group. This is a multi-valued
attribute.
m-equality: caseExactIA5Match
m-syntax: 1.3.6.1.4.1.1466.115.121.1.26
m-length: 0
dn: m-oid=1.3.6.1.4.1.8100.1.2.3.5, ou=attributeTypes, cn=jetspeed,
ou=schema
objectclass: metaAttributeType
objectclass: metaTop
objectclass: top
m-oid: 1.3.6.1.4.1.8100.1.2.3.5
m-name: j2-permission
m-description: The UID of an associated Permission
m-equality: caseExactIA5Match
m-syntax: 1.3.6.1.4.1.1466.115.121.1.26
m-length: 0
dn: m-oid=1.3.6.1.4.1.8100.1.2.3.6, ou=attributeTypes, cn=jetspeed,
ou=schema
objectclass: metaAttributeType
objectclass: metaTop
objectclass: top
m-oid: 1.3.6.1.4.1.8100.1.2.3.6
m-name: creation-date
m-description: create date
m-equality: caseIgnoreIA5Match
m-syntax: 1.3.6.1.4.1.1466.115.121.1.26
m-length: 0
m-singleValue: TRUE
dn: m-oid=1.3.6.1.4.1.8100.1.2.3.7, ou=attributeTypes, cn=jetspeed,
ou=schema
objectclass: metaAttributeType
objectclass: metaTop
objectclass: top
m-oid: 1.3.6.1.4.1.8100.1.2.3.7
m-name: modified-date
m-description: modified date
m-equality: caseIgnoreIA5Match
m-syntax: 1.3.6.1.4.1.1466.115.121.1.26
m-length: 0
m-singleValue: TRUE
dn: ou=comparators, cn=jetspeed, ou=schema
objectclass: organizationalUnit
objectclass: top
ou: comparators
dn: ou=ditContentRules, cn=jetspeed, ou=schema
objectclass: organizationalUnit
objectclass: top
ou: ditcontentrules
dn: ou=ditStructureRules, cn=jetspeed, ou=schema
objectclass: organizationalUnit
objectclass: top
ou: ditstructurerules
dn: ou=matchingRules, cn=jetspeed, ou=schema
objectclass: organizationalUnit
objectclass: top
ou: matchingrules
dn: ou=matchingRuleUse, cn=jetspeed, ou=schema
objectclass: organizationalUnit
objectclass: top
ou: matchingruleuse
dn: ou=nameForms, cn=jetspeed, ou=schema
objectclass: organizationalUnit
objectclass: top
ou: nameforms
dn: ou=normalizers, cn=jetspeed, ou=schema
objectclass: organizationalUnit
objectclass: top
ou: normalizers
dn: ou=objectClasses, cn=jetspeed, ou=schema
objectclass: organizationalUnit
objectclass: top
ou: objectClasses
dn: m-oid=1.3.6.1.4.1.8100.1.2.4.1, ou=objectClasses, cn=jetspeed,
ou=schema
objectclass: metaObjectClass
objectclass: metaTop
objectclass: top
m-oid: 1.3.6.1.4.1.8100.1.2.4.1
m-name: jetspeed-2-group
m-description: Jetspeed-2 group
m-supObjectClass: groupOfUniqueNames
m-must: j2-classname
m-must: uid
m-may: j2-role
m-may: creation-date
m-may: modified-date
m-may: cn
m-may: ou
dn: m-oid=1.3.6.1.4.1.8100.1.2.4.3, ou=objectClasses, cn=jetspeed,
ou=schema
objectclass: metaObjectClass
objectclass: metaTop
objectclass: top
m-oid: 1.3.6.1.4.1.8100.1.2.4.3
m-name: jetspeed-2-role
m-description: Jetspeed-2 role
m-supObjectClass: groupOfUniqueNames
m-must: j2-classname
m-must: uid
m-may: creation-date
m-may: modified-date
m-may: cn
m-may: ou
dn: m-oid=1.3.6.1.4.1.8100.1.2.4.4, ou=objectClasses, cn=jetspeed,
ou=schema
objectclass: metaObjectClass
objectclass: metaTop
objectclass: top
m-oid: 1.3.6.1.4.1.8100.1.2.4.4
m-name: jetspeed-2-user
m-description: Jetspeed-2 user
m-supObjectClass: inetOrgPerson
m-must: cn
m-must: uid
m-may: j2-role
m-may: j2-group
m-may: j2-permission
m-may: creation-date
m-may: modified-date
dn: m-oid=1.3.6.1.4.1.8100.1.2.4.2, ou=objectClasses, cn=jetspeed,
ou=schema
objectclass: metaObjectClass
objectclass: metaTop
objectclass: top
m-oid: 1.3.6.1.4.1.8100.1.2.4.2
m-name: jetspeed-2-permission
m-description: Jetspeed-2 permission
m-must: j2-classname
m-must: uid
m-may: j2-action
m-may: creation-date
m-may: modified-date
dn: ou=syntaxCheckers, cn=jetspeed, ou=schema
objectclass: organizationalUnit
objectclass: top
ou: syntaxcheckers
dn: ou=syntaxes, cn=jetspeed, ou=schema
objectclass: organizationalUnit
objectclass: top
ou: syntaxes
|----------->
| |
| |
| |
| |
| |
|----------->
>--------------------------------------------------------------------------------------------------------------------------------------------|
| |
| |
| Message de : cnguyen8 <cn...@hotmail.com> |
| 01/03/2012 20:31 |
| |
| |
| |
| |
| |
| Veuillez répondre à "Jetspeed Users List" <je...@portals.apache.org> |
| |
| |
| |
| |
| |
| |
| |
| Pour|
| jetspeed-user@portals.apache.org |
| Copie|
| |
| Objet|
| Re: ldap configuration: a configuration starting to work |
| |
>--------------------------------------------------------------------------------------------------------------------------------------------|
Hi ,
I'm trying to follow you guide but i'm still not fully understand.
I'm new with apacheDS and jetspeed.
Current setup -
Jetspeed 2.2.2
ApacheDS 1.5.5
I've configured so that Jetspeed 2.2.2 will use LDAP server.
on ApacheDS I have it stand alone running in the background.
Using Apache Studio, I connect to ApachedS.
>From ApacheDS console, I can see that when ever i try to login into
jetspeed.
It display information that user try to login but fail.
So I'm thinking that I need to load Jetspeed 2.2.2 schema into ApacheDS.
Using the jetspeed schema provided at the
http://portals.apache.org/jetspeed-2/deployguide/ldap.html doesn't do
anything. So when i try to import setup2.ldif, it fail because ApacheDS
doesn't know j2-classname:
This is where it starting to fail to import:
#!RESULT ERROR
#!CONNECTION ldap://localhost:10389
#!DATE 2012-03-01T13:46:47.187
#!ERROR [LDAP: error code 16 - NO_SUCH_ATTRIBUTE: failed for Add
Request
: ClientEntry dn: cn=accounting,ou=Groups,ou=rootOrg,o=sevenSeas
objectClass: jetspeed-2-group objectClass: groupOfUniqueNames
objectClass: top uid: accounting uniquemember: user,local,sublocal
cn: accounting j2-classname: accounting : OID for name
'jetspeed-2-group' was not found within the OID registry]
dn: cn=accounting,ou=Groups,ou=rootOrg,o=sevenSeas
objectClass: jetspeed-2-group
objectClass: groupOfUniqueNames
objectClass: top
cn: accounting
j2-classname: accounting
uid: accounting
uniquemember: user,local,sublocal
Can you explain how did you manage to load this file? Assume you did load
jetspeed schema into apacheDS. How did you do it?
I tried to manual create a user in the apacheDS, but login still fail. It
did display my login information use as username, surname and such, but
with
fail message.
Thanks
Exposition Le Théâtre de la Huchette - jusqu'au 8 avril 2012 - BnF - François-Mitterrand Avant d'imprimer, pensez à l'environnement.
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-user-help@portals.apache.org