You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openmeetings.apache.org by "Sqli (JIRA)" <ji...@apache.org> on 2013/07/09 16:55:48 UTC
[jira] [Commented] (OPENMEETINGS-697) Authentification Ldap
[ https://issues.apache.org/jira/browse/OPENMEETINGS-697?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13703346#comment-13703346 ]
Sqli commented on OPENMEETINGS-697:
-----------------------------------
In OpenMeetings, i have these message :
WARN 07-09 15:47:05.018 o.a.o.r.MainService:307 [NioProcessor-2] - loginUser: 193cc6d83612d4efeab21f519d8fefdb username
DEBUG 07-09 15:47:05.019 o.a.o.r.MainService:318 [NioProcessor-2] - Ldap Login
DEBUG 07-09 15:47:05.048 o.a.o.l.LdapLoginManagement:245 [NioProcessor-2] - LdapLoginmanagement.doLdapLogin
DEBUG 07-09 15:47:05.049 o.a.o.l.LdapLoginManagement:209 [NioProcessor-2] - LdapLoginmanagement.getLdapConfigData
DEBUG 07-09 15:47:05.049 o.a.o.l.LdapLoginManagement:222 [NioProcessor-2] - LdapLoginmanagement.readConfig : ......./openmeetings/conf/om_ldap.cfg
DEBUG 07-09 15:47:05.050 o.a.o.l.LdapLoginManagement:149 [NioProcessor-2] - isValidAuthType
DEBUG 07-09 15:47:05.050 o.a.o.l.LdapLoginManagement:381 [NioProcessor-2] - Searching userdata with LDAP Search Filter :(uid=username)
DEBUG 07-09 15:47:05.050 o.a.o.l.LdapAuthBase:84 [NioProcessor-2] - LdapAuthBase
DEBUG 07-09 15:47:05.050 o.a.o.l.LdapLoginManagement:390 [NioProcessor-2] - authenticating admin...
DEBUG 07-09 15:47:05.051 o.a.o.l.LdapAuthBase:101 [NioProcessor-2] - authenticateUser
DEBUG 07-09 15:47:05.051 o.a.o.l.LdapAuthBase:117 [NioProcessor-2] -
Authentification to LDAP - Server start
DEBUG 07-09 15:47:05.051 o.a.o.l.LdapAuthBase:151 [NioProcessor-2] - loginToLdapServer
DEBUG 07-09 15:47:05.061 o.a.o.l.LdapLoginManagement:393 [NioProcessor-2] - Checking server type...
DEBUG 07-09 15:47:05.062 o.a.o.l.LdapLoginManagement:397 [NioProcessor-2] - LDAP server is OpenLDAP
DEBUG 07-09 15:47:05.062 o.a.o.l.LdapLoginManagement:398 [NioProcessor-2] - LDAP search base: ou=company,dc=medint,dc=local
DEBUG 07-09 15:47:05.068 o.a.o.l.LdapLoginManagement:403 [NioProcessor-2] - Authentication with DN: uid=username,ou=company,dc=medint,dc=local
DEBUG 07-09 15:47:05.068 o.a.o.l.LdapAuthBase:101 [NioProcessor-2] - authenticateUser
DEBUG 07-09 15:47:05.068 o.a.o.l.LdapAuthBase:117 [NioProcessor-2] -
Authentification to LDAP - Server start
DEBUG 07-09 15:47:05.068 o.a.o.l.LdapAuthBase:151 [NioProcessor-2] - loginToLdapServer
DEBUG 07-09 15:47:05.081 o.a.o.d.u.UserManager:1360 [NioProcessor-2] - Usermanagement.getUserByLogin : username
DEBUG 07-09 15:47:05.095 o.a.o.l.LdapAuthBase:174 [NioProcessor-2] - getData
ERROR 07-09 15:47:05.098 o.a.o.l.LdapAuthBase:226 [NioProcessor-2] - Error occured on LDAP Search :
...
ERROR 07-09 15:47:05.099 o.a.o.l.LdapLoginManagement:472 [NioProcessor-2] - Error on Ldap request - no result for user
> Authentification Ldap
> ---------------------
>
> Key: OPENMEETINGS-697
> URL: https://issues.apache.org/jira/browse/OPENMEETINGS-697
> Project: Openmeetings
> Issue Type: Bug
> Affects Versions: 2.1.1 Apache Release, 2.1.0 Apache Release
> Environment: OS Debian wheezy
> Reporter: Sqli
> Labels: Bug
>
> Hello,
> I have trouble with ldap authentication.
> My ldap authentication works with openmeetings 2.0 but doesn't work since 2.1 (also tried 2.1.1).
> Below are ldap logs with "stats" level enabled.
> Logs for 2.0 :
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=42 fd=46 ACCEPT from IP=1.2.3.4:43818 (IP=1.2.3.5:389)
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=42 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" method=128
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=42 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" mech=SIMPLE ssf=0
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=42 op=0 RESULT tag=97 err=0 text=
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=43 fd=47 ACCEPT from IP=1.2.3.4:43819 (IP=1.2.3.5:389)
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=43 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" method=128
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=43 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" mech=SIMPLE ssf=0
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=43 op=0 RESULT tag=97 err=0 text=
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=43 op=1 SRCH base="ou=company,dc=medint,dc=local" scope=2 deref=3 filter="(uid=username)"
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=43 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=44 fd=48 ACCEPT from IP=1.2.3.4:43820 (IP=1.2.3.5:389)
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=44 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" method=128
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=44 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" mech=SIMPLE ssf=0
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=44 op=0 RESULT tag=97 err=0 text=
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=45 fd=49 ACCEPT from IP=1.2.3.4:43821 (IP=1.2.3.5:389)
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=45 op=0 BIND dn="uid=username,ou=company,dc=medint,dc=local" method=128
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=45 op=0 BIND dn="uid=username,ou=company,dc=medint,dc=local" mech=SIMPLE ssf=0
> Jul 9 12:41:46 ldapserver slapd[11612]: conn=45 op=0 RESULT tag=97 err=0 text=
> Logs for 2.1 and 2.1.1 :
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=75 fd=63 ACCEPT from IP=1.2.3.4:58686 (IP=1.2.3.5:389)
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=75 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" method=128
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=75 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" mech=SIMPLE ssf=0
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=75 op=0 RESULT tag=97 err=0 text=
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=76 fd=64 ACCEPT from IP=1.2.3.4:58687 (IP=1.2.3.5:389)
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=76 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" method=128
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=76 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" mech=SIMPLE ssf=0
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=76 op=0 RESULT tag=97 err=0 text=
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=76 op=1 SRCH base="ou=company,dc=medint,dc=local" scope=2 deref=3 filter="(uid=username)"
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=76 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=77 fd=65 ACCEPT from IP=1.2.3.4:58688 (IP=1.2.3.5:389)
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=77 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" method=128
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=77 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" mech=SIMPLE ssf=0
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=77 op=0 RESULT tag=97 err=0 text=
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=78 fd=66 ACCEPT from IP=1.2.3.4:58689 (IP=1.2.3.5:389)
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=78 op=0 BIND dn="uid=username,ou=company,dc=medint,dc=local" method=128
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=78 op=0 BIND dn="uid=username,ou=company,dc=medint,dc=local" mech=SIMPLE ssf=0
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=78 op=0 RESULT tag=97 err=0 text=
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=78 op=1 SRCH base="ou=company,dc=medint,dc=local" scope=2 deref=3 filter="(uid=username)"
> Jul 9 13:13:23 ldapserver slapd[11612]: conn=78 op=1 SEARCH RESULT tag=101 err=32 nentries=0 text=
> There are only two different lines :
> Jul 9 12:38:08 ldapserver slapd[11612]: conn=40 op=1 SRCH base="ou=company,dc=medint,dc=local" scope=2 deref=3 filter="(uid=username)"
> Jul 9 12:38:08 ldapserver slapd[11612]: conn=40 op=1 SEARCH RESULT tag=101 err=32 nentries=0 text=
> Users aren't allowed to search and view these informations, resulting in an unknown user error on login. Exact error in french is : "Nom d'utilisateur inconnu".
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
Re: [jira] [Commented] (OPENMEETINGS-697) Authentification Ldap
Posted by Alexei Fedotov <al...@gmail.com>.
Hello Sqli,
The error message tells you request a data for user which does not
exist in your LDAP database. Thus authentication fails.
--
With best regards / с наилучшими пожеланиями,
Alexei Fedotov / Алексей Федотов,
http://dataved.ru/
+7 916 562 8095
[1] Start using Apache Openmeetings today, http://openmeetings.apache.org/
[2] Join Alexei Fedotov @linkedin, http://ru.linkedin.com/in/dataved/
[3] Join Alexei Fedotov @facebook, http://www.facebook.com/openmeetings
On Tue, Jul 9, 2013 at 6:55 PM, Sqli (JIRA) <ji...@apache.org> wrote:
>
> [ https://issues.apache.org/jira/browse/OPENMEETINGS-697?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13703346#comment-13703346 ]
>
> Sqli commented on OPENMEETINGS-697:
> -----------------------------------
>
> In OpenMeetings, i have these message :
>
> WARN 07-09 15:47:05.018 o.a.o.r.MainService:307 [NioProcessor-2] - loginUser: 193cc6d83612d4efeab21f519d8fefdb username
> DEBUG 07-09 15:47:05.019 o.a.o.r.MainService:318 [NioProcessor-2] - Ldap Login
> DEBUG 07-09 15:47:05.048 o.a.o.l.LdapLoginManagement:245 [NioProcessor-2] - LdapLoginmanagement.doLdapLogin
> DEBUG 07-09 15:47:05.049 o.a.o.l.LdapLoginManagement:209 [NioProcessor-2] - LdapLoginmanagement.getLdapConfigData
> DEBUG 07-09 15:47:05.049 o.a.o.l.LdapLoginManagement:222 [NioProcessor-2] - LdapLoginmanagement.readConfig : ......./openmeetings/conf/om_ldap.cfg
> DEBUG 07-09 15:47:05.050 o.a.o.l.LdapLoginManagement:149 [NioProcessor-2] - isValidAuthType
> DEBUG 07-09 15:47:05.050 o.a.o.l.LdapLoginManagement:381 [NioProcessor-2] - Searching userdata with LDAP Search Filter :(uid=username)
> DEBUG 07-09 15:47:05.050 o.a.o.l.LdapAuthBase:84 [NioProcessor-2] - LdapAuthBase
> DEBUG 07-09 15:47:05.050 o.a.o.l.LdapLoginManagement:390 [NioProcessor-2] - authenticating admin...
> DEBUG 07-09 15:47:05.051 o.a.o.l.LdapAuthBase:101 [NioProcessor-2] - authenticateUser
> DEBUG 07-09 15:47:05.051 o.a.o.l.LdapAuthBase:117 [NioProcessor-2] -
>
> Authentification to LDAP - Server start
> DEBUG 07-09 15:47:05.051 o.a.o.l.LdapAuthBase:151 [NioProcessor-2] - loginToLdapServer
> DEBUG 07-09 15:47:05.061 o.a.o.l.LdapLoginManagement:393 [NioProcessor-2] - Checking server type...
> DEBUG 07-09 15:47:05.062 o.a.o.l.LdapLoginManagement:397 [NioProcessor-2] - LDAP server is OpenLDAP
> DEBUG 07-09 15:47:05.062 o.a.o.l.LdapLoginManagement:398 [NioProcessor-2] - LDAP search base: ou=company,dc=medint,dc=local
> DEBUG 07-09 15:47:05.068 o.a.o.l.LdapLoginManagement:403 [NioProcessor-2] - Authentication with DN: uid=username,ou=company,dc=medint,dc=local
> DEBUG 07-09 15:47:05.068 o.a.o.l.LdapAuthBase:101 [NioProcessor-2] - authenticateUser
> DEBUG 07-09 15:47:05.068 o.a.o.l.LdapAuthBase:117 [NioProcessor-2] -
>
> Authentification to LDAP - Server start
> DEBUG 07-09 15:47:05.068 o.a.o.l.LdapAuthBase:151 [NioProcessor-2] - loginToLdapServer
> DEBUG 07-09 15:47:05.081 o.a.o.d.u.UserManager:1360 [NioProcessor-2] - Usermanagement.getUserByLogin : username
> DEBUG 07-09 15:47:05.095 o.a.o.l.LdapAuthBase:174 [NioProcessor-2] - getData
> ERROR 07-09 15:47:05.098 o.a.o.l.LdapAuthBase:226 [NioProcessor-2] - Error occured on LDAP Search :
> ...
> ERROR 07-09 15:47:05.099 o.a.o.l.LdapLoginManagement:472 [NioProcessor-2] - Error on Ldap request - no result for user
>
>
>> Authentification Ldap
>> ---------------------
>>
>> Key: OPENMEETINGS-697
>> URL: https://issues.apache.org/jira/browse/OPENMEETINGS-697
>> Project: Openmeetings
>> Issue Type: Bug
>> Affects Versions: 2.1.1 Apache Release, 2.1.0 Apache Release
>> Environment: OS Debian wheezy
>> Reporter: Sqli
>> Labels: Bug
>>
>> Hello,
>> I have trouble with ldap authentication.
>> My ldap authentication works with openmeetings 2.0 but doesn't work since 2.1 (also tried 2.1.1).
>> Below are ldap logs with "stats" level enabled.
>> Logs for 2.0 :
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=42 fd=46 ACCEPT from IP=1.2.3.4:43818 (IP=1.2.3.5:389)
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=42 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" method=128
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=42 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" mech=SIMPLE ssf=0
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=42 op=0 RESULT tag=97 err=0 text=
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=43 fd=47 ACCEPT from IP=1.2.3.4:43819 (IP=1.2.3.5:389)
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=43 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" method=128
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=43 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" mech=SIMPLE ssf=0
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=43 op=0 RESULT tag=97 err=0 text=
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=43 op=1 SRCH base="ou=company,dc=medint,dc=local" scope=2 deref=3 filter="(uid=username)"
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=43 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=44 fd=48 ACCEPT from IP=1.2.3.4:43820 (IP=1.2.3.5:389)
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=44 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" method=128
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=44 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" mech=SIMPLE ssf=0
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=44 op=0 RESULT tag=97 err=0 text=
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=45 fd=49 ACCEPT from IP=1.2.3.4:43821 (IP=1.2.3.5:389)
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=45 op=0 BIND dn="uid=username,ou=company,dc=medint,dc=local" method=128
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=45 op=0 BIND dn="uid=username,ou=company,dc=medint,dc=local" mech=SIMPLE ssf=0
>> Jul 9 12:41:46 ldapserver slapd[11612]: conn=45 op=0 RESULT tag=97 err=0 text=
>> Logs for 2.1 and 2.1.1 :
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=75 fd=63 ACCEPT from IP=1.2.3.4:58686 (IP=1.2.3.5:389)
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=75 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" method=128
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=75 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" mech=SIMPLE ssf=0
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=75 op=0 RESULT tag=97 err=0 text=
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=76 fd=64 ACCEPT from IP=1.2.3.4:58687 (IP=1.2.3.5:389)
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=76 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" method=128
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=76 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" mech=SIMPLE ssf=0
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=76 op=0 RESULT tag=97 err=0 text=
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=76 op=1 SRCH base="ou=company,dc=medint,dc=local" scope=2 deref=3 filter="(uid=username)"
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=76 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=77 fd=65 ACCEPT from IP=1.2.3.4:58688 (IP=1.2.3.5:389)
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=77 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" method=128
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=77 op=0 BIND dn="cn=dummy,ou=external users,dc=medint,dc=local" mech=SIMPLE ssf=0
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=77 op=0 RESULT tag=97 err=0 text=
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=78 fd=66 ACCEPT from IP=1.2.3.4:58689 (IP=1.2.3.5:389)
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=78 op=0 BIND dn="uid=username,ou=company,dc=medint,dc=local" method=128
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=78 op=0 BIND dn="uid=username,ou=company,dc=medint,dc=local" mech=SIMPLE ssf=0
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=78 op=0 RESULT tag=97 err=0 text=
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=78 op=1 SRCH base="ou=company,dc=medint,dc=local" scope=2 deref=3 filter="(uid=username)"
>> Jul 9 13:13:23 ldapserver slapd[11612]: conn=78 op=1 SEARCH RESULT tag=101 err=32 nentries=0 text=
>> There are only two different lines :
>> Jul 9 12:38:08 ldapserver slapd[11612]: conn=40 op=1 SRCH base="ou=company,dc=medint,dc=local" scope=2 deref=3 filter="(uid=username)"
>> Jul 9 12:38:08 ldapserver slapd[11612]: conn=40 op=1 SEARCH RESULT tag=101 err=32 nentries=0 text=
>> Users aren't allowed to search and view these informations, resulting in an unknown user error on login. Exact error in french is : "Nom d'utilisateur inconnu".
>
> --
> This message is automatically generated by JIRA.
> If you think it was sent incorrectly, please contact your JIRA administrators
> For more information on JIRA, see: http://www.atlassian.com/software/jira