Using LDAP with Nuxeo
How many files does I have to create in order to allow users to connect to Nuxeo with LDAP login/pwd ?
I follow the documentation here http://doc.nuxeo.com/display/ADMINDOC/Using+a+LDAP+directory .
I am using the Ubuntu VM Nuxeo/tomcat 5.5.
So I created a file called default-ldap-users-directory-config.xml in /var/lib/nuxeo/server/nxserver/config with my LDAP information and reboot the server.
During the server startup, there is no error nor success message in the server.log saying that the mapping LDAP is OK or that the XML as been found or anything (…).
And when I try to login I got the following error :
2012-07-20 14:08:05,895 INFO [org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter] Login failed for yohann
2012-07-20 14:46:21,308 ERROR [org.nuxeo.ecm.directory.ldap.LDAPDirectory] javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1ateIdentity(NuxeoLoginModule.java:299)
at org.nuxeo.ecm.platform.login.NuxeoLoginModule.validateUserIdentity(NuxeoLoginModule.java:359)
at org.nuxeo.ecm.platform.login.NuxeoLoginModule.getPrincipal(NuxeoLoginModule.java:209)
at org.nuxeo.ecm.platform.login.NuxeoLoginModule.login(NuxeoLoginModule.java:262)
at org.nuxeo.runtime.api.LoginModuleWrapper.login(LoginModuleWrapper.java:77)
at sun.reflect.GeneratedMethodAccessor100.invoke(Unknown Source)
...
Caused by: org.nuxeo.ecm.core.api.WrappedException: Exception: javax.naming.AuthenticationException. message: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1rnCode(LdapCtx.java:2780)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2694)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:306)
...
I do not know where is the problem, if nuxeo succesfully access the LDAP but didn't find my name OR if nuxeo failed to connect to the LDAP …
I spend the entire day trying different settings in the xml i created, searching through the few documentation available (apparently for nuxeo/jboss, it needs more than one xml (http://community.nuxeo.com/5.3/books/nuxeo-book/html/admin-ldap-configuration.html) maybe it is the same on tomcat for the 5.5 ? ).
Thank you for your help.
 |
Yohann2012
Member (30) 2 1 1 |
07/20/2012 ( History) |
Look at the Debug information chapter on the page you linked: activating the DEBUG logs will allow you to follow in details what is done and which step fails (connection, name search, …).
 |
Julien Carsique
DevTools Team manager (19.2K) 4 7 7 |
09/10/2012 ( History) |
Hello, I'm not an expert Nuxeo but I try help you because I had the same problem some days ago. I want connection with LDAP and Nuxeo base.
Here the files I create in nuxeo/templates/common/config :
- default-sql-directories-bundle.xml : define your sqlUserDirectory and your sqlGroupDirectory
- default-ldap-users-directory-bundle.xml : define your ldapUserDirectory
- default-ldap-groups-directory-bundle.xml : define your ldapGroupDirectory
- default-multi-users-directory-bundle.xml : define your userDirectory and groupDirectory with sqlUserDirectory+ldapUserDirectory and sqlGroupDirectory+ldapGroupDirectory
I try to create virtual group but it doesn't work. So if someone has a solution …
Last question : what is the difference Group and Virtual Group ? Thanks for help !
ps: sorry for my bad english …
