Hi,
I have finally managed to configure LDAP login with the help of forum members in another thread. However, I have ran in to another problem. Upon logging in with a non-admin user, I receive the following message: "com.openkm.core.RepositoryException: PathNotFoundException: 03225c14-343c-406b-8836-92d65cd146bd : /okm:trash". I have looked around on this forum and tried numerous changes to try and fix it, but unfortunately I cannot get it to go.
Output from the error log:
Am I doing something wrong here? This is only a test environment before I move everything to production, but unfortunately it's getting to the point where I'm endlessly breaking it and not finding a solution.
Any help on this is much appreciated; and should hopefully be the last thing needed before I can get this up and running.
Thank you,
Jason.
I have finally managed to configure LDAP login with the help of forum members in another thread. However, I have ran in to another problem. Upon logging in with a non-admin user, I receive the following message: "com.openkm.core.RepositoryException: PathNotFoundException: 03225c14-343c-406b-8836-92d65cd146bd : /okm:trash". I have looked around on this forum and tried numerous changes to try and fix it, but unfortunately I cannot get it to go.
Output from the error log:
Code: Select all
The configuration in OpenKM.xml:
2013-04-15 11:42:41,982 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/services/**'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/status'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/download'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/workflow-register'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/webdav/**'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/feed/**'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 1 of 8 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@5b5ac942. A new one will be created.
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 2 of 8 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Request is to process authentication
2013-04-15 11:42:41,984 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.authentication.ProviderManager - Authentication attempt using org.springframework.security.ldap.authentication.LdapAuthenticationProvider
2013-04-15 11:42:42,009 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.authentication.LdapAuthenticationProvider - Processing authentication request for user: jason
2013-04-15 11:42:42,016 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.search.FilterBasedLdapUserSearch - Searching for user 'jason', with user search [ searchFilter: '(cn={0})', searchBase: 'ou=people,dc=server,dc=world', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]
2013-04-15 11:42:42,051 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.SpringSecurityLdapTemplate - Searching for entry under DN '', base = 'ou=people,dc=server,dc=world', filter = '(cn={0})'
2013-04-15 11:42:42,072 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.SpringSecurityLdapTemplate - Found DN: uid=jason,ou=people,dc=server,dc=world
2013-04-15 11:42:42,079 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.authentication.BindAuthenticator - Attempting to bind as uid=jason,ou=people,dc=server,dc=world
2013-04-15 11:42:42,079 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.DefaultSpringSecurityContextSource - Removing pooling flag for user uid=jason,ou=people,dc=server,dc=world
2013-04-15 11:42:42,085 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.authentication.BindAuthenticator - Retrieving attributes...
2013-04-15 11:42:42,093 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator - Getting authorities for user uid=jason,ou=people,dc=server,dc=world
2013-04-15 11:42:42,095 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator - Searching for roles for user 'jason', DN = 'uid=jason,ou=people,dc=server,dc=world', with filter (memberUid={0}) in search base 'ou=groups,dc=server,dc=world'
2013-04-15 11:42:42,095 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.SpringSecurityLdapTemplate - Using filter: (memberUid=uid=jason,ou=people,dc=server,dc=world)
2013-04-15 11:42:42,100 [http-bio-0.0.0.0-8080-exec-5] INFO org.springframework.ldap.core.LdapTemplate - The returnObjFlag of supplied SearchControls is not set but a ContextMapper is used - setting flag to true
2013-04-15 11:42:42,104 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator - Roles from search: []
2013-04-15 11:42:42,105 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.userdetails.LdapUserDetailsMapper - Mapping user details from context with DN: uid=jason,ou=people,dc=server,dc=world
2013-04-15 11:42:42,109 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy - Invalidating session with Id '9A0D3B16CC3ECCE87D78D8A8363F88CB' and migrating attributes.
2013-04-15 11:42:42,113 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy - Started new session: BBA4E7CF5E93B6ADC301B36B6597E084
2013-04-15 11:42:42,114 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Authentication success. Updating SecurityContextHolder to contain: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@e884be07: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@e8856063: Dn: uid=jason,ou=people,dc=server,dc=world; Username: jason; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe21a0: RemoteIpAddress: 192.168.1.43; SessionId: 9A0D3B16CC3ECCE87D78D8A8363F88CB; Not granted any authorities
2013-04-15 11:42:42,114 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler - Redirecting to DefaultSavedRequest Url: http://192.168.1.47:8080/OpenKM/frontend/index.jsp
2013-04-15 11:42:42,116 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.DefaultRedirectStrategy - Redirecting to 'http://192.168.1.47:8080/OpenKM/frontend/index.jsp'
2013-04-15 11:42:42,116 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - SecurityContext stored to HttpSession: 'org.springframework.security.core.context.SecurityContextImpl@e884be07: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@e884be07: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@e8856063: Dn: uid=jason,ou=people,dc=server,dc=world; Username: jason; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe21a0: RemoteIpAddress: 192.168.1.43; SessionId: 9A0D3B16CC3ECCE87D78D8A8363F88CB; Not granted any authorities'
2013-04-15 11:42:42,116 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
2013-04-15 11:42:42,133 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/services/**'
2013-04-15 11:42:42,134 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/status'
2013-04-15 11:42:42,134 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/download'
2013-04-15 11:42:42,134 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/workflow-register'
2013-04-15 11:42:42,134 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/webdav/**'
2013-04-15 11:42:42,136 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/feed/**'
2013-04-15 11:42:42,136 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 1 of 8 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2013-04-15 11:42:42,136 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@e884be07: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@e884be07: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@e8856063: Dn: uid=jason,ou=people,dc=server,dc=world; Username: jason; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe21a0: RemoteIpAddress: 192.168.1.43; SessionId: 9A0D3B16CC3ECCE87D78D8A8363F88CB; Not granted any authorities'
2013-04-15 11:42:42,137 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 2 of 8 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2013-04-15 11:42:42,137 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 3 of 8 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2013-04-15 11:42:42,138 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - pathInfo: both null (property equals)
2013-04-15 11:42:42,138 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - queryString: both null (property equals)
2013-04-15 11:42:42,138 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - requestURI: arg1=/OpenKM/frontend/index.jsp; arg2=/OpenKM/frontend/index.jsp (property equals)
2013-04-15 11:42:42,139 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - serverPort: arg1=8080; arg2=8080 (property equals)
2013-04-15 11:42:42,139 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - requestURL: arg1=http://192.168.1.47:8080/OpenKM/frontend/index.jsp; arg2=http://192.168.1.47:8080/OpenKM/frontend/index.jsp (property equals)
2013-04-15 11:42:42,139 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - scheme: arg1=http; arg2=http (property equals)
2013-04-15 11:42:42,139 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - serverName: arg1=192.168.1.47; arg2=192.168.1.47 (property equals)
2013-04-15 11:42:42,139 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - contextPath: arg1=/OpenKM; arg2=/OpenKM (property equals)
2013-04-15 11:42:42,140 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - servletPath: arg1=/frontend/index.jsp; arg2=/frontend/index.jsp (property equals)
2013-04-15 11:42:42,140 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.HttpSessionRequestCache - Removing DefaultSavedRequest from session if present
2013-04-15 11:42:42,145 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 4 of 8 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 5 of 8 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.authentication.AnonymousAuthenticationFilter - SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@e884be07: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@e8856063: Dn: uid=jason,ou=people,dc=server,dc=world; Username: jason; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe21a0: RemoteIpAddress: 192.168.1.43; SessionId: 9A0D3B16CC3ECCE87D78D8A8363F88CB; Not granted any authorities'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 6 of 8 in additional filter chain; firing Filter: 'SessionManagementFilter'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 7 of 8 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 8 of 8 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/frontend/**'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /frontend/index.jsp; Attributes: [IS_AUTHENTICATED_FULLY]
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@e884be07: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@e8856063: Dn: uid=jason,ou=people,dc=server,dc=world; Username: jason; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe21a0: RemoteIpAddress: 192.168.1.43; SessionId: 9A0D3B16CC3ECCE87D78D8A8363F88CB; Not granted any authorities
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.access.vote.AffirmativeBased - Voter: org.springframework.security.access.vote.RoleVoter@7f38f3d1, returned: 0
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.access.vote.AffirmativeBased - Voter: org.springframework.security.access.vote.AuthenticatedVoter@740f5f97, returned: 1
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - Authorization successful
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - RunAsManager did not change Authentication object
2013-04-15 11:42:42,147 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp reached end of additional filter chain; proceeding with original chain
2013-04-15 11:42:42,263 [http-bio-0.0.0.0-8080-exec-7] INFO com.openkm.module.db.DbAuthModule - Create okm:trash/jason
2013-04-15 11:42:42,272 [http-bio-0.0.0.0-8080-exec-7] ERROR com.openkm.module.db.DbAuthModule - 03225c14-343c-406b-8836-92d65cd146bd : /okm:trash
com.openkm.core.PathNotFoundException: 03225c14-343c-406b-8836-92d65cd146bd : /okm:trash
at com.openkm.module.db.stuff.SecurityHelper.checkRead(SecurityHelper.java:84)
at com.openkm.dao.NodeFolderDAO.create(NodeFolderDAO.java:103)
at com.openkm.module.db.DbAuthModule.createBase(DbAuthModule.java:473)
at com.openkm.module.db.DbAuthModule.loadUserData(DbAuthModule.java:436)
at com.openkm.module.db.DbAuthModule.login(DbAuthModule.java:81)
at com.openkm.api.OKMAuth.login(OKMAuth.java:53)
at org.apache.jsp.frontend.index_jsp._jspService(index_jsp.java:68)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:432)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:311)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:116)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:101)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:182)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:999)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:565)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:309)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)
2013-04-15 11:42:42,299 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.access.ExceptionTranslationFilter - Chain processed normally
2013-04-15 11:42:42,299 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - HttpSession is now null, but was not null at start of request; session was invalidated, so do not create a new session
2013-04-15 11:42:42,299 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
2013-04-15 11:42:42,427 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/services/**'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/status'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/download'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/workflow-register'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/webdav/**'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/feed/**'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 1 of 8 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - No HttpSession currently exists
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: null. A new one will be created.
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 2 of 8 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 3 of 8 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 4 of 8 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 5 of 8 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.authentication.AnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@90550640: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@7798: RemoteIpAddress: 192.168.1.43; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 6 of 8 in additional filter chain; firing Filter: 'SessionManagementFilter'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.session.SessionManagementFilter - Requested session IDBBA4E7CF5E93B6ADC301B36B6597E084 is invalid.
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 7 of 8 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 8 of 8 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/frontend/**'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/login.jsp'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/admin/**'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/repositorystartup'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/test'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/extension/**'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - Public object - authentication not attempted
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login reached end of additional filter chain; proceeding with original chain
2013-04-15 11:42:42,457 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.access.ExceptionTranslationFilter - Chain processed normally
2013-04-15 11:42:42,457 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2013-04-15 11:42:42,457 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
Code: Select all
The configuration attributes:
<security:ldap-server id="ldapServer" url="ldap://127.0.0.1:389" manager-dn="cn=admin,dc=server,dc=world" manager-password="********"/>
<security:authentication-manager alias="authenticationManager">
<security:ldap-authentication-provider
server-ref="ldapServer"
user-search-base="ou=people,dc=server,dc=world"
user-search-filter="(cn={0})"
group-search-base="ou=groups,dc=server,dc=world"
group-search-filter="(memberUid={0})"
group-role-attribute="cn"
role-prefix="">
</security:ldap-authentication-provider>
<security:authentication-provider>
<security:password-encoder hash="md5"/>
<security:jdbc-user-service
data-source-ref="dataSource"
users-by-username-query="select usr_id, usr_password, 1 from OKM_USER where usr_id=? and usr_active='T'"
authorities-by-username-query="select ur_user, ur_role from OKM_USER_ROLE where ur_user=?"/>
</security:authentication-provider>
</security:authentication-manager>
Code: Select all
My OpenLDAP server contains two groups in the 'ou=groups,dc=server,dc=world' context, which are 'ROLE_USER' and 'ROLE_ADMIN'. I have added 'memberUid=jason' to 'ROLE_USER' and 'memberUid=okmAdmin' to 'ROLE_ADMIN'. The user list and role list show up correctly in the administrator user management area, and my default user role is left as per default in OpenKM.principal.adapter=com.openkm.principal.LdapPrincipalAdapter
principal.database.filter.inactive.users=true
principal.ldap.mail.attribute=mail
principal.ldap.mail.search.base=ou=people,dc=server,dc=world
principal.ldap.mail.search.filter=(&(objectClass=inetOrgPerson)(cn={0}))
principal.ldap.referral=follow
principal.ldap.role.attribute=cn
principal.ldap.role.search.base=ou=groups,dc=server,dc=world
principal.ldap.role.search.filter=(objectClass=posixGroup)
principal.ldap.roles.by.user.attribute=cn
principal.ldap.roles.by.user.search.base=ou=groups,dc=server,dc=world
principal.ldap.roles.by.user.search.filter=(memberUid={0})
principal.ldap.security.credentials=********
principal.ldap.security.principal=cn=admin,dc=server,dc=world
principal.ldap.server=ldap://192.168.1.47:389
principal.ldap.user.attribute=cn
principal.ldap.user.search.base=ou=people,dc=server,dc=world
principal.ldap.user.search.filter=(objectClass=inetOrgPerson)
principal.ldap.username.attribute=cn
principal.ldap.username.search.base=ou=people,dc=server,dc=world
principal.ldap.username.search.filter=(&(objectClass=inetOrgPerson)(cn={0}))
principal.ldap.users.by.role.attribute=memberUid
principal.ldap.users.by.role.search.base=ou=groups,dc=server,dc=world
principal.ldap.users.by.role.search.filter=(&(objectClass=posixGroup)(cn={0}))
principal.ldap.users.from.roles=true
Am I doing something wrong here? This is only a test environment before I move everything to production, but unfortunately it's getting to the point where I'm endlessly breaking it and not finding a solution.
Any help on this is much appreciated; and should hopefully be the last thing needed before I can get this up and running.
Thank you,
Jason.