You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@continuum.apache.org by "Madsen,Bryan" <BM...@CERNER.COM> on 2007/10/01 15:43:13 UTC
RE: 1.1-beta-3 LDAP
We do not allow guest accounts on our LDAP server. If I remove the 'redback.default.guest' configuration I see this exception below. Is there a way to bypass that?
I would like all users with an LDAP sign-on to be considered a registered user once signed in and then administer their access rights at that point.
69711 [SocketListener0-1] ERROR com.opensymphony.webwork.dispatcher.DispatcherUtils - Could not find action
Caught Exception while registering Interceptor class redbackEnvironmentCheckInterceptor - Class: org.codehaus.plexus.redback.xwork.checks.security.GuestUserEnvironmentCheck
File: GuestUserEnvironmentCheck.java
Method: validateEnvironment
Line: 100 - org/codehaus/plexus/redback/xwork/checks/security/GuestUserEnvironmentCheck.java:100:-1
at org.codehaus.plexus.xwork.PlexusObjectFactory.buildInterceptor(PlexusObjectFactory.java:152)
at com.opensymphony.xwork.config.providers.InterceptorBuilder.constructInterceptorReference(InterceptorBuilder.java:56)
at com.opensymphony.xwork.config.providers.XmlConfigurationProvider.lookupInterceptorReference(XmlConfigurationProvider.java:701)
at com.opensymphony.xwork.config.providers.XmlConfigurationProvider.loadInterceptorStack(XmlConfigurationProvider.java:568)
at com.opensymphony.xwork.config.providers.XmlConfigurationProvider.loadInterceptorStacks(XmlConfigurationProvider.java:581)
at com.opensymphony.xwork.config.providers.XmlConfigurationProvider.loadInterceptors(XmlConfigurationProvider.java:602)
at com.opensymphony.xwork.config.providers.XmlConfigurationProvider.addPackage(XmlConfigurationProvider.java:204)
at com.opensymphony.xwork.config.providers.XmlConfigurationProvider.loadConfigurationFile(XmlConfigurationProvider.java:675)
at com.opensymphony.xwork.config.providers.XmlConfigurationProvider.loadConfigurationFile(XmlConfigurationProvider.java:678)
at com.opensymphony.xwork.config.providers.XmlConfigurationProvider.init(XmlConfigurationProvider.java:91)
at com.opensymphony.xwork.config.impl.DefaultConfiguration.reload(DefaultConfiguration.java:86)
at com.opensymphony.xwork.config.ConfigurationManager.getConfiguration(ConfigurationManager.java:55)
at com.opensymphony.xwork.DefaultActionProxy.<init>(DefaultActionProxy.java:60)
at com.opensymphony.xwork.DefaultActionProxyFactory.createActionProxy(DefaultActionProxyFactory.java:46)
at com.opensymphony.webwork.dispatcher.DispatcherUtils.serviceAction(DispatcherUtils.java:264)
at com.opensymphony.webwork.dispatcher.FilterDispatcher.doFilter(FilterDispatcher.java:202)
at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821)
at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:118)
at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:52)
at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821)
at com.opensymphony.webwork.dispatcher.ActionContextCleanUp.doFilter(ActionContextCleanUp.java:88)
at org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(WebApplicationHandler.java:821)
at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(WebApplicationHandler.java:471)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:568)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1530)
at org.mortbay.jetty.servlet.WebApplicationContext.handle(WebApplicationContext.java:633)
at org.mortbay.http.HttpContext.handle(HttpContext.java:1482)
at org.mortbay.http.HttpServer.service(HttpServer.java:909)
at org.mortbay.http.HttpConnection.service(HttpConnection.java:816)
at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java:982)
at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
at org.mortbay.http.SocketListener.handleConnection(SocketListener.java:244)
at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
Caused by: java.lang.NullPointerException
at org.codehaus.plexus.redback.xwork.checks.security.GuestUserEnvironmentCheck.validateEnvironment(GuestUserEnvironmentCheck.java:100)
at org.codehaus.plexus.redback.xwork.interceptor.EnvironmentCheckInterceptor.init(EnvironmentCheckInterceptor.java:77)
at org.codehaus.plexus.xwork.PlexusObjectFactory.buildInterceptor(PlexusObjectFactory.java:119)
... 33 more
-----Original Message-----
From: Emmanuel Venisse [mailto:emmanuel@venisse.net]
Sent: Saturday, September 29, 2007 3:54 AM
To: continuum-users@maven.apache.org
Subject: Re: 1.1-beta-3 LDAP
Madsen,Bryan a écrit :
> I trudged through configuring LDAP and am now able to log on with my
> sign on and password. I think I still have some configuration related
> issues that need to be addressed.
>
> When I access the server and am not logged in I have full admin rights.
> This applies to anyone.
>
> When I log in it seems I am the administrator since I logged in the
> first time. Another person I work with logged in and has the ability to
> see nothing. Right now the moral of the story is don't login and you can
> do anything.
>
> When I go to the Users screen no users are displayed and the only thing
> I can do is look at the User List and Roles Matrix report. How do I
> configure access control for users signed in through LDAP?
>
> In the security.properties file I added the following config:
>
> # LDAP setup
> user.manager.impl=ldap
> ldap.bind.authenticator.enabled=true
> redback.default.admin=myusername
> redback.default.guest=myusername
> security.policy.password.expiration.enabled=false
>
> What is the purpose of redback.default.admin and redback.default.guest?
Jesse know well but I think if guest = admin = myusername so guest is an admin
> If I omitted those configs the server crashes on startup. I used my
> personnel username for admin and guest since I don't see the purpose of
> these configurations and that seemed to work.
>
> In my situation I would like to have any user login with LDAP and
> default to guest access and then configure specific users for more
> advanced rights. Is this supposed to be handled through the Users screen
> or some other location?
>
> Any help would be appreciated.
>
> Bryan
>
>
> ----------------------------------------------------------------------
> CONFIDENTIALITY NOTICE This message and any included attachments are from Cerner Corporation and are intended only for the addressee. The information contained in this message is confidential and may constitute inside or non-public information under international, federal, or state securities laws. Unauthorized forwarding, printing, copying, distribution, or use of such information is strictly prohibited and may be unlawful. If you are not the addressee, please promptly delete this message and notify the sender of the delivery error by e-mail or you may call Cerner's corporate offices in Kansas City, Missouri, U.S.A at (+1) (816)221-1024.
Re: 1.1-beta-3 LDAP
Posted by Jesse McConnell <je...@gmail.com>.
redback requires a guest to exist for authorization purposes..
however the guest doesn't need to have any roles assigned to it.
I would recommend just pointing the guest as some utility user in ldap and
not give it any additional privileges..
we are looking at removing this guest user requirement in later version of
redback, but that will be a while.
jesse
On 10/1/07, Madsen,Bryan <BM...@cerner.com> wrote:
>
> We do not allow guest accounts on our LDAP server. If I remove the '
> redback.default.guest' configuration I see this exception below. Is there
> a way to bypass that?
>
> I would like all users with an LDAP sign-on to be considered a registered
> user once signed in and then administer their access rights at that point.
>
> 69711 [SocketListener0-1] ERROR
> com.opensymphony.webwork.dispatcher.DispatcherUtils - Could not find
> action
> Caught Exception while registering Interceptor class
> redbackEnvironmentCheckInterceptor - Class:
> org.codehaus.plexus.redback.xwork.checks.security.GuestUserEnvironmentCheck
> File: GuestUserEnvironmentCheck.java
> Method: validateEnvironment
> Line: 100 -
> org/codehaus/plexus/redback/xwork/checks/security/GuestUserEnvironmentCheck.java:100:-1
> at org.codehaus.plexus.xwork.PlexusObjectFactory.buildInterceptor(
> PlexusObjectFactory.java:152)
> at
> com.opensymphony.xwork.config.providers.InterceptorBuilder.constructInterceptorReference
> (InterceptorBuilder.java:56)
> at
> com.opensymphony.xwork.config.providers.XmlConfigurationProvider.lookupInterceptorReference
> (XmlConfigurationProvider.java:701)
> at
> com.opensymphony.xwork.config.providers.XmlConfigurationProvider.loadInterceptorStack
> (XmlConfigurationProvider.java:568)
> at
> com.opensymphony.xwork.config.providers.XmlConfigurationProvider.loadInterceptorStacks
> (XmlConfigurationProvider.java:581)
> at
> com.opensymphony.xwork.config.providers.XmlConfigurationProvider.loadInterceptors
> (XmlConfigurationProvider.java:602)
> at
> com.opensymphony.xwork.config.providers.XmlConfigurationProvider.addPackage
> (XmlConfigurationProvider.java:204)
> at
> com.opensymphony.xwork.config.providers.XmlConfigurationProvider.loadConfigurationFile
> (XmlConfigurationProvider.java:675)
> at
> com.opensymphony.xwork.config.providers.XmlConfigurationProvider.loadConfigurationFile
> (XmlConfigurationProvider.java:678)
> at
> com.opensymphony.xwork.config.providers.XmlConfigurationProvider.init(
> XmlConfigurationProvider.java:91)
> at com.opensymphony.xwork.config.impl.DefaultConfiguration.reload(
> DefaultConfiguration.java:86)
> at
> com.opensymphony.xwork.config.ConfigurationManager.getConfiguration(
> ConfigurationManager.java:55)
> at com.opensymphony.xwork.DefaultActionProxy.<init>(
> DefaultActionProxy.java:60)
> at
> com.opensymphony.xwork.DefaultActionProxyFactory.createActionProxy(
> DefaultActionProxyFactory.java:46)
> at
> com.opensymphony.webwork.dispatcher.DispatcherUtils.serviceAction(
> DispatcherUtils.java:264)
> at com.opensymphony.webwork.dispatcher.FilterDispatcher.doFilter(
> FilterDispatcher.java:202)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(
> WebApplicationHandler.java:821)
> at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(
> PageFilter.java:118)
> at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(
> PageFilter.java:52)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(
> WebApplicationHandler.java:821)
> at
> com.opensymphony.webwork.dispatcher.ActionContextCleanUp.doFilter(
> ActionContextCleanUp.java:88)
> at
> org.mortbay.jetty.servlet.WebApplicationHandler$CachedChain.doFilter(
> WebApplicationHandler.java:821)
> at org.mortbay.jetty.servlet.WebApplicationHandler.dispatch(
> WebApplicationHandler.java:471)
> at org.mortbay.jetty.servlet.ServletHandler.handle(
> ServletHandler.java:568)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1530)
> at org.mortbay.jetty.servlet.WebApplicationContext.handle(
> WebApplicationContext.java:633)
> at org.mortbay.http.HttpContext.handle(HttpContext.java:1482)
> at org.mortbay.http.HttpServer.service(HttpServer.java:909)
> at org.mortbay.http.HttpConnection.service(HttpConnection.java
> :816)
> at org.mortbay.http.HttpConnection.handleNext(HttpConnection.java
> :982)
> at org.mortbay.http.HttpConnection.handle(HttpConnection.java:833)
> at org.mortbay.http.SocketListener.handleConnection(
> SocketListener.java:244)
> at org.mortbay.util.ThreadedServer.handle(ThreadedServer.java:357)
> at org.mortbay.util.ThreadPool$PoolThread.run(ThreadPool.java:534)
> Caused by: java.lang.NullPointerException
> at
> org.codehaus.plexus.redback.xwork.checks.security.GuestUserEnvironmentCheck.validateEnvironment
> (GuestUserEnvironmentCheck.java:100)
> at
> org.codehaus.plexus.redback.xwork.interceptor.EnvironmentCheckInterceptor.init
> (EnvironmentCheckInterceptor.java:77)
> at org.codehaus.plexus.xwork.PlexusObjectFactory.buildInterceptor(
> PlexusObjectFactory.java:119)
> ... 33 more
>
> -----Original Message-----
> From: Emmanuel Venisse [mailto:emmanuel@venisse.net]
> Sent: Saturday, September 29, 2007 3:54 AM
> To: continuum-users@maven.apache.org
> Subject: Re: 1.1-beta-3 LDAP
>
>
>
> Madsen,Bryan a écrit :
> > I trudged through configuring LDAP and am now able to log on with my
> > sign on and password. I think I still have some configuration related
> > issues that need to be addressed.
> >
> > When I access the server and am not logged in I have full admin rights.
> > This applies to anyone.
> >
> > When I log in it seems I am the administrator since I logged in the
> > first time. Another person I work with logged in and has the ability to
> > see nothing. Right now the moral of the story is don't login and you can
> > do anything.
> >
> > When I go to the Users screen no users are displayed and the only thing
> > I can do is look at the User List and Roles Matrix report. How do I
> > configure access control for users signed in through LDAP?
> >
> > In the security.properties file I added the following config:
> >
> > # LDAP setup
> > user.manager.impl=ldap
> > ldap.bind.authenticator.enabled=true
> > redback.default.admin=myusername
> > redback.default.guest=myusername
> > security.policy.password.expiration.enabled=false
> >
> > What is the purpose of redback.default.admin and redback.default.guest?
>
> Jesse know well but I think if guest = admin = myusername so guest is an
> admin
>
> > If I omitted those configs the server crashes on startup. I used my
> > personnel username for admin and guest since I don't see the purpose of
> > these configurations and that seemed to work.
> >
> > In my situation I would like to have any user login with LDAP and
> > default to guest access and then configure specific users for more
> > advanced rights. Is this supposed to be handled through the Users screen
> > or some other location?
> >
> > Any help would be appreciated.
> >
> > Bryan
> >
> >
> > ----------------------------------------------------------------------
> > CONFIDENTIALITY NOTICE This message and any included attachments are
> from Cerner Corporation and are intended only for the addressee. The
> information contained in this message is confidential and may constitute
> inside or non-public information under international, federal, or state
> securities laws. Unauthorized forwarding, printing, copying, distribution,
> or use of such information is strictly prohibited and may be unlawful. If
> you are not the addressee, please promptly delete this message and notify
> the sender of the delivery error by e-mail or you may call Cerner's
> corporate offices in Kansas City, Missouri, U.S.A at (+1) (816)221-1024.
>
>
--
jesse mcconnell
jesse.mcconnell@gmail.com