Online demo
Download
Contact

Because information matters

  • Receiving a "PathNotFoundException" with LDAP user

  • OpenKM has many interesting features, but requires some configuration process to show its full potential.
It is currently Wed Apr 24, 2024 11:03 pm

Receiving a "PathNotFoundException" with LDAP user

OpenKM has many interesting features, but requires some configuration process to show its full potential.
Forum rules: Please, before asking something see the documentation wiki or use the search feature of the forum. And remember we don't have a crystal ball or mental readers, so if you post about an issue tell us which OpenKM are you using and also the browser and operating system version. For more info read How to Report Bugs Effectively.
 Reply

Receiving a "PathNotFoundException" with LDAP user

 #22508  by jaseeey
 
Hi,

I have finally managed to configure LDAP login with the help of forum members in another thread. However, I have ran in to another problem. Upon logging in with a non-admin user, I receive the following message: "com.openkm.core.RepositoryException: PathNotFoundException: 03225c14-343c-406b-8836-92d65cd146bd : /okm:trash". I have looked around on this forum and tried numerous changes to try and fix it, but unfortunately I cannot get it to go.

Output from the error log:
Code: Select all
2013-04-15 11:42:41,982 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/services/**'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/status'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/download'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/workflow-register'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/webdav/**'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/feed/**'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 1 of 8 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@5b5ac942. A new one will be created.
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 2 of 8 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Request is to process authentication
2013-04-15 11:42:41,984 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.authentication.ProviderManager - Authentication attempt using org.springframework.security.ldap.authentication.LdapAuthenticationProvider
2013-04-15 11:42:42,009 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.authentication.LdapAuthenticationProvider - Processing authentication request for user: jason
2013-04-15 11:42:42,016 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.search.FilterBasedLdapUserSearch - Searching for user 'jason', with user search [ searchFilter: '(cn={0})', searchBase: 'ou=people,dc=server,dc=world', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]
2013-04-15 11:42:42,051 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.SpringSecurityLdapTemplate - Searching for entry under DN '', base = 'ou=people,dc=server,dc=world', filter = '(cn={0})'
2013-04-15 11:42:42,072 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.SpringSecurityLdapTemplate - Found DN: uid=jason,ou=people,dc=server,dc=world
2013-04-15 11:42:42,079 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.authentication.BindAuthenticator - Attempting to bind as uid=jason,ou=people,dc=server,dc=world
2013-04-15 11:42:42,079 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.DefaultSpringSecurityContextSource - Removing pooling flag for user uid=jason,ou=people,dc=server,dc=world
2013-04-15 11:42:42,085 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.authentication.BindAuthenticator - Retrieving attributes...
2013-04-15 11:42:42,093 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator - Getting authorities for user uid=jason,ou=people,dc=server,dc=world
2013-04-15 11:42:42,095 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator - Searching for roles for user 'jason', DN = 'uid=jason,ou=people,dc=server,dc=world', with filter (memberUid={0}) in search base 'ou=groups,dc=server,dc=world'
2013-04-15 11:42:42,095 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.SpringSecurityLdapTemplate - Using filter: (memberUid=uid=jason,ou=people,dc=server,dc=world)
2013-04-15 11:42:42,100 [http-bio-0.0.0.0-8080-exec-5] INFO  org.springframework.ldap.core.LdapTemplate - The returnObjFlag of supplied SearchControls is not set but a ContextMapper is used - setting flag to true
2013-04-15 11:42:42,104 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator - Roles from search: []
2013-04-15 11:42:42,105 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.userdetails.LdapUserDetailsMapper - Mapping user details from context with DN: uid=jason,ou=people,dc=server,dc=world
2013-04-15 11:42:42,109 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy - Invalidating session with Id '9A0D3B16CC3ECCE87D78D8A8363F88CB' and migrating attributes.
2013-04-15 11:42:42,113 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy - Started new session: BBA4E7CF5E93B6ADC301B36B6597E084
2013-04-15 11:42:42,114 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Authentication success. Updating SecurityContextHolder to contain: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@e884be07: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@e8856063: Dn: uid=jason,ou=people,dc=server,dc=world; Username: jason; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe21a0: RemoteIpAddress: 192.168.1.43; SessionId: 9A0D3B16CC3ECCE87D78D8A8363F88CB; Not granted any authorities
2013-04-15 11:42:42,114 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler - Redirecting to DefaultSavedRequest Url: http://192.168.1.47:8080/OpenKM/frontend/index.jsp
2013-04-15 11:42:42,116 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.DefaultRedirectStrategy - Redirecting to 'http://192.168.1.47:8080/OpenKM/frontend/index.jsp'
2013-04-15 11:42:42,116 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - SecurityContext stored to HttpSession: 'org.springframework.security.core.context.SecurityContextImpl@e884be07: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@e884be07: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@e8856063: Dn: uid=jason,ou=people,dc=server,dc=world; Username: jason; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe21a0: RemoteIpAddress: 192.168.1.43; SessionId: 9A0D3B16CC3ECCE87D78D8A8363F88CB; Not granted any authorities'
2013-04-15 11:42:42,116 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
2013-04-15 11:42:42,133 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/services/**'
2013-04-15 11:42:42,134 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/status'
2013-04-15 11:42:42,134 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/download'
2013-04-15 11:42:42,134 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/workflow-register'
2013-04-15 11:42:42,134 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/webdav/**'
2013-04-15 11:42:42,136 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/feed/**'
2013-04-15 11:42:42,136 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 1 of 8 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2013-04-15 11:42:42,136 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@e884be07: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@e884be07: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@e8856063: Dn: uid=jason,ou=people,dc=server,dc=world; Username: jason; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe21a0: RemoteIpAddress: 192.168.1.43; SessionId: 9A0D3B16CC3ECCE87D78D8A8363F88CB; Not granted any authorities'
2013-04-15 11:42:42,137 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 2 of 8 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2013-04-15 11:42:42,137 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 3 of 8 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2013-04-15 11:42:42,138 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - pathInfo: both null (property equals)
2013-04-15 11:42:42,138 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - queryString: both null (property equals)
2013-04-15 11:42:42,138 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - requestURI: arg1=/OpenKM/frontend/index.jsp; arg2=/OpenKM/frontend/index.jsp (property equals)
2013-04-15 11:42:42,139 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - serverPort: arg1=8080; arg2=8080 (property equals)
2013-04-15 11:42:42,139 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - requestURL: arg1=http://192.168.1.47:8080/OpenKM/frontend/index.jsp; arg2=http://192.168.1.47:8080/OpenKM/frontend/index.jsp (property equals)
2013-04-15 11:42:42,139 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - scheme: arg1=http; arg2=http (property equals)
2013-04-15 11:42:42,139 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - serverName: arg1=192.168.1.47; arg2=192.168.1.47 (property equals)
2013-04-15 11:42:42,139 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - contextPath: arg1=/OpenKM; arg2=/OpenKM (property equals)
2013-04-15 11:42:42,140 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - servletPath: arg1=/frontend/index.jsp; arg2=/frontend/index.jsp (property equals)
2013-04-15 11:42:42,140 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.HttpSessionRequestCache - Removing DefaultSavedRequest from session if present
2013-04-15 11:42:42,145 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 4 of 8 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 5 of 8 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.authentication.AnonymousAuthenticationFilter - SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@e884be07: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@e8856063: Dn: uid=jason,ou=people,dc=server,dc=world; Username: jason; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe21a0: RemoteIpAddress: 192.168.1.43; SessionId: 9A0D3B16CC3ECCE87D78D8A8363F88CB; Not granted any authorities'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 6 of 8 in additional filter chain; firing Filter: 'SessionManagementFilter'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 7 of 8 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 8 of 8 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/frontend/**'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /frontend/index.jsp; Attributes: [IS_AUTHENTICATED_FULLY]
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@e884be07: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@e8856063: Dn: uid=jason,ou=people,dc=server,dc=world; Username: jason; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe21a0: RemoteIpAddress: 192.168.1.43; SessionId: 9A0D3B16CC3ECCE87D78D8A8363F88CB; Not granted any authorities
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.access.vote.AffirmativeBased - Voter: org.springframework.security.access.vote.RoleVoter@7f38f3d1, returned: 0
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.access.vote.AffirmativeBased - Voter: org.springframework.security.access.vote.AuthenticatedVoter@740f5f97, returned: 1
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - Authorization successful
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - RunAsManager did not change Authentication object
2013-04-15 11:42:42,147 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp reached end of additional filter chain; proceeding with original chain
2013-04-15 11:42:42,263 [http-bio-0.0.0.0-8080-exec-7] INFO  com.openkm.module.db.DbAuthModule - Create okm:trash/jason
2013-04-15 11:42:42,272 [http-bio-0.0.0.0-8080-exec-7] ERROR com.openkm.module.db.DbAuthModule - 03225c14-343c-406b-8836-92d65cd146bd : /okm:trash
com.openkm.core.PathNotFoundException: 03225c14-343c-406b-8836-92d65cd146bd : /okm:trash
        at com.openkm.module.db.stuff.SecurityHelper.checkRead(SecurityHelper.java:84)
        at com.openkm.dao.NodeFolderDAO.create(NodeFolderDAO.java:103)
        at com.openkm.module.db.DbAuthModule.createBase(DbAuthModule.java:473)
        at com.openkm.module.db.DbAuthModule.loadUserData(DbAuthModule.java:436)
        at com.openkm.module.db.DbAuthModule.login(DbAuthModule.java:81)
        at com.openkm.api.OKMAuth.login(OKMAuth.java:53)
        at org.apache.jsp.frontend.index_jsp._jspService(index_jsp.java:68)
        at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
        at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:432)
        at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390)
        at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:311)
        at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:116)
        at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
        at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
        at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:101)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
        at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
        at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
        at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:182)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
        at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
        at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173)
        at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
        at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
        at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:999)
        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:565)
        at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:309)
        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
        at java.lang.Thread.run(Thread.java:662)
2013-04-15 11:42:42,299 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.access.ExceptionTranslationFilter - Chain processed normally
2013-04-15 11:42:42,299 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - HttpSession is now null, but was not null at start of request; session was invalidated, so do not create a new session
2013-04-15 11:42:42,299 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
2013-04-15 11:42:42,427 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/services/**'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/status'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/download'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/workflow-register'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/webdav/**'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/feed/**'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 1 of 8 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - No HttpSession currently exists
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: null. A new one will be created.
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 2 of 8 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 3 of 8 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 4 of 8 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 5 of 8 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.authentication.AnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@90550640: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@7798: RemoteIpAddress: 192.168.1.43; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 6 of 8 in additional filter chain; firing Filter: 'SessionManagementFilter'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.session.SessionManagementFilter - Requested session IDBBA4E7CF5E93B6ADC301B36B6597E084 is invalid.
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 7 of 8 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 8 of 8 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/frontend/**'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/login.jsp'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/admin/**'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/repositorystartup'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/test'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/extension/**'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - Public object - authentication not attempted
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login reached end of additional filter chain; proceeding with original chain
2013-04-15 11:42:42,457 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.access.ExceptionTranslationFilter - Chain processed normally
2013-04-15 11:42:42,457 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2013-04-15 11:42:42,457 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
The configuration in OpenKM.xml:
Code: Select all
  <security:ldap-server id="ldapServer" url="ldap://127.0.0.1:389" manager-dn="cn=admin,dc=server,dc=world" manager-password="********"/>

  <security:authentication-manager alias="authenticationManager">
    <security:ldap-authentication-provider
      server-ref="ldapServer"
      user-search-base="ou=people,dc=server,dc=world"
      user-search-filter="(cn={0})"
      group-search-base="ou=groups,dc=server,dc=world"
      group-search-filter="(memberUid={0})"
      group-role-attribute="cn"
      role-prefix="">
    </security:ldap-authentication-provider>
    <security:authentication-provider>
      <security:password-encoder hash="md5"/>
      <security:jdbc-user-service
        data-source-ref="dataSource"
        users-by-username-query="select usr_id, usr_password, 1 from OKM_USER where usr_id=? and usr_active='T'"
        authorities-by-username-query="select ur_user, ur_role from OKM_USER_ROLE where ur_user=?"/>
    </security:authentication-provider>
  </security:authentication-manager>
The configuration attributes:
Code: Select all
principal.adapter=com.openkm.principal.LdapPrincipalAdapter	    
principal.database.filter.inactive.users=true		    
principal.ldap.mail.attribute=mail	    
principal.ldap.mail.search.base=ou=people,dc=server,dc=world	    
principal.ldap.mail.search.filter=(&(objectClass=inetOrgPerson)(cn={0}))	    
principal.ldap.referral=follow	    
principal.ldap.role.attribute=cn	    
principal.ldap.role.search.base=ou=groups,dc=server,dc=world	    
principal.ldap.role.search.filter=(objectClass=posixGroup)	    
principal.ldap.roles.by.user.attribute=cn	    
principal.ldap.roles.by.user.search.base=ou=groups,dc=server,dc=world	    
principal.ldap.roles.by.user.search.filter=(memberUid={0})	    
principal.ldap.security.credentials=********
principal.ldap.security.principal=cn=admin,dc=server,dc=world	    
principal.ldap.server=ldap://192.168.1.47:389	    
principal.ldap.user.attribute=cn	    
principal.ldap.user.search.base=ou=people,dc=server,dc=world	    
principal.ldap.user.search.filter=(objectClass=inetOrgPerson)	    
principal.ldap.username.attribute=cn	    
principal.ldap.username.search.base=ou=people,dc=server,dc=world	    
principal.ldap.username.search.filter=(&(objectClass=inetOrgPerson)(cn={0}))	    
principal.ldap.users.by.role.attribute=memberUid	    
principal.ldap.users.by.role.search.base=ou=groups,dc=server,dc=world	    
principal.ldap.users.by.role.search.filter=(&(objectClass=posixGroup)(cn={0}))	    
principal.ldap.users.from.roles=true
My OpenLDAP server contains two groups in the 'ou=groups,dc=server,dc=world' context, which are 'ROLE_USER' and 'ROLE_ADMIN'. I have added 'memberUid=jason' to 'ROLE_USER' and 'memberUid=okmAdmin' to 'ROLE_ADMIN'. The user list and role list show up correctly in the administrator user management area, and my default user role is left as per default in OpenKM.

Am I doing something wrong here? This is only a test environment before I move everything to production, but unfortunately it's getting to the point where I'm endlessly breaking it and not finding a solution.

Any help on this is much appreciated; and should hopefully be the last thing needed before I can get this up and running.

Thank you,

Jason.

Re: Receiving a "PathNotFoundException" with LDAP user

 #22509  by jaseeey
 
Hi,

I have managed to work this one out.

In the OpenKM.xml file, the 'group-search-filter="(memberUid={0})' attribute was changed to 'group-search-filter="(memberUid={1})', because I noticed it was searching for 'memberUid=uid=jason,ou=groups,dc=server,dc=world. Changing the variable to {1} inserts just the username, making it search for 'memberUid=jason,ou=groups,dc=server,dc=world'.

I also noticed that it was setting the role as "ROLE_ROLE_USER" on the login page, but only reading "ROLE_USER" in the integration configuration. Changing 'role-prefix=""' to 'role-prefix="none"' fixed the issue. My LDAP configuration now works perfectly.

Thank you for the many useful posts around this forum and the guides on the Wiki.

Cheers,

Jason.

Re: Receiving a "PathNotFoundException" with LDAP user

 #43570  by Florentin
 
Hi everybody!
I have same problem. I followed your recommendations but still nothing. Here are my configurations:
Image
I use OpenLdap:
Image
openkm.xlm:
Code: Select all
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:beans="http://www.springframework.org/schema/beans"
             xmlns:security="http://www.springframework.org/schema/security"
             xmlns:task="http://www.springframework.org/schema/task"
             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xsi:schemaLocation="http://www.springframework.org/schema/beans
                                 http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
                                 http://www.springframework.org/schema/security
                                 http://www.springframework.org/schema/security/spring-security-3.1.xsd
                                 http://www.springframework.org/schema/task
                                 http://www.springframework.org/schema/task/spring-task-3.1.xsd">

<security:ldap-server id="ldapServer" url="ldap://127.0.0.1:389" manager-dn="cn=admin,dc=slimbot,dc=tic" manager-password="02097787"/>

  <security:authentication-manager alias="authenticationManager">
    <security:ldap-authentication-provider
      server-ref="ldapServer"
      user-search-base="ou=sambaSlimbot,dc=slimbot,dc=tic"
      user-search-filter="(uid={0})"
      group-search-base="ou=samba,dc=slimbot,dc=tic"
      group-search-filter="(memberUid={1})"
      group-role-attribute="cn"
      role-prefix="none">
    </security:ldap-authentication-provider>
    <security:authentication-provider>
      <security:password-encoder hash="md5"/>
      <security:jdbc-user-service
        data-source-ref="dataSource"
        users-by-username-query="select usr_id, usr_password, 1 from OKM_USER where usr_id=? and usr_active='T'"
        authorities-by-username-query="select ur_user, ur_role from OKM_USER_ROLE where ur_user=?"/>
    </security:authentication-provider>
  </security:authentication-manager>								 

</beans:beans>
Can you help me please!
Thanks in advance.

Re: Receiving a "PathNotFoundException" with LDAP user

 #43584  by jllort
 
The problem I think might be from this configuration are not getting the roles of the user. Ensure in your AD have created ROLE_USER and ROLE_ADMIN and the user is member of one of them. Finally seems you are in openLdap, correct me if I'm wrong ? but in this case I suggest take a look at this configuration https://docs.openkm.com/kcenter/view/ok ... login.html ( if you are working with microsoft ad then look at here https://docs.openkm.com/kcenter/view/ok ... roles.html )
 Reply
 Return to “Configuration”

Favorites

About Us

OpenKM is part of the management software. A management software is a program that facilitates the accomplishment of administrative tasks. OpenKM is a document management system that allows you to manage business content and workflow in a more efficient way. Document managers guarantee data protection by establishing information security for business content.

Powered By phpBB -
 ©OpenKM 2021
 - All times are UTC -