We have the following structure for our active directory.
OpenKM.xml
Code: Select all
We are able to fetch role_admin from AD to OpenKM User screen. But while logging after changing OpenKM.xml and restarting tomcat, we are getting the following error:dc=com
dc=isgecnet
ou=All Admins
cn=securityadmin
ou=All Groups
cn=ROLE_ADMIN
cn=openkmad
Code: Select all
2016-12-23 09:46:07,444 [http-bio-0.0.0.0-8080-exec-3] DEBUG org.springframework.security.ldap.authentication.LdapAuthenticationProvider- Processing authentication request for user: openkmad
2016-12-23 09:46:07,447 [http-bio-0.0.0.0-8080-exec-3] DEBUG org.springframework.security.ldap.search.FilterBasedLdapUserSearch- Searching for user 'openkmad', with user search [ searchFilter: '(&(sAMAccountName={0})(memberOf=cn=ROLE_ADMIN,ou=All Groups,dc=isgecnet,dc=com))', searchBase: 'ou=All Groups,dc=isgecnet,dc=com', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]
2016-12-23 09:46:07,618 [http-bio-0.0.0.0-8080-exec-3] DEBUG org.springframework.security.ldap.SpringSecurityLdapTemplate- Searching for entry under DN '', base = 'ou=All Groups,dc=isgecnet,dc=com', filter = '(&(sAMAccountName={0})(memberOf=cn=ROLE_ADMIN,ou=All Groups,dc=isgecnet,dc=com))'
2016-12-23 09:46:07,620 [http-bio-0.0.0.0-8080-exec-3] INFO com.openkm.spring.LoggerListener- Authentication ERROR: openkmad
2016-12-23 09:46:07,620 [http-bio-0.0.0.0-8080-exec-3] DEBUG org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter- Authentication request failed: org.springframework.security.authentication.BadCredentialsException: Bad credentials
OpenKM.xml
Code: Select all
Please help. Thanks for your support.<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:security="http://www.springframework.org/schema/security"
xmlns:task="http://www.springframework.org/schema/task"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security
http://www.springframework.org/schema/security/spring-security-3.1.xsd
http://www.springframework.org/schema/task
http://www.springframework.org/schema/task/spring-task-3.1.xsd">
<!-- Security configuration -->
<security:ldap-server id="ldapServer"
url="ldap://192.9.xxx.xxx:389"
manager-dn="cn=securityadmin, ou=Admin Accounts, dc=isgecnet, dc=com"
manager-password="xxxxxxx"/>
<security:authentication-manager alias="authenticationManager">
<security:ldap-authentication-provider
server-ref="ldapServer"
user-search-base="ou=All Groups,dc=isgecnet,dc=com"
user-search-filter="(&(sAMAccountName={0})(memberOf=cn=ROLE_ADMIN,ou=All Groups,dc=isgecnet,dc=com))"
group-search-base="ou=All Groups,dc=isgecnet,dc=com"
group-search-filter="(member={0})"
group-role-attribute="cn"
role-prefix="">
</security:ldap-authentication-provider>
</security:authentication-manager>
</beans:beans>