Ldap Autentication - Bind succeeded, authentication ok but Login failed for... Nuxeo-dm 5.4.2
I have been trying to get OpenLdap Authentication set up in Nuxeo DM 5.4.2 in debian 6 but dosen't work….
The Bind to Ldap is succeeded but the Nuxeo login is Failed…
I using “Users in LDAP, groups in SQL” configuration (http://community.nuxeo.com/5.3/books/nuxeo-book/html/admin-ldap-configuration.html)
–> default-ldap-users-directory-bundle.xml
<extension target=“org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory”
point="servers">
<server name="default">
<ldapUrl>ldap://xxxxxxxxxxxx:389</ldapUrl>
<bindDn>uid=zimbra,cn=admins,cn=zimbra</bindDn>
<bindPassword>xxxxxxxx</bindPassword>
<directory name="userDirectory">
<server>default</server>
<schema>user</schema>
<idField>uid</idField>
<passwordField>password</passwordField>
<searchBaseDn>ou=people,dc=allware,dc=cl</searchBaseDn>
<searchClass>person</searchClass>
<searchScope>onelevel</searchScope>
<substringMatchType>subany</substringMatchType>
<readOnly>false</readOnly>
<cacheTimeout>3600</cacheTimeout>
<cacheMaxSize>1000</cacheMaxSize>
<missingIdFieldCase>lower</missingIdFieldCase>
<querySizeLimit>200</querySizeLimit>
<queryTimeLimit>0</queryTimeLimit>
<creationBaseDn>ou=people,dc=allware,dc=cl</creationBaseDn>
<creationClass>person</creationClass>
<rdnAttribute>uid</rdnAttribute>
<fieldMapping name="username">uid</fieldMapping>
<fieldMapping name="password">userPassword</fieldMapping>
<fieldMapping name="firstName">givenName</fieldMapping>
<fieldMapping name="lastName">sn</fieldMapping>
<fieldMapping name="company">o</fieldMapping>
<fieldMapping name="email">mail</fieldMapping>
<references>
<inverseReference field="groups" directory="groupDirectory" dualReferenceField="members" />
</references>
</directory>
The Server.log :::
2011-11-14 13:57:48,299 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Entering Nuxeo Authentication Filter
2011-11-14 13:57:48,302 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Principal not found inside Request via getUserPrincipal
2011-11-14 13:57:48,302 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Try getting authentication from cache
2011-11-14 13:57:48,302 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Trying to retrieve userIndetification using plugin BASIC_AUTH
2011-11-14 13:57:48,302 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Trying to retrieve userIndetification using plugin FORM_AUTH
2011-11-14 13:57:48,303 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.plugins.FormAuthenticator] Looking for user/password in the request
2011-11-14 13:57:48,303 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] User/Password found as parameter of the request
2011-11-14 13:57:48,304 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] LDAPSession.getLdapEntry(Administrator, false): LDAP search base='ou=people,dc=allware,dc=cl' filter='(&(uid={0})(&(objectClass=person)(uid=*)))' args='Administrator' scope='1' [LDAPSession '-6700401796419944398' for directory userDirectory]
2011-11-14 13:57:48,308 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] LDAPSession.getLdapEntry(Administrator, false): LDAP search base='ou=people,dc=allware,dc=cl' filter='(&(uid={0})(&(objectClass=person)(uid=)))' args='Administrator' scope='1' => found: uid=administrator,ou=people,dc=allware,dc=cl [LDAPSession '-6700401796419944398' for directory userDirectory] 2011-11-14 13:57:48,308 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] LDAP bind dn='uid=administrator,ou=people,dc=allware,dc=cl' 2011-11-14 13:57:48,309 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] Bind succeeded, authentication ok*
2011-11-14 13:57:48,310 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] LDAPSession.getLdapEntry(Administrator, false): LDAP search base='ou=people,dc=allware,dc=cl' filter='(&(uid={0})(&(objectClass=person)(uid=*)))' args='Administrator' scope='1' [LDAPSession '-6700401770650140620' for directory userDirectory]
2011-11-14 13:57:48,313 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] LDAPSession.getLdapEntry(Administrator, false): LDAP search base='ou=people,dc=allware,dc=cl' filter='(&(uid={0})(&(objectClass=person)(uid=*)))' args='Administrator' scope='1' => found: uid=administrator,ou=people,dc=allware,dc=cl [LDAPSession '-6700401770650140620' for directory userDirectory]
2011-11-14 13:57:48,316 INFO [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Login failed for Administrator
2011-11-14 13:57:48,328 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.plugins.FormAuthenticator] Forward to Login Screen
Thanks in advance for your helps!!! Jaime-
Replace by and you'll solve the error:
org.nuxeo.ecm.core.api.model.PropertyNotFoundException: Property not found: uid. at org.nuxeo.ecm.platform.usermanager.NuxeoPrincipalImpl.toString(NuxeoPrincipalImpl.java:257)
The idField should reference one of the attributes from the mapping section, as you did for the passwordField (ok, it's easier to see that, now I got the error)
Hello,
Up-to-date documentation is there: Using a LDAP directory.
Especially look at the “Recommended method to define LDAP contributions” (or “Known issues”) part about issue NXP-6574.
http://doc.nuxeo.com/display/NXDOC54/Using+a+LDAP+directory
but I have the same problem (LDAP Bind succeeded, authentication ok but Login failed for …) :
the ldap response is OK, but in NUXEO the login is failed. I performed tests with 2 configuration: only with : Known issues seection and with "Known issues" and "Recommended method to define LDAP contributions"
but in both case the was unsuccessfully
Configuration 1) using the advice of (Known issues) I changed the default SQL userDirectory to LDAP method.
File Configuration : "default-ldap-users-directory-config.xml"
<?xml version="1.0"?>
<component name="org.nuxeo.ecm.directory.ldap.storage.users"> <require>org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory</require> <require>org.nuxeo.ecm.directory.sql.storage</require> <extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory"
point="servers">
<server name="default">
<ldapUrl>ldap://defender.allware.cl:389</ldapUrl>
<bindDn>uid=zimbra,cn=admins,cn=zimbra</bindDn>
<bindPassword>nPHuJkTS</bindPassword>
</server>
</extension>
<extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory" point="directories">
<directory name="userDirectory">
<server>default</server>
<schema>user</schema>
<idField>uid</idField>
<passwordField>password</passwordField>
<searchBaseDn>ou=people,dc=allware,dc=cl</searchBaseDn>
<searchClass>person</searchClass>
<searchScope>onelevel</searchScope>
<substringMatchType>subany</substringMatchType>
<readOnly>false</readOnly>
<cacheTimeout>3600</cacheTimeout>
<cacheMaxSize>1000</cacheMaxSize>
<missingIdFieldCase>lower</missingIdFieldCase>
<querySizeLimit>200</querySizeLimit>
<queryTimeLimit>0</queryTimeLimit>
<creationBaseDn>ou=people,dc=allware,dc=cl</creationBaseDn>
<creationClass>person</creationClass>
<rdnAttribute>uid</rdnAttribute>
<fieldMapping name="username">uid</fieldMapping>
<fieldMapping name="password">userPassword</fieldMapping>
<fieldMapping name="firstName">givenName</fieldMapping>
<fieldMapping name="lastName">sn</fieldMapping>
<fieldMapping name="company">o</fieldMapping>
<fieldMapping name="email">mail</fieldMapping>
<references>
<inverseReference field="groups" directory="groupDirectory" dualReferenceField="members" />
</references>
</directory>
</extension> <extension target="org.nuxeo.ecm.platform.usermanager.UserService" point="userManager">
<userManager>
<defaultAdministratorId>jcampos</defaultAdministratorId>
<defaultGroup>members</defaultGroup>
</userManager>
</extension>
</component>
The group defination in default file "default-sql-directories-bundle.xml" :
<?xml version="1.0"?>
<component name="org.nuxeo.ecm.directory.sql.storage">
<implementation class="org.nuxeo.ecm.directory.sql.SQLDirectoryDescriptor" />
<require>org.nuxeo.ecm.directory.sql.SQLDirectoryFactory</require>
<extension target="org.nuxeo.ecm.directory.sql.SQLDirectoryFactory"
point="directories">
<!–
<directory name="userDirectory">
<schema>user</schema>
<dataSource>jdbc/nxsqldirectory</dataSource>
<table>users</table>
<idField>username</idField>
<passwordField>password</passwordField>
<passwordHashAlgorithm>SSHA</passwordHashAlgorithm>
<autoincrementIdField>false</autoincrementIdField>
<dataFile>users.csv</dataFile>
<createTablePolicy>on_missing_columns</createTablePolicy>
<querySizeLimit>50</querySizeLimit>
<references>
<inverseReference field="groups" directory="groupDirectory"
dualReferenceField="members" />
</references>
</directory>
–>
<directory name="groupDirectory">
<schema>group</schema>
<dataSource>jdbc/nxsqldirectory</dataSource>
<table>groups</table>
<idField>groupname</idField>
<dataFile>groups.csv</dataFile>
<createTablePolicy>on_missing_columns</createTablePolicy>
<autoincrementIdField>false</autoincrementIdField>
<!-- Add 10 min cache to avoid refetching the groups during login -->
<cacheTimeout>360</cacheTimeout>
<cacheMaxSize>1000</cacheMaxSize>
<references>
<tableReference field="members" directory="userDirectory"
table="user2group" sourceColumn="groupId" targetColumn="userId" schema="user2group"
dataFile="user2group.csv" />
<tableReference field="subGroups" directory="groupDirectory"
table="group2group" sourceColumn="parentGroupId"
targetColumn="childGroupId" schema="group2group" />
<inverseReference field="parentGroups" directory="groupDirectory"
dualReferenceField="subGroups" />
</references>
</directory>
</extension> </component>
SERVER LOG:
2011-11-14 16:00:17,734 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Entering Nuxeo Authentication Filter 2011-11-14 16:00:17,735 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Principal not found inside Request via getUserPrincipal 2011-11-14 16:00:17,735 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Try getting authentication from cache 2011-11-14 16:00:17,736 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Trying to retrieve userIndetification using plugin BASIC_AUTH 2011-11-14 16:00:17,737 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Trying to retrieve userIndetification using plugin FORM_AUTH 2011-11-14 16:00:17,737 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.plugins.FormAuthenticator] Looking for user/password in the request 2011-11-14 16:00:17,737 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Trying to retrieve userIndetification using plugin WEBENGINE_FORM_AUTH 2011-11-14 16:00:17,738 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Trying to retrieve userIndetification using plugin ANONYMOUS_AUTH 2011-11-14 16:00:17,738 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Trying to retrieve userIndetification using plugin WEBSERVICES_AUTH 2011-11-14 16:00:17,738 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] user/password not found in request, try into identity cache 2011-11-14 16:00:17,740 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.plugins.FormAuthenticator] Forward to Login Screen 2011-11-14 16:00:24,702 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Entering Nuxeo Authentication Filter 2011-11-14 16:00:24,703 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Principal not found inside Request via getUserPrincipal 2011-11-14 16:00:24,703 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Try getting authentication from cache 2011-11-14 16:00:24,703 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Trying to retrieve userIndetification using plugin BASIC_AUTH 2011-11-14 16:00:24,705 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Trying to retrieve userIndetification using plugin FORM_AUTH 2011-11-14 16:00:24,705 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.plugins.FormAuthenticator] Looking for user/password in the request 2011-11-14 16:00:24,705 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] User/Password found as parameter of the request 2011-11-14 16:00:24,709 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] LDAPSession.getLdapEntry(jcampos, false): LDAP search base='ou=people,dc=allware,dc=cl' filter='(&(uid={0})(&(objectClass=person)(uid=)))' args='jcampos' scope='1' [LDAPSession '-6668806281823780852' for directory userDirectory] 2011-11-14 16:00:24,712 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] LDAPSession.getLdapEntry(jcampos, false): LDAP search base='ou=people,dc=allware,dc=cl' filter='(&(uid={0})(&(objectClass=person)(uid=)))' args='jcampos' scope='1' => found: uid=jcampos,ou=people,dc=allware,dc=cl [LDAPSession '-6668806281823780852' for directory userDirectory] 2011-11-14 16:00:24,712 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] LDAP bind dn='uid=jcampos,ou=people,dc=allware,dc=cl' 2011-11-14 16:00:24,719 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] Bind succeeded, authentication ok 2011-11-14 16:00:24,724 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] setting up table 'digestauth', policy='on_missing_columns' 2011-11-14 16:00:24,724 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] checking if table digestauth exists: true 2011-11-14 16:00:24,724 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] all fields matched for table 'digestauth' 2011-11-14 16:00:24,724 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] policy='on_missing_columns' and all column matched, skipping sql setup script 2011-11-14 16:00:24,725 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] LDAPSession.getLdapEntry(jcampos, false): LDAP search base='ou=people,dc=allware,dc=cl' filter='(&(uid={0})(&(objectClass=person)(uid=)))' args='jcampos' scope='1' [LDAPSession '-6668806208809336818' for directory userDirectory] 2011-11-14 16:00:24,728 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] LDAPSession.getLdapEntry(jcampos, false): LDAP search base='ou=people,dc=allware,dc=cl' filter='(&(uid={0})(&(objectClass=person)(uid=)))' args='jcampos' scope='1' => found: uid=jcampos,ou=people,dc=allware,dc=cl [LDAPSession '-6668806208809336818' for directory userDirectory] 2011-11-14 16:00:24,732 INFO [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Login failed for jcampos 2011-11-14 16:00:24,736 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.plugins.FormAuthenticator] Forward to Login Screen
Configuration 2) "Recommended method to define LDAP contributions" I defined the new names for User and Group Directory.
Configuration FILE:
<?xml version="1.0"?>
<component name="org.nuxeo.ecm.directory.ldap.storage.users"> <require>org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory</require> <require>org.nuxeo.ecm.directory.sql.storage</require> <extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory"
point="servers">
<server name="default">
<ldapUrl>ldap://defender.allware.cl:389</ldapUrl>
<bindDn>uid=zimbra,cn=admins,cn=zimbra</bindDn>
<bindPassword>nPHuJkTS</bindPassword>
</server>
</extension>
<extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory" point="directories">
<directory name="**userLdapDirectory**">
<server>default</server>
<schema>user</schema>
<idField>uid</idField>
<passwordField>password</passwordField>
<searchBaseDn>ou=people,dc=allware,dc=cl</searchBaseDn>
<searchClass>person</searchClass>
<searchScope>onelevel</searchScope>
<substringMatchType>subany</substringMatchType>
<readOnly>false</readOnly>
<cacheTimeout>3600</cacheTimeout>
<cacheMaxSize>1000</cacheMaxSize>
<missingIdFieldCase>lower</missingIdFieldCase>
<querySizeLimit>200</querySizeLimit>
<queryTimeLimit>0</queryTimeLimit>
<creationBaseDn>ou=people,dc=allware,dc=cl</creationBaseDn>
<creationClass>person</creationClass>
<rdnAttribute>uid</rdnAttribute>
<fieldMapping name="username">uid</fieldMapping>
<fieldMapping name="password">userPassword</fieldMapping>
<fieldMapping name="firstName">givenName</fieldMapping>
<fieldMapping name="lastName">sn</fieldMapping>
<fieldMapping name="company">o</fieldMapping>
<fieldMapping name="email">mail</fieldMapping>
<references>
<inverseReference field="groups" directory="**groupLdapDirectory**" dualReferenceField="members" />
</references>
</directory>
</extension>
<extension target="org.nuxeo.ecm.platform.usermanager.UserService" point="userManager">
<userManager>
<defaultAdministratorId>jcampos</defaultAdministratorId>
<defaultGroup>members</defaultGroup>
</userManager>
</extension>
</component>
The group defination in default file "default-sql-directories-bundle.xml" :
<?xml version="1.0"?>
<component name="org.nuxeo.ecm.directory.sql.storage">
<implementation class="org.nuxeo.ecm.directory.sql.SQLDirectoryDescriptor" />
<require>org.nuxeo.ecm.directory.sql.SQLDirectoryFactory</require>
<extension target="org.nuxeo.ecm.directory.sql.SQLDirectoryFactory"
point="directories">
<directory name="**userDirectory**">
<schema>user</schema>
<dataSource>jdbc/nxsqldirectory</dataSource>
<table>users</table>
<idField>username</idField>
<passwordField>password</passwordField>
<passwordHashAlgorithm>SSHA</passwordHashAlgorithm>
<autoincrementIdField>false</autoincrementIdField>
<dataFile>users.csv</dataFile>
<createTablePolicy>on_missing_columns</createTablePolicy>
<querySizeLimit>50</querySizeLimit>
<references>
<inverseReference field="groups" directory="groupDirectory"
dualReferenceField="members" />
</references>
</directory>
<directory name="**groupLdapDirectory**">
<schema>group</schema>
<dataSource>jdbc/nxsqldirectory</dataSource>
<table>groups</table>
<idField>groupname</idField>
<dataFile>groups.csv</dataFile>
<createTablePolicy>on_missing_columns</createTablePolicy>
<autoincrementIdField>false</autoincrementIdField>
<!-- Add 10 min cache to avoid refetching the groups during login -->
<cacheTimeout>360</cacheTimeout>
<cacheMaxSize>1000</cacheMaxSize>
<references>
<tableReference field="members" directory="userLdapDirectory"
table="user2group" sourceColumn="groupId" targetColumn="userId" schema="user2group"
dataFile="user2group.csv" />
<tableReference field="subGroups" directory="groupLdapDirectory"
table="group2group" sourceColumn="parentGroupId"
targetColumn="childGroupId" schema="group2group" />
<inverseReference field="parentGroups" directory="groupLdapDirectory"
dualReferenceField="subGroups" />
</references>
</directory>
<directory name="groupDirectory">
<schema>group</schema>
<dataSource>jdbc/nxsqldirectory</dataSource>
<table>groups</table>
<idField>groupname</idField>
<dataFile>groups.csv</dataFile>
<createTablePolicy>on_missing_columns</createTablePolicy>
<autoincrementIdField>false</autoincrementIdField>
<!-- Add 10 min cache to avoid refetching the groups during login -->
<cacheTimeout>360</cacheTimeout>
<cacheMaxSize>1000</cacheMaxSize>
<references>
<tableReference field="members" directory="userDirectory"
table="user2group" sourceColumn="groupId" targetColumn="userId" schema="user2group"
dataFile="user2group.csv" />
<!-- Warning ! From Nuxeo 5.3.1, a wrong setting has been fixed. See
http://jira.nuxeo.org/browse/NXP-4401 . Nuxeo upgrades would need a fix in the
database (inverting parentGroupId and childGroupId in the group2group) -->
<tableReference field="subGroups" directory="groupDirectory"
table="group2group" sourceColumn="parentGroupId"
targetColumn="childGroupId" schema="group2group" />
<inverseReference field="parentGroups" directory="groupDirectory"
dualReferenceField="subGroups" />
</references>
</directory>
</extension> </component>
BUT the same error:
2011-11-14 16:20:22,855 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] LDAP bind dn='uid=jcampos,ou=people,dc=allware,dc=cl' 2011-11-14 16:20:22,859 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] Bind succeeded, authentication ok 2011-11-14 16:20:22,863 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] setting up table 'digestauth', policy='on_missing_columns' 2011-11-14 16:20:22,864 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] checking if table digestauth exists: true 2011-11-14 16:20:22,868 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] all fields matched for table 'digestauth' 2011-11-14 16:20:22,868 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] policy='on_missing_columns' and all column matched, skipping sql setup script 2011-11-14 16:20:23,772 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] LDAPSession.getLdapEntry(jcampos, false): LDAP search base='ou=people,dc=allware,dc=cl' filter='(&(uid={0})(&(objectClass=person)(uid=)))' args='jcampos' scope='1' [LDAPSession '-6663656341157969914' for directory userLdapDirectory] 2011-11-14 16:20:23,775 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] LDAPSession.getLdapEntry(jcampos, false): LDAP search base='ou=people,dc=allware,dc=cl' filter='(&(uid={0})(&(objectClass=person)(uid=)))' args='jcampos' scope='1' => found: uid=jcampos,ou=people,dc=allware,dc=cl [LDAPSession '-6663656341157969914' for directory userLdapDirectory] 2011-11-14 16:20:23,777 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] setting up table 'groups', policy='on_missing_columns' 2011-11-14 16:20:23,778 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] checking if table groups exists: true 2011-11-14 16:20:23,781 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] all fields matched for table 'groups' 2011-11-14 16:20:23,781 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] policy='on_missing_columns' and all column matched, skipping sql setup script 2011-11-14 16:20:23,781 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] setting up table 'user2group', policy='on_missing_columns' 2011-11-14 16:20:23,783 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] checking if table user2group exists: true 2011-11-14 16:20:23,785 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] all fields matched for table 'user2group' 2011-11-14 16:20:23,785 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] policy='on_missing_columns' and all column matched, skipping sql setup script 2011-11-14 16:20:23,811 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] setting up table 'group2group', policy='on_missing_columns' 2011-11-14 16:20:23,812 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] checking if table group2group exists: true 2011-11-14 16:20:23,814 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] all fields matched for table 'group2group' 2011-11-14 16:20:23,814 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] policy='on_missing_columns' and all column matched, skipping sql setup script 2011-11-14 16:20:23,816 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] setting up table 'user2group', policy='on_missing_columns' 2011-11-14 16:20:23,817 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] checking if table user2group exists: true 2011-11-14 16:20:23,819 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] all fields matched for table 'user2group' 2011-11-14 16:20:23,820 DEBUG [org.nuxeo.ecm.directory.sql.SQLHelper] policy='on_missing_columns' and all column matched, skipping sql setup script 2011-11-14 16:20:23,828 INFO [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Login failed for jcampos 2011-11-14 16:20:23,833 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.plugins.FormAuthenticator] Forward to Login Screen.
I have tried different combinations and I have achieved the same result.
I hope that you can help me!
thanks ins advance Jaime
Don't forget to remove the previous version of nuxeo-platform-web-common-5.4.2.jar before restarting.
The steps taken were:
1) Drop file : nuxeo-platform-web-common-5.4.2-NXP-7869.jar 2) download file : "https://jira.nuxeo.com/secure/attachment/28209/nuxeo-platform-web-common-5.4.2-NXP-7869.jar" 3) renamed for nuxeo-platform-web-common-5.4.2-NXP-7869.jar and put into path : /opt/nuxeo/nxserver/bundles/nuxeo-platform-web-common-5.4.2.jar 4) Restart the nuxeo service.
correct?
Server log:
2011-11-15 17:17:03,723 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Entering Nuxeo Authentication Filter 2011-11-15 17:17:03,723 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Principal not found inside Request via getUserPrincipal
2011-11-15 17:17:03,723 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Try getting authentication from cache 2011-11-15 17:17:03,723 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Trying to retrieve userIndetification using plugin BASIC_AUTH
2011-11-15 17:17:03,724 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Trying to retrieve userIndetification using plugin FORM_AUTH 2011-11-15 17:17:03,724 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.plugins.FormAuthenticator] Looking for user/password in the request 2011-11-15 17:17:03,724 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] User/Password found as parameter of the request
2011-11-15 17:17:03,724 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] LDAPSession.getLdapEntry(jcampos, false): LDAP search base='ou=people,dc=allware,dc=cl' filter='(&(uid={0})(&(objectClass=person)(uid=)))' args='jcampos' scope='1' [LDAPSession '-6277968484135600108' for directory userLdapDirectory] 2011-11-15 17:17:03,727 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] LDAPSession.getLdapEntry(jcampos, false): LDAP search base='ou=people,dc=allware,dc=cl' filter='(&(uid={0})(&(objectClass=person)(uid=)))' args='jcampos' scope='1' => found: uid=jcampos,ou=people,dc=allware,dc=cl [LDAPSession '-6277968484135600108' for directory userLdapDirectory] 2011-11-15 17:17:03,728 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] LDAP bind dn='uid=jcampos,ou=people,dc=allware,dc=cl' 2011-11-15 17:17:03,728 DEBUG [org.nuxeo.ecm.directory.ldap.LDAPSession] Bind succeeded, authentication ok 2011-11-15 17:17:03,731 INFO [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Login failed for jcampos 2011-11-15 17:17:03,733 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Reason for login failure javax.security.auth.login.LoginException: org.nuxeo.ecm.core.api.ClientRuntimeException: org.nuxeo.ecm.core.api.model.PropertyNotFoundException: Property not found: uid.
at org.nuxeo.ecm.platform.usermanager.NuxeoPrincipalImpl.toString(NuxeoPrincipalImpl.java:257)
at java.lang.String.valueOf(String.java:2838)
at java.lang.StringBuilder.append(StringBuilder.java:132)
at org.nuxeo.ecm.platform.login.NuxeoLoginModule.login(NuxeoLoginModule.java:274)
at org.nuxeo.runtime.api.LoginModuleWrapper.login(LoginModuleWrapper.java:77)
at sun.reflect.GeneratedMethodAccessor85.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:616)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:784)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695)
at javax.security.auth.login.LoginContext.login(LoginContext.java:594)
at org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter.doAuthenticate(NuxeoAuthenticationFilter.java:221)
at org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter.doFilterInternal(NuxeoAuthenticationFilter.java:453)
at org.nuxeo.ecm.platform.ui.web.auth.service.NuxeoAuthFilterChain.doFilter(NuxeoAuthFilterChain.java:35)
at org.nuxeo.ecm.platform.ui.web.auth.oauth.NuxeoOAuthFilter.doFilter(NuxeoOAuthFilter.java:165)
at org.nuxeo.ecm.platform.ui.web.auth.service.NuxeoAuthFilterChain.doFilter(NuxeoAuthFilterChain.java:33)
at org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter.doFilter(NuxeoAuthenticationFilter.java:335)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.nuxeo.platform.login.web.LoginStackCleaner.doFilter(LoginStackCleaner.java:49)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.nuxeo.ecm.platform.web.common.exceptionhandling.NuxeoExceptionFilter.doFilter(NuxeoExceptionFilter.java:80)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.nuxeo.ecm.platform.web.common.encoding.NuxeoEncodingFilter.doFilter(NuxeoEncodingFilter.java:59)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Thread.java:636)
Caused by: org.nuxeo.ecm.core.api.model.PropertyNotFoundException: Property not found: uid.
at org.nuxeo.ecm.core.api.model.impl.ComplexProperty.get(ComplexProperty.java:155)
at org.nuxeo.ecm.core.api.model.impl.AbstractProperty.resolvePath(AbstractProperty.java:435)
at org.nuxeo.ecm.core.api.model.impl.AbstractProperty.resolvePath(AbstractProperty.java:394)
at org.nuxeo.ecm.core.api.model.impl.AbstractProperty.getValue(AbstractProperty.java:356)
at org.nuxeo.ecm.core.api.impl.DataModelImpl.getData(DataModelImpl.java:91)
at org.nuxeo.ecm.platform.usermanager.NuxeoPrincipalImpl.toString(NuxeoPrincipalImpl.java:255)
... 41 more
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:887)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695)
at javax.security.auth.login.LoginContext.login(LoginContext.java:594)
at org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter.doAuthenticate(NuxeoAuthenticationFilter.java:221)
at org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter.doFilterInternal(NuxeoAuthenticationFilter.java:453)
at org.nuxeo.ecm.platform.ui.web.auth.service.NuxeoAuthFilterChain.doFilter(NuxeoAuthFilterChain.java:35)
at org.nuxeo.ecm.platform.ui.web.auth.oauth.NuxeoOAuthFilter.doFilter(NuxeoOAuthFilter.java:165)
at org.nuxeo.ecm.platform.ui.web.auth.service.NuxeoAuthFilterChain.doFilter(NuxeoAuthFilterChain.java:33)
at org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter.doFilter(NuxeoAuthenticationFilter.java:335)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.nuxeo.platform.login.web.LoginStackCleaner.doFilter(LoginStackCleaner.java:49)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.nuxeo.ecm.platform.web.common.exceptionhandling.NuxeoExceptionFilter.doFilter(NuxeoExceptionFilter.java:80)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.nuxeo.ecm.platform.web.common.encoding.NuxeoEncodingFilter.doFilter(NuxeoEncodingFilter.java:59)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Thread.java:636)
2011-11-15 17:17:03,739 DEBUG [org.nuxeo.ecm.platform.ui.web.auth.plugins.FormAuthenticator] Forward to Login Screen
thanks ins advance Jaime
Thanks all, for the help.
the problem is fixed!!
final configuration:
point="servers">
<server name="default">
<ldapUrl>ldap://xxxxxxxxxxxxxx:389</ldapUrl>
<bindDn>uid=zimbra,cn=admins,cn=zimbra</bindDn>
<bindPassword>xxxxxxxxxxxxx</bindPassword>
<directory name="userDirectory">
<server>default</server>
<schema>user</schema>
<idField>username</idField>
<passwordField>password</passwordField>
<searchBaseDn>ou=people,dc=allware,dc=cl</searchBaseDn>
<searchClass>person</searchClass>
<searchScope>onelevel</searchScope>
<substringMatchType>subany</substringMatchType>
<readOnly>false</readOnly>
<cacheTimeout>3600</cacheTimeout>
<cacheMaxSize>1000</cacheMaxSize>
<missingIdFieldCase>lower</missingIdFieldCase>
<querySizeLimit>200</querySizeLimit>
<queryTimeLimit>0</queryTimeLimit>
<creationBaseDn>ou=people,dc=xxxxxxxx,dc=cl</creationBaseDn>
<creationClass>person</creationClass>
<rdnAttribute>uid</rdnAttribute>
<fieldMapping name="username">uid</fieldMapping>
<fieldMapping name="password">userPassword</fieldMapping>
<fieldMapping name="firstName">givenName</fieldMapping>
<fieldMapping name="lastName">sn</fieldMapping>
<fieldMapping name="company">o</fieldMapping>
<fieldMapping name="email">mail</fieldMapping>
<references>
<inverseReference field="groups" directory="groupDirectory" dualReferenceField="members" />
</references>
</directory>
<userManager>
<defaultAdministratorId>jcampos</defaultAdministratorId>
<defaultGroup>members</defaultGroup>
</userManager>
Best Regards Jaime
The documentation tab is for the last Nuxeo release that is your version. But you can find all documentation version here: http://doc.nuxeo.com/x/w4SE
And for your need: http://doc.nuxeo.com/x/64SE.
I'm not sure that will help you :|