• How to configure ldap with openkm

  • OpenKM a de nombreuses fonctionnalités interessantes, mais demande un minimum de configuration pour être pleinement exploité.
OpenKM a de nombreuses fonctionnalités interessantes, mais demande un minimum de configuration pour être pleinement exploité.

Moderator: dedisoft

Forum rules: Avant de poser une question, merci de regarder la documentation du wiki ou d'utiliser la fonction recherche du forum. Et rappelez vous que nous n'avons ni boule de cristal ni possibilité de lire dans les pensées, aussi pensez à spécifier quelle version d'OpenKM vous utilisez ainsi que la version du navigateur web et du système d'exploitation. Pour de plus amples informations lisez Comment reporter un bug efficacement (anglais).
 #22328  by anurag
 
Hi,
I am new in openkm I have installed openkm 5.1 with jboss it's working fine but now I want to configure ldap?
Can anyone please tell me how I should configure?

Thanks,
Anurag
 #22435  by anurag
 
Hi Pavila,
Thanks for reply I have configued but I am getting below error
Code: Select all
 ERROR - NamingException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece
 #22470  by anurag
 
Thanks Jllort for reply I have change as per your suggestion but after type username and password getting Authentication error I don't know how we fix it.
 #22502  by jllort
 
Put here your xml configuration - the ldap authentication part - file if I see something strange. Are you sure about user login credentials are right ( ensure about it ).
 #22650  by anurag
 
Hi Jllort,
below are my entry in login-config.xml
Code: Select all
<authentication>
      <login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required" >
        <module-option name="java.naming.provider.url">ldap://x.x.x.x:3268</module-option>
        <module-option name="java.naming.security.authentication">simple</module-option>
        <module-option name="bindDN">cn=anurag.pandey,cn=test,dc=gdctest,dc=com</module-option>
        <module-option name="bindCredential">secret123!</module-option>
        <module-option name="baseCtxDN">dc=gdctest,dc=com</module-option>
        <module-option name="baseFilter">(uid={0})</module-option>
        <module-option name="rolesCtxDN">cn=test,dc=gdctest,dc=com</module-option>
        <module-option name="roleFilter">(memberUid={0})</module-option>
        <module-option name="roleAttributeIsDN">false</module-option>
        <module-option name="roleAttributeID">cn</module-option>
        <module-option name="roleRecursion">1</module-option>
        <module-option name="searchTimeLimit">5000</module-option>
        <module-option name="searchScope">ONELEVEL_SCOPE</module-option>
        <module-option name="defaultRole">UserRole</module-option>
      </login-module>
     </authentication>
   </application-policy>
and OpenKM.cfg file
Code: Select all
#system.ocr=/usr/bin/tesseract
#repository.home=E:/data
system.openoffice=on
#system.openoffice.path=E:/open office
system.openoffice.tasks=5
system.openoffice.port=2222
#system.openoffice.path=C:\\Program Files\\OpenOffice.org3
#system.pdf2swf=E:/back-up-openkm-18-02-11/OpenKM-5.0.1_JBoss-4.2.3.GA/SWFTools/pdf2swf.exe
#system.convert=E:/back-up-openkm-18-02-11/OpenKM-5.0.1_JBoss-4.2.3.GA/Imagemagick/ImageMagick-6.6.7-7/convert.exe
#system.img2pdf=E:/back-up-openkm-18-02-11/OpenKM-5.0.1_JBoss-4.2.3.GA/Imagemagick/ImageMagick-6.6.7-7/convert.exe
#system.antivir=/usr/bin/clamscan
hibernate.dialect=org.hibernate.dialect.HSQLDialect
hibernate.hbm2ddl=none
#application.url=http://localhost:8080/OpenKM/com.openkm.frontend.Main/index.jsp
principal.adapter=com.openkm.principal.LdapPrincipalAdapter
principal.ldap.server=ldap://x.x.x.x:3268
principal.ldap.security.principal=cn=anurag.pandey,cn=test,dc=gdctest,dc=com
principal.ldap.security.credentials=secret123!
principal.ldap.user.search.base=cn=test,dc=gdctest,dc=com
principal.ldap.user.search.filter=(objectclass=person)
principal.ldap.user.atribute=test
principal.ldap.role.search.base=cn=test,dc=gdctest,dc=com
principal.ldap.role.search.filter=(objectclass=group)
principal.ldap.role.atribute=test
principal.ldap.mail.search.base=cn={0},cn=test,dc=gdctest,dc=com
principal.ldap.mail.search.filter=(objectclass=person)
principal.ldap.mail.atribute=mail
system.login.lowercase=on
Regards,
Anurag
 #22672  by jllort
 
I suggest upgrade to version 6.x. 5.0 is a very old release and we consider as deprecated. Is this and older 5.0 version ? otherside there's no reason to install that version.
 #22690  by anurag
 
Hi jllort,
Thanks for suggestion and I install openkm-6.2.2-community-windows-installer and configure ldap same as instruction is given in wiki http://wiki.openkm.com/index.php/Active ... figuration
but still I am facing below issue:
Code: Select all
tyContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2013-04-24 18:55:54,928 [http-bio-0.0.0.0-8080-exec-10] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/services/**'
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/status'
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/download'
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/workflow-register'
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/webdav/**'
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/feed/**'
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 1 of 8 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@ace155. A new one will be created.
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 2 of 8 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Request is to process authentication
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.authentication.ProviderManager - Authentication attempt using org.springframework.security.ldap.authentication.LdapAuthenticationProvider
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.ldap.authentication.LdapAuthenticationProvider - Processing authentication request for user: okmAdmin
2013-04-24 18:56:09,678 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.ldap.search.FilterBasedLdapUserSearch - Searching for user 'okmAdmin', with user search [ searchFilter: 'sAMAccountName={0}', searchBase: '', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]
2013-04-24 18:56:09,709 [http-bio-0.0.0.0-8080-exec-2] DEBUG org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Authentication request failed: org.springframework.security.authentication.AuthenticationServiceException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece
Regards,
Anurag

About Us

OpenKM is part of the management software. A management software is a program that facilitates the accomplishment of administrative tasks. OpenKM is a document management system that allows you to manage business content and workflow in a more efficient way. Document managers guarantee data protection by establishing information security for business content.