How to configure ldap with openkm

OpenKM a de nombreuses fonctionnalités interessantes, mais demande un minimum de configuration pour être pleinement exploité.

Moderator: dedisoft

Forum rules
Avant de poser une question, merci de regarder la documentation du wiki ou d'utiliser la fonction recherche du forum. Et rappelez vous que nous n'avons ni boule de cristal ni possibilité de lire dans les pensées, aussi pensez à spécifier quelle version d'OpenKM vous utilisez ainsi que la version du navigateur web et du système d'exploitation. Pour de plus amples informations lisez Comment reporter un bug efficacement (anglais).
Post Reply
anurag
Junior Boarder
Junior Boarder
Posts: 23
Joined: Mon Apr 01, 2013 10:20 am

How to configure ldap with openkm

Post by anurag » Mon Apr 08, 2013 9:20 am

Hi,
I am new in openkm I have installed openkm 5.1 with jboss it's working fine but now I want to configure ldap?
Can anyone please tell me how I should configure?

Thanks,
Anurag

pavila
Moderator
Moderator
Posts: 3001
Joined: Tue Dec 11, 2007 6:02 pm
Location: Alicante, Spain
Contact:

Re: How to configure ldap with openkm

Post by pavila » Mon Apr 08, 2013 6:36 pm

I recommend to install a recent OpenKM version like 6.2.3 and read documentation http://wiki.openkm.com/index.php/Active ... OpenKM_6.2

anurag
Junior Boarder
Junior Boarder
Posts: 23
Joined: Mon Apr 01, 2013 10:20 am

Re: How to configure ldap with openkm

Post by anurag » Thu Apr 11, 2013 6:09 am

Hi Pavila,
Thanks for reply I have configued but I am getting below error

Code: Select all

 ERROR - NamingException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece

jllort
Moderator
Moderator
Posts: 9127
Joined: Fri Dec 21, 2007 11:23 am
Location: Sineu - ( Illes Balears ) - Spain
Contact:

Re: How to configure ldap with openkm

Post by jllort » Thu Apr 11, 2013 9:32 pm


anurag
Junior Boarder
Junior Boarder
Posts: 23
Joined: Mon Apr 01, 2013 10:20 am

Re: How to configure ldap with openkm

Post by anurag » Fri Apr 12, 2013 5:23 am

Thanks Jllort for reply I have change as per your suggestion but after type username and password getting Authentication error I don't know how we fix it.

jllort
Moderator
Moderator
Posts: 9127
Joined: Fri Dec 21, 2007 11:23 am
Location: Sineu - ( Illes Balears ) - Spain
Contact:

Re: How to configure ldap with openkm

Post by jllort » Sun Apr 14, 2013 10:39 am

Put here your xml configuration - the ldap authentication part - file if I see something strange. Are you sure about user login credentials are right ( ensure about it ).

anurag
Junior Boarder
Junior Boarder
Posts: 23
Joined: Mon Apr 01, 2013 10:20 am

Re: How to configure ldap with openkm

Post by anurag » Tue Apr 23, 2013 10:49 am

Hi Jllort,
below are my entry in login-config.xml

Code: Select all

<authentication>
      <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required" >
        <module-option name="java.naming.provider.url">ldap://x.x.x.x:3268</module-option>
        <module-option name="java.naming.security.authentication">simple</module-option>
        <module-option name="bindDN">cn=anurag.pandey,cn=test,dc=gdctest,dc=com</module-option>
        <module-option name="bindCredential">secret123!</module-option>
        <module-option name="baseCtxDN">dc=gdctest,dc=com</module-option>
        <module-option name="baseFilter">(uid={0})</module-option>
        <module-option name="rolesCtxDN">cn=test,dc=gdctest,dc=com</module-option>
        <module-option name="roleFilter">(memberUid={0})</module-option>
        <module-option name="roleAttributeIsDN">false</module-option>
        <module-option name="roleAttributeID">cn</module-option>
        <module-option name="roleRecursion">1</module-option>
        <module-option name="searchTimeLimit">5000</module-option>
        <module-option name="searchScope">ONELEVEL_SCOPE</module-option>
        <module-option name="defaultRole">UserRole</module-option>
      </login-module>
     </authentication>
   </application-policy>
and OpenKM.cfg file

Code: Select all

#system.ocr=/usr/bin/tesseract
#repository.home=E:/data
system.openoffice=on
#system.openoffice.path=E:/open office
system.openoffice.tasks=5
system.openoffice.port=2222
#system.openoffice.path=C:\\Program Files\\OpenOffice.org3
#system.pdf2swf=E:/back-up-openkm-18-02-11/OpenKM-5.0.1_JBoss-4.2.3.GA/SWFTools/pdf2swf.exe
#system.convert=E:/back-up-openkm-18-02-11/OpenKM-5.0.1_JBoss-4.2.3.GA/Imagemagick/ImageMagick-6.6.7-7/convert.exe
#system.img2pdf=E:/back-up-openkm-18-02-11/OpenKM-5.0.1_JBoss-4.2.3.GA/Imagemagick/ImageMagick-6.6.7-7/convert.exe
#system.antivir=/usr/bin/clamscan
hibernate.dialect=org.hibernate.dialect.HSQLDialect
hibernate.hbm2ddl=none
#application.url=http://localhost:8080/OpenKM/com.openkm.frontend.Main/index.jsp
principal.adapter=com.openkm.principal.LdapPrincipalAdapter
principal.ldap.server=ldap://x.x.x.x:3268
principal.ldap.security.principal=cn=anurag.pandey,cn=test,dc=gdctest,dc=com
principal.ldap.security.credentials=secret123!
principal.ldap.user.search.base=cn=test,dc=gdctest,dc=com
principal.ldap.user.search.filter=(objectclass=person)
principal.ldap.user.atribute=test
principal.ldap.role.search.base=cn=test,dc=gdctest,dc=com
principal.ldap.role.search.filter=(objectclass=group)
principal.ldap.role.atribute=test
principal.ldap.mail.search.base=cn={0},cn=test,dc=gdctest,dc=com
principal.ldap.mail.search.filter=(objectclass=person)
principal.ldap.mail.atribute=mail
system.login.lowercase=on
Regards,
Anurag

pavila
Moderator
Moderator
Posts: 3001
Joined: Tue Dec 11, 2007 6:02 pm
Location: Alicante, Spain
Contact:

Re: How to configure ldap with openkm

Post by pavila » Tue Apr 23, 2013 7:11 pm

OpenKM 5.0 is obsolete.

jllort
Moderator
Moderator
Posts: 9127
Joined: Fri Dec 21, 2007 11:23 am
Location: Sineu - ( Illes Balears ) - Spain
Contact:

Re: How to configure ldap with openkm

Post by jllort » Tue Apr 23, 2013 9:07 pm

I suggest upgrade to version 6.x. 5.0 is a very old release and we consider as deprecated. Is this and older 5.0 version ? otherside there's no reason to install that version.

anurag
Junior Boarder
Junior Boarder
Posts: 23
Joined: Mon Apr 01, 2013 10:20 am

How to configure ldap with openkm

Post by anurag » Wed Apr 24, 2013 1:35 pm

Hi jllort,
Thanks for suggestion and I install openkm-6.2.2-community-windows-installer and configure ldap same as instruction is given in wiki http://wiki.openkm.com/index.php/Active ... figuration
but still I am facing below issue:

Code: Select all

tyContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2013-04-24 18:55:54,928 [http-bio-0.0.0.0-8080-exec-10] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/services/**'
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/status'
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/download'
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/workflow-register'
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/webdav/**'
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/feed/**'
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 1 of 8 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@ace155. A new one will be created.
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 2 of 8 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Request is to process authentication
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.authentication.ProviderManager - Authentication attempt using org.springframework.security.ldap.authentication.LdapAuthenticationProvider
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.ldap.authentication.LdapAuthenticationProvider - Processing authentication request for user: okmAdmin
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.ldap.search.FilterBasedLdapUserSearch - Searching for user 'okmAdmin', with user search [ searchFilter: 'sAMAccountName={0}', searchBase: '', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]
2013-04-24 18:56:09,709 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Authentication request failed: org.springframework.security.authentication.AuthenticationServiceException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece
Regards,
Anurag

jllort
Moderator
Moderator
Posts: 9127
Joined: Fri Dec 21, 2007 11:23 am
Location: Sineu - ( Illes Balears ) - Spain
Contact:

Re: How to configure ldap with openkm

Post by jllort » Thu Apr 25, 2013 9:57 pm

Better if you take a look complete examples http://wiki.openkm.com/index.php/LDAP_examples

That can help to solve some problems also http://wiki.openkm.com/index.php/Troubl ... _with_LDAP

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest