Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Lookup LDAP by uid instead of email? #283

Open
rampatra opened this issue Dec 8, 2016 · 4 comments
Open

Lookup LDAP by uid instead of email? #283

rampatra opened this issue Dec 8, 2016 · 4 comments

Comments

@rampatra
Copy link
Contributor

rampatra commented Dec 8, 2016
edited

Can anyone help me with the ldap configs required in mamute.properties if I want my users to login via their user ids instead of emails?

I have configured this way:

# Use database for authentication
feature.auth.db=false

# LDAP configuration
feature.auth.ldap=true
ldap.host=ldap1.nexagea.aola.net
ldap.port=389
ldap.user=roomptra
ldap.pass=sdfdsf7Mm
ldap.emailAttr=mail
ldap.nameAttr=givenName
ldap.surnameAttr=sn
ldap.userDn=OU=People,DC=nexage,DC=com
ldap.moderatorGroup=CN=Moderators,OU=Groups,DC=nexage,DC=com
ldap.lookupAllAttr=false
#ldap.userObjectClass=inetOrgPerson
ldap.lookupAttr=uid
ldap.useSSL=false
ldap.useTLS=false

and when I try to login with my user id I get this message:

There was an error using the configured authentication mechanism (ldap). Please check the logs for more information.

The logs give me this:

12:00:16 DEBUG [LDAPApi             ] LDAP connection error
org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: ERR_04202 A value is missing on some RDN
	at org.apache.directory.api.ldap.model.name.Dn.<init>(Dn.java:279)
	at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:112)
	at org.mamute.auth.LDAPApi$LDAPResource.connection(LDAPApi.java:315)
	at org.mamute.auth.LDAPApi$LDAPResource.<init>(LDAPApi.java:296)
	at org.mamute.auth.LDAPApi$LDAPResource.<init>(LDAPApi.java:292)
	at org.mamute.auth.LDAPApi.authenticate(LDAPApi.java:142)
	at org.mamute.auth.LDAPAuthenticator.authenticate(LDAPAuthenticator.java:15)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:497)
	at org.jboss.weld.bean.proxy.AbstractBeanInstance.invoke(AbstractBeanInstance.java:38)
	at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:100)
	at org.jboss.weld.proxies.Authenticator$1717672998$Proxy$_$$_WeldClientProxy.authenticate(Unknown Source)
	at org.mamute.controllers.AuthController.login(AuthController.java:56)
	at org.mamute.controllers.AuthController$Proxy$_$$_WeldClientProxy.login(Unknown Source)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:497)
	at net.vidageek.mirror.provider.java.PureJavaMethodReflectionProvider.invoke(PureJavaMethodReflectionProvider.java:38)
	at net.vidageek.mirror.invoke.MethodHandlerByMethod.withArgs(MethodHandlerByMethod.java:54)
	at br.com.caelum.vraptor.observer.ExecuteMethod.execute(ExecuteMethod.java:87)
	at br.com.caelum.vraptor.actioncache.events.CachedExecuteMethod.access$001(CachedExecuteMethod.java:24)
	at br.com.caelum.vraptor.actioncache.events.CachedExecuteMethod$1.run(CachedExecuteMethod.java:44)
	at br.com.caelum.vraptor.actioncache.events.ExecuteIfNoCache.execute(ExecuteIfNoCache.java:32)
	at br.com.caelum.vraptor.actioncache.events.CachedExecuteMethod.execute(CachedExecuteMethod.java:41)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:497)
	at org.jboss.weld.injection.MethodInjectionPoint.invokeOnInstanceWithSpecialValue(MethodInjectionPoint.java:90)
	at org.jboss.weld.event.ObserverMethodImpl.sendEvent(ObserverMethodImpl.java:271)
	at org.jboss.weld.event.ObserverMethodImpl.sendEvent(ObserverMethodImpl.java:258)
	at org.jboss.weld.event.ObserverMethodImpl.notify(ObserverMethodImpl.java:237)
	at org.jboss.weld.event.ObserverNotifier.notifyObserver(ObserverNotifier.java:174)
	at org.jboss.weld.event.ObserverNotifier.notifyObserver(ObserverNotifier.java:170)
	at org.jboss.weld.event.ObserverNotifier.notifyObservers(ObserverNotifier.java:124)
	at org.jboss.weld.event.EventImpl.fire(EventImpl.java:84)
	at br.com.caelum.vraptor.core.DefaultInterceptorStack.next(DefaultInterceptorStack.java:78)
	at org.mamute.providers.GlobalInterceptor.intercept(GlobalInterceptor.java:28)
	at org.mamute.providers.GlobalInterceptor$Proxy$_$$_WeldClientProxy.intercept(Unknown Source)
	at br.com.caelum.vraptor.core.ToInstantiateInterceptorHandler.execute(ToInstantiateInterceptorHandler.java:58)
	at br.com.caelum.vraptor.core.DefaultInterceptorStack.next(DefaultInterceptorStack.java:83)
	at org.mamute.interceptors.InternalErrorInterceptor.intercept(InternalErrorInterceptor.java:37)
	at org.mamute.interceptors.InternalErrorInterceptor$Proxy$_$$_WeldClientProxy.intercept(Unknown Source)
	at br.com.caelum.vraptor.core.ToInstantiateInterceptorHandler.execute(ToInstantiateInterceptorHandler.java:58)
	at br.com.caelum.vraptor.core.DefaultInterceptorStack.next(DefaultInterceptorStack.java:83)
	at org.mamute.interceptors.RulesInterceptor.intercept(RulesInterceptor.java:49)
	at org.mamute.interceptors.RulesInterceptor$Proxy$_$$_WeldClientProxy.intercept(Unknown Source)
	at br.com.caelum.vraptor.core.ToInstantiateInterceptorHandler.execute(ToInstantiateInterceptorHandler.java:58)
	at br.com.caelum.vraptor.core.DefaultInterceptorStack.next(DefaultInterceptorStack.java:83)
	at br.com.caelum.vraptor.core.ToInstantiateInterceptorHandler.execute(ToInstantiateInterceptorHandler.java:60)
	at br.com.caelum.vraptor.core.DefaultInterceptorStack.next(DefaultInterceptorStack.java:83)

Any ideas?

NOTE: I am running mamute in dev mode.
@jpylypiw
Copy link

jpylypiw commented Jun 6, 2017
edited

Hi @ramswaroop

I am using mamute with ldap connection. It was not trivial to implement, but here I share the configuration.

# --------------------------------------------
# ----------- LDAP Configuration -------------
# --------------------------------------------
feature.auth.ldap=true
feature.auth.db=false
ldap.host=domaincontroller.my.domain
ldap.port=636
ldap.user=CN=nonadmin,CN=Users,DC=my,DC=domain
ldap.pass=xxxxxx
ldap.emailAttr=mail
ldap.nameAttr=givenName
ldap.surnameAttr=sn
ldap.groupAttr=memberOf
ldap.userDn=CN=Users,DC=my,DC=domain
ldap.moderatorGroup=CN=Mamute Moderator,CN=Users,DC=my,DC=domain
ldap.lookupAttr=mail
ldap.lookupAllAttr=true
ldap.useSSL=true

I think you can change

ldap.lookupAttr=mail

to

ldap.lookupAttr=sAMAccountName

This should make login by username possible in your case.

@rampatra
Copy link
Contributor Author

rampatra commented Jun 6, 2017

Thanks for the help, let me try this and get back to you.

@rampatra
Copy link
Contributor Author

rampatra commented Jun 7, 2017
edited

Unfortunately, I am facing the same issue. My latest mamute.properties file is like:

# Use database for authentication
feature.auth.db=false

# LDAP configuration
feature.auth.ldap=true
ldap.host=ldap1.xxx.xxx.net
ldap.port=389
ldap.user=Directory Manager
ldap.pass=xxxxx
ldap.emailAttr=mail
ldap.nameAttr=givenName
ldap.surnameAttr=sn
ldap.userDn=OU=People,DC=nexage,DC=com
ldap.moderatorGroup=CN=Moderators,OU=Group,DC=nexage,DC=com
ldap.lookupAllAttr=true
ldap.userObjectClass=inetOrgPerson
ldap.lookupAttr=sAMAccountName
ldap.useSSL=false
ldap.useTLS=false

# enable user signup
feature.signup=false

NOTE: I am running mamute in dev mode. So shall I put the above configs in development.properties in order to take effect?

@rampatra
Copy link
Contributor Author

@leocwolter @csokol @artdiniz @FernandaBernardo any tips you guys have? Will the ldap work if I am running in dev mode?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rampatra @jpylypiw