You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by "Eric Peukert (JIRA)" <je...@portals.apache.org> on 2005/06/30 11:22:01 UTC
[jira] Commented: (JS2-188) Implement the LDAP
[ http://issues.apache.org/jira/browse/JS2-188?page=comments#action_12314745 ]
Eric Peukert commented on JS2-188:
----------------------------------
I was successful in plugging the securitymodules together so that authentication is done in LDAP and the authorization on the default RDBMS.
Authentication works fine.
I tried to create a new user "TestUser" on LDAP using the Administrative Portlet.
Unfortunately, this action failed.
Jetspeed seems to build DN with worng syntax. First there is a missing space after "uid=TestUser". Even if I try to resolve that missing space, it still prints out this Error.
ERROR: javax.naming.InvalidNameException: uid=TestUserdc=guessant,dc=org: [LDAP: error code 34 - invalid DN]; remaining name 'uid=TestUserdc=guessant,dc=org'
org.apache.jetspeed.security.SecurityException: javax.naming.InvalidNameException: uid=TestUserdc=guessant,dc=org: [LDAP: error code 34 - invalid DN]; remaining name 'uid=TestUserdc=guessant,dc=org'
at org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDaoImpl.create(LdapPrincipalDaoImpl.java:114)
at org.apache.jetspeed.security.spi.impl.LdapUserSecurityHandler.addUserPrincipal(LdapUserSecurityHandler.java:158)
at org.apache.jetspeed.security.impl.AuthenticationProviderProxyImpl.addUserPrincipal(AuthenticationProviderProxyImpl.java:163)
at org.apache.jetspeed.security.impl.AuthenticationProviderProxyImpl.addUserPrincipal(AuthenticationProviderProxyImpl.java:179)
at org.apache.jetspeed.security.impl.UserManagerImpl.addUser(UserManagerImpl.java:234)
at org.apache.jetspeed.security.impl.UserManagerImpl.addUser(UserManagerImpl.java:195)
at org.apache.jetspeed.portlets.security.users.UserDetailsPortlet.addUser(UserDetailsPortlet.java:992)
at org.apache.jetspeed.portlets.security.users.UserDetailsPortlet.processAction(UserDetailsPortlet.java:487)
at org.apache.jetspeed.factory.JetspeedPortletInstance.processAction(JetspeedPortletInstance.java:90)
at org.apache.jetspeed.container.JetspeedContainerServlet.doGet(JetspeedContainerServlet.java:215)
at org.apache.jetspeed.container.JetspeedContainerServlet.doPost(JetspeedContainerServlet.java:289)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672)
at org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:574)
at org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:499)
at org.apache.jetspeed.container.invoker.ServletPortletInvoker.invoke(ServletPortletInvoker.java:212)
at org.apache.jetspeed.container.invoker.ServletPortletInvoker.action(ServletPortletInvoker.java:133)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:284)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:163)
at $Proxy8.action(Unknown Source)
at org.apache.pluto.PortletContainerImpl.processPortletAction(PortletContainerImpl.java:150)
at org.apache.jetspeed.container.JetspeedPortletContainerWrapper.processPortletAction(JetspeedPortletContainerWrapper.java:100)
at org.apache.jetspeed.pipeline.valve.impl.ActionValveImpl.invoke(ActionValveImpl.java:75)
at org.apache.jetspeed.pipeline.JetspeedPipeline.invokeNext(JetspeedPipeline.java:203)
at org.apache.jetspeed.container.ContainerValve.invoke(ContainerValve.java:76)
at org.apache.jetspeed.pipeline.JetspeedPipeline.invokeNext(JetspeedPipeline.java:203)
at org.apache.jetspeed.profiler.impl.ProfilerValveImpl.invoke(ProfilerValveImpl.java:134)
at org.apache.jetspeed.pipeline.JetspeedPipeline.invokeNext(JetspeedPipeline.java:203)
at org.apache.jetspeed.security.impl.LoginValidationValveImpl.invoke(LoginValidationValveImpl.java:109)
at org.apache.jetspeed.pipeline.JetspeedPipeline.invokeNext(JetspeedPipeline.java:203)
at org.apache.jetspeed.security.impl.PasswordCredentialValveImpl.invoke(PasswordCredentialValveImpl.java:131)
at org.apache.jetspeed.pipeline.JetspeedPipeline.invokeNext(JetspeedPipeline.java:203)
at org.apache.jetspeed.security.impl.AbstractSecurityValve$1.run(AbstractSecurityValve.java:117)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.Subject.doAsPrivileged(Unknown Source)
at org.apache.jetspeed.security.impl.AbstractSecurityValve.invoke(AbstractSecurityValve.java:111)
at org.apache.jetspeed.pipeline.JetspeedPipeline.invokeNext(JetspeedPipeline.java:203)
at org.apache.jetspeed.container.url.impl.PortalURLValveImpl.invoke(PortalURLValveImpl.java:55)
at org.apache.jetspeed.pipeline.JetspeedPipeline.invokeNext(JetspeedPipeline.java:203)
at org.apache.jetspeed.capabilities.impl.CapabilityValveImpl.invoke(CapabilityValveImpl.java:127)
at org.apache.jetspeed.pipeline.JetspeedPipeline.invokeNext(JetspeedPipeline.java:203)
at org.apache.jetspeed.localization.impl.LocalizationValveImpl.invoke(LocalizationValveImpl.java:124)
at org.apache.jetspeed.pipeline.JetspeedPipeline.invokeNext(JetspeedPipeline.java:203)
at org.apache.jetspeed.pipeline.JetspeedPipeline.invoke(JetspeedPipeline.java:185)
at org.apache.jetspeed.engine.AbstractEngine.service(AbstractEngine.java:264)
at org.apache.jetspeed.engine.JetspeedServlet.doGet(JetspeedServlet.java:225)
at org.apache.jetspeed.engine.JetspeedServlet.doPost(JetspeedServlet.java:252)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:407)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:744)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Unknown Source)
Caused by: javax.naming.InvalidNameException: uid=TestUserdc=guessant,dc=org: [LDAP: error code 34 - invalid DN]; remaining name 'uid=TestUserdc=guessant,dc=org'
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.c_createSubcontext(Unknown Source)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_createSubcontext(Unknown Source)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(Unknown Source)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(Unknown Source)
at javax.naming.directory.InitialDirContext.createSubcontext(Unknown Source)
at org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDaoImpl.create(LdapPrincipalDaoImpl.java:110)
What happens on LDAP:
LDAP seems to get a totally wrong DN, where the base DN "dc=guessant,dc=org" occurs twice.
do_add: invalid dn (uid=TestUserdc=guessant,dc=org,dc=guessant,dc=org)
send_ldap_result: conn=0 op=42 p=3
send_ldap_response: msgid=43 tag=105 err=34
ber_flush: 24 bytes to sd 1220
connection_get(1220): got connid=0
connection_read(1220): checking for input on id=0
ber_get_next
ber_get_next: tag 0x30 len 239 contents:
do_add
ber_get_next
ber_get_next on fd 1220 failed errno=10035 (WSAEWOULDBLOCK)
ber_scanf fmt ({m) ber:
>>> dnPrettyNormal: <uid=TestUserdc=guessant,dc=org,dc=guessant,dc=org>
=> ldap_bv2dn(uid=TestUserdc=guessant,dc=org,dc=guessant,dc=org,0)
ldap_err2string
<= ldap_bv2dn(uid=TestUserdc=guessant,dc=org,dc=guessant,dc=org)=-4 Decoding err
or
do_add: invalid dn (uid=TestUserdc=guessant,dc=org,dc=guessant,dc=org)
send_ldap_result: conn=0 op=43 p=3
send_ldap_response: msgid=44 tag=105 err=34
ber_flush: 24 bytes to sd 1220
Thanks for your interest.
eric
> Implement the LDAP
> ------------------
>
> Key: JS2-188
> URL: http://issues.apache.org/jira/browse/JS2-188
> Project: Jetspeed 2
> Type: Improvement
> Components: Security
> Reporter: J, Edgar Zavala
> Attachments: assembly.zip, jetspeed-2-ldap-authentication.tar.gz
>
> Implement the LDAP integration using the SPI, provide the LDAP authenitcation option.
> TODO:
> 1.- Complete the current implementation and complete the David work in:
> a) org.apache.jetspeed.security.spi.impl.LdapCredentialHandler
> b) org.apache.jetspeed.security.spi.impl.LdapUserSecurityHandler
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org