You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by Merve Temizer <me...@gmail.com> on 2012/07/17 16:41:54 UTC
LDAP Login
Hello,
How can i login as my user in LDAP?
I have users in ApacheDS under ou:users,ou:system and they have dn s also
cn s.
What should i write in "mail from" and "rcpt to" fields while sending
emails through "telnet localhost 25"?
Re: LDAP Login
Posted by Eric Charles <er...@apache.org>.
Hi Merve,
For now, only Read-only users can be stored in LDAP.
This means the domains have to be persisted in databse (via JPA, the
default - XML is another option, but less flexible as you can not add
users while server is running).
With LDAP for users, you can not add users via the James CLI (you need
to use a direct connection to LDAP).
Upon the documentation you gave, what about adding a simple ldif file
with a few users that could directly be loaded in a vanilla ApacheDS and
that will work with the Apache James default LDAP configuration?
Thx,
Eric
On 07/19/2012 09:37 AM, Merve Temizer wrote:
> Hello Eric,
>
> Thanks for attention, i wrote something for ApacheDS example,
> i think with a concrete LDAP server example, everything might be more clear.
> There is still something i want to ask, do we have to manage domains with
> JPA, or is there any other possibility.
>
> =====================================================================================
> STEPS TO AUTHENTICATE JAMES WİTH LDAP(ApacheDS for this case)
>
> Delete record about JPA in James's conf/usersrepository.xml
>
> and add below lines, the last ivew must be like this:
>
> <xml>
> <repository name="LocalUsers"
> class="org.apache.james.user.ldap.ReadOnlyUsersLDAPRepository"
> ldapHost="ldap://localhost:10389"
> principal="uid=admin,ou=system" credentials="secret"
> userObjectClass="inetOrgPerson" userBase="ou=users,ou=system"
> userIdAttribute="uid">
> <UsersDomain>example.com</UsersDomain>
> <LDAPRoot>dc=example,dc=com</LDAPRoot>
> <MailAddressAttribute>mail</MailAddressAttribute>
> <IdentityAttribute>uid</IdentityAttribute>
> <AuthenticationType>simple</AuthenticationType>
> <ManagePasswordAttribute>TRUE</ManagePasswordAttribute>
> <PasswordAttribute>userPassword</PasswordAttribute>
> </repository>
> </xml>
>
> To explain a little;
>
> In ApacheDS's default construction, there is a root having
> "dc=example,dc=com"
>
> Because of this, the lines should be added:
>
> <UsersDomain>example.com</UsersDomain>
> <LDAPRoot>dc=example,dc=com</LDAPRoot>
>
> And a domain called "example.com" should be added to James, it saves the
> info about domains still in JPA.
>
> ${james_root}/container-spring/target/appassembler/bin/james-cli.sh -h
> localhost adddomain example.com
>
> ApacheDS's admin is admin under "ou=system" entry, and its default password
> is "secret" thus, we need below attributes:
>
> principal="uid=admin,ou=system" credentials="secret"
>
> In ApacheDS when you want to add an entry it requires object classes, it
> should be selected, "inetOrgPerson" and it put a few more automatically
> thus the atribute should be aaded in configuration:
>
> userObjectClass="inetOrgPerson"
>
> Users are under entry "ou=users,ou=system" , thus the attribute should be
> added:
>
> userBase="ou=users,ou=system"
>
> For ApacheDS, userIdAttribute is "uid", thus it is specified:
>
> userIdAttribute="uid"
>
> In ApacheDS new users should be added under "ou=users,ou=system", with a
> "uid" and a "userPassword" attributes.
> Also while adding new user, the DN should contain "uid".
>
> While querying James using e.g. POP3,
>
> USER yourUsersUID@example.com
> PASS yourUsersPassword
>
> should be used.
>
> ========================================================================================================
>
> 2012/7/18 Eric Charles <er...@apache.org>
>
>> That's really great news!
>> Would you mind writing a few paragraphs to be pushed on our website?
>>
>> Thx again Merve for being so tenacious and having found the way.
>>
>> Eric
>>
>>
>> On 07/18/2012 03:21 PM, Merve Temizer wrote:
>>
>>> Hi,
>>>
>>> Apache James has been configured to talk with ApacheDS LDAP server
>>> successfully.
>>>
>>> The configuration clues in
>>>
>>> https://issues.apache.org/**jira/browse/JAMES-747<https://issues.apache.org/jira/browse/JAMES-747>
>>>
>>> make me be patient and try more thing.
>>>
>>> I am going to tell what i exactly do in my blog.
>>>
>>> Thanks for helps.
>>>
>>>
>>> 2012/7/17 Eric Charles <er...@apache.org>
>>>
>>> Hi,
>>>> If any user/developer has already run james with ldap, I'm also
>>>> interested
>>>> to know how to configure it.
>>>>
>>>> [1] and [2] is not helpful enough to use it directly.
>>>>
>>>> Thx, Eric
>>>>
>>>> [1] http://james.apache.org/****server/archive/usingLDAP_v1_2.****html<http://james.apache.org/**server/archive/usingLDAP_v1_2.**html>
>>>> <http://james.apache.**org/server/archive/usingLDAP_**v1_2.html<http://james.apache.org/server/archive/usingLDAP_v1_2.html>
>>>>>
>>>> [2] http://james.apache.org/****server/3/config-users.html#**<http://james.apache.org/**server/3/config-users.html#**>
>>>> LDAP_Users_Repository<http://**james.apache.org/server/3/**
>>>> config-users.html#LDAP_Users_**Repository<http://james.apache.org/server/3/config-users.html#LDAP_Users_Repository>
>>>>>
>>>>
>>>>
>>>>
>>>> On 07/17/2012 04:41 PM, Merve Temizer wrote:
>>>>
>>>> Hello,
>>>>> How can i login as my user in LDAP?
>>>>> I have users in ApacheDS under ou:users,ou:system and they have dn s
>>>>> also
>>>>> cn s.
>>>>> What should i write in "mail from" and "rcpt to" fields while sending
>>>>> emails through "telnet localhost 25"?
>>>>>
>>>>>
>>>>>
>>>> --
>>>> eric | http://about.echarles.net | @echarles
>>>>
>>>>
>>>> ------------------------------****----------------------------**
>>>> --**---------
>>>> To unsubscribe, e-mail: server-dev-unsubscribe@james.****apache.org<
>>>> server-dev-**unsubscribe@james.apache.org<se...@james.apache.org>
>>>>>
>>>> For additional commands, e-mail: server-dev-help@james.apache.****org<
>>>> server-dev-help@james.**apache.org <se...@james.apache.org>>
>>>>
>>>>
>>>>
>>>
>>
>> --
>> eric | http://about.echarles.net | @echarles
>>
>>
>> ------------------------------**------------------------------**---------
>> To unsubscribe, e-mail: server-dev-unsubscribe@james.**apache.org<se...@james.apache.org>
>> For additional commands, e-mail: server-dev-help@james.apache.**org<se...@james.apache.org>
>>
>>
>
--
eric | http://about.echarles.net | @echarles
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: LDAP Login
Posted by Merve Temizer <me...@gmail.com>.
Hello Eric,
Thanks for attention, i wrote something for ApacheDS example,
i think with a concrete LDAP server example, everything might be more clear.
There is still something i want to ask, do we have to manage domains with
JPA, or is there any other possibility.
=====================================================================================
STEPS TO AUTHENTICATE JAMES WİTH LDAP(ApacheDS for this case)
Delete record about JPA in James's conf/usersrepository.xml
and add below lines, the last ivew must be like this:
<xml>
<repository name="LocalUsers"
class="org.apache.james.user.ldap.ReadOnlyUsersLDAPRepository"
ldapHost="ldap://localhost:10389"
principal="uid=admin,ou=system" credentials="secret"
userObjectClass="inetOrgPerson" userBase="ou=users,ou=system"
userIdAttribute="uid">
<UsersDomain>example.com</UsersDomain>
<LDAPRoot>dc=example,dc=com</LDAPRoot>
<MailAddressAttribute>mail</MailAddressAttribute>
<IdentityAttribute>uid</IdentityAttribute>
<AuthenticationType>simple</AuthenticationType>
<ManagePasswordAttribute>TRUE</ManagePasswordAttribute>
<PasswordAttribute>userPassword</PasswordAttribute>
</repository>
</xml>
To explain a little;
In ApacheDS's default construction, there is a root having
"dc=example,dc=com"
Because of this, the lines should be added:
<UsersDomain>example.com</UsersDomain>
<LDAPRoot>dc=example,dc=com</LDAPRoot>
And a domain called "example.com" should be added to James, it saves the
info about domains still in JPA.
${james_root}/container-spring/target/appassembler/bin/james-cli.sh -h
localhost adddomain example.com
ApacheDS's admin is admin under "ou=system" entry, and its default password
is "secret" thus, we need below attributes:
principal="uid=admin,ou=system" credentials="secret"
In ApacheDS when you want to add an entry it requires object classes, it
should be selected, "inetOrgPerson" and it put a few more automatically
thus the atribute should be aaded in configuration:
userObjectClass="inetOrgPerson"
Users are under entry "ou=users,ou=system" , thus the attribute should be
added:
userBase="ou=users,ou=system"
For ApacheDS, userIdAttribute is "uid", thus it is specified:
userIdAttribute="uid"
In ApacheDS new users should be added under "ou=users,ou=system", with a
"uid" and a "userPassword" attributes.
Also while adding new user, the DN should contain "uid".
While querying James using e.g. POP3,
USER yourUsersUID@example.com
PASS yourUsersPassword
should be used.
========================================================================================================
2012/7/18 Eric Charles <er...@apache.org>
> That's really great news!
> Would you mind writing a few paragraphs to be pushed on our website?
>
> Thx again Merve for being so tenacious and having found the way.
>
> Eric
>
>
> On 07/18/2012 03:21 PM, Merve Temizer wrote:
>
>> Hi,
>>
>> Apache James has been configured to talk with ApacheDS LDAP server
>> successfully.
>>
>> The configuration clues in
>>
>> https://issues.apache.org/**jira/browse/JAMES-747<https://issues.apache.org/jira/browse/JAMES-747>
>>
>> make me be patient and try more thing.
>>
>> I am going to tell what i exactly do in my blog.
>>
>> Thanks for helps.
>>
>>
>> 2012/7/17 Eric Charles <er...@apache.org>
>>
>> Hi,
>>> If any user/developer has already run james with ldap, I'm also
>>> interested
>>> to know how to configure it.
>>>
>>> [1] and [2] is not helpful enough to use it directly.
>>>
>>> Thx, Eric
>>>
>>> [1] http://james.apache.org/****server/archive/usingLDAP_v1_2.****html<http://james.apache.org/**server/archive/usingLDAP_v1_2.**html>
>>> <http://james.apache.**org/server/archive/usingLDAP_**v1_2.html<http://james.apache.org/server/archive/usingLDAP_v1_2.html>
>>> >
>>> [2] http://james.apache.org/****server/3/config-users.html#**<http://james.apache.org/**server/3/config-users.html#**>
>>> LDAP_Users_Repository<http://**james.apache.org/server/3/**
>>> config-users.html#LDAP_Users_**Repository<http://james.apache.org/server/3/config-users.html#LDAP_Users_Repository>
>>> >
>>>
>>>
>>>
>>> On 07/17/2012 04:41 PM, Merve Temizer wrote:
>>>
>>> Hello,
>>>> How can i login as my user in LDAP?
>>>> I have users in ApacheDS under ou:users,ou:system and they have dn s
>>>> also
>>>> cn s.
>>>> What should i write in "mail from" and "rcpt to" fields while sending
>>>> emails through "telnet localhost 25"?
>>>>
>>>>
>>>>
>>> --
>>> eric | http://about.echarles.net | @echarles
>>>
>>>
>>> ------------------------------****----------------------------**
>>> --**---------
>>> To unsubscribe, e-mail: server-dev-unsubscribe@james.****apache.org<
>>> server-dev-**unsubscribe@james.apache.org<se...@james.apache.org>
>>> >
>>> For additional commands, e-mail: server-dev-help@james.apache.****org<
>>> server-dev-help@james.**apache.org <se...@james.apache.org>>
>>>
>>>
>>>
>>
>
> --
> eric | http://about.echarles.net | @echarles
>
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: server-dev-unsubscribe@james.**apache.org<se...@james.apache.org>
> For additional commands, e-mail: server-dev-help@james.apache.**org<se...@james.apache.org>
>
>
Re: LDAP Login
Posted by Eric Charles <er...@apache.org>.
That's really great news!
Would you mind writing a few paragraphs to be pushed on our website?
Thx again Merve for being so tenacious and having found the way.
Eric
On 07/18/2012 03:21 PM, Merve Temizer wrote:
> Hi,
>
> Apache James has been configured to talk with ApacheDS LDAP server
> successfully.
>
> The configuration clues in
>
> https://issues.apache.org/jira/browse/JAMES-747
>
> make me be patient and try more thing.
>
> I am going to tell what i exactly do in my blog.
>
> Thanks for helps.
>
>
> 2012/7/17 Eric Charles <er...@apache.org>
>
>> Hi,
>> If any user/developer has already run james with ldap, I'm also interested
>> to know how to configure it.
>>
>> [1] and [2] is not helpful enough to use it directly.
>>
>> Thx, Eric
>>
>> [1] http://james.apache.org/**server/archive/usingLDAP_v1_2.**html<http://james.apache.org/server/archive/usingLDAP_v1_2.html>
>> [2] http://james.apache.org/**server/3/config-users.html#**
>> LDAP_Users_Repository<http://james.apache.org/server/3/config-users.html#LDAP_Users_Repository>
>>
>>
>> On 07/17/2012 04:41 PM, Merve Temizer wrote:
>>
>>> Hello,
>>> How can i login as my user in LDAP?
>>> I have users in ApacheDS under ou:users,ou:system and they have dn s also
>>> cn s.
>>> What should i write in "mail from" and "rcpt to" fields while sending
>>> emails through "telnet localhost 25"?
>>>
>>>
>>
>> --
>> eric | http://about.echarles.net | @echarles
>>
>>
>> ------------------------------**------------------------------**---------
>> To unsubscribe, e-mail: server-dev-unsubscribe@james.**apache.org<se...@james.apache.org>
>> For additional commands, e-mail: server-dev-help@james.apache.**org<se...@james.apache.org>
>>
>>
>
--
eric | http://about.echarles.net | @echarles
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org
Re: LDAP Login
Posted by Merve Temizer <me...@gmail.com>.
Hi,
Apache James has been configured to talk with ApacheDS LDAP server
successfully.
The configuration clues in
https://issues.apache.org/jira/browse/JAMES-747
make me be patient and try more thing.
I am going to tell what i exactly do in my blog.
Thanks for helps.
2012/7/17 Eric Charles <er...@apache.org>
> Hi,
> If any user/developer has already run james with ldap, I'm also interested
> to know how to configure it.
>
> [1] and [2] is not helpful enough to use it directly.
>
> Thx, Eric
>
> [1] http://james.apache.org/**server/archive/usingLDAP_v1_2.**html<http://james.apache.org/server/archive/usingLDAP_v1_2.html>
> [2] http://james.apache.org/**server/3/config-users.html#**
> LDAP_Users_Repository<http://james.apache.org/server/3/config-users.html#LDAP_Users_Repository>
>
>
> On 07/17/2012 04:41 PM, Merve Temizer wrote:
>
>> Hello,
>> How can i login as my user in LDAP?
>> I have users in ApacheDS under ou:users,ou:system and they have dn s also
>> cn s.
>> What should i write in "mail from" and "rcpt to" fields while sending
>> emails through "telnet localhost 25"?
>>
>>
>
> --
> eric | http://about.echarles.net | @echarles
>
>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: server-dev-unsubscribe@james.**apache.org<se...@james.apache.org>
> For additional commands, e-mail: server-dev-help@james.apache.**org<se...@james.apache.org>
>
>
Re: LDAP Login
Posted by Eric Charles <er...@apache.org>.
Hi,
If any user/developer has already run james with ldap, I'm also
interested to know how to configure it.
[1] and [2] is not helpful enough to use it directly.
Thx, Eric
[1] http://james.apache.org/server/archive/usingLDAP_v1_2.html
[2] http://james.apache.org/server/3/config-users.html#LDAP_Users_Repository
On 07/17/2012 04:41 PM, Merve Temizer wrote:
> Hello,
> How can i login as my user in LDAP?
> I have users in ApacheDS under ou:users,ou:system and they have dn s also
> cn s.
> What should i write in "mail from" and "rcpt to" fields while sending
> emails through "telnet localhost 25"?
>
--
eric | http://about.echarles.net | @echarles
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org