Re: LDAP not working correctly in 6.2
PostPosted:Mon Jan 21, 2013 3:37 pm
I tryed all your suggestions.
Sill getting the error:
So what is wrong with this exception?
OKM creates the right folder (Create okm:trash/okmstudent) but than looking for a folder (1c5586aa-6d25-4e1f-a345-0cf721d8e304 : /okm:trash) which was never created?!?! I don't understand this step. What is okm doing there? And where did this strange ID comes from?
Thanks guys!
Sill getting the error:
Code: Select all
2013-01-21 16:25:46,014 [http-bio-0.0.0.0-8080-exec-1] DEBUG org.springframework.security.ldap.authentication.LdapAuthenticationProvider - Processing authentication request for user: okmstudent
2013-01-21 16:25:46,015 [http-bio-0.0.0.0-8080-exec-1] DEBUG org.springframework.security.ldap.search.FilterBasedLdapUserSearch - Searching for user 'okmstudent', with user search [ searchFilter: 'sAMAccountName={0}', searchBase: 'ou=MMTOpenUsers,dc=mmtopen,dc=de', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]
2013-01-21 16:25:46,098 [http-bio-0.0.0.0-8080-exec-1] DEBUG org.springframework.security.ldap.SpringSecurityLdapTemplate - Searching for entry under DN '', base = 'ou=MMTOpenUsers,dc=mmtopen,dc=de', filter = 'sAMAccountName={0}'
2013-01-21 16:25:46,129 [http-bio-0.0.0.0-8080-exec-1] DEBUG org.springframework.security.ldap.SpringSecurityLdapTemplate - Found DN: cn=OpenKM Student,ou=Studenten,ou=MMTOpenUsers,dc=mmtopen,dc=de
2013-01-21 16:25:46,140 [http-bio-0.0.0.0-8080-exec-1] DEBUG org.springframework.security.ldap.authentication.BindAuthenticator - Attempting to bind as cn=OpenKM Student,ou=Studenten,ou=MMTOpenUsers,dc=mmtopen,dc=de
2013-01-21 16:25:46,140 [http-bio-0.0.0.0-8080-exec-1] DEBUG org.springframework.security.ldap.DefaultSpringSecurityContextSource - Removing pooling flag for user cn=OpenKM Student,ou=Studenten,ou=MMTOpenUsers,dc=mmtopen,dc=de
2013-01-21 16:25:46,155 [http-bio-0.0.0.0-8080-exec-1] DEBUG org.springframework.security.ldap.authentication.BindAuthenticator - Retrieving attributes...
2013-01-21 16:25:46,160 [http-bio-0.0.0.0-8080-exec-1] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator - Getting authorities for user cn=OpenKM Student,ou=Studenten,ou=MMTOpenUsers,dc=mmtopen,dc=de
2013-01-21 16:25:46,160 [http-bio-0.0.0.0-8080-exec-1] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator - Searching for roles for user 'okmstudent', DN = 'cn=OpenKM Student,ou=Studenten,ou=MMTOpenUsers,dc=mmtopen,dc=de', with filter member={0} in search base 'cn=Users,dc=mmtopen,dc=de'
2013-01-21 16:25:46,160 [http-bio-0.0.0.0-8080-exec-1] DEBUG org.springframework.security.ldap.SpringSecurityLdapTemplate - Using filter: member=cn=OpenKM Student,ou=Studenten,ou=MMTOpenUsers,dc=mmtopen,dc=de
2013-01-21 16:25:46,164 [http-bio-0.0.0.0-8080-exec-1] INFO org.springframework.ldap.core.LdapTemplate - The returnObjFlag of supplied SearchControls is not set but a ContextMapper is used - setting flag to true
2013-01-21 16:25:46,223 [http-bio-0.0.0.0-8080-exec-1] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator - Roles from search: [OpenKMAllUsers, OpenKMStudenten]
2013-01-21 16:25:46,224 [http-bio-0.0.0.0-8080-exec-1] DEBUG org.springframework.security.ldap.userdetails.LdapUserDetailsMapper - Mapping user details from context with DN: cn=OpenKM Student,ou=Studenten,ou=MMTOpenUsers,dc=mmtopen,dc=de
Code: Select all
User is found right. Also all the regarding groups are found correctly. The filters seems ok.2013-01-21 16:25:46,434 [http-bio-0.0.0.0-8080-exec-3] INFO com.openkm.module.db.DbAuthModule - Create okm:trash/okmstudent
2013-01-21 16:25:46,449 [http-bio-0.0.0.0-8080-exec-3] ERROR com.openkm.module.db.DbAuthModule - 1c5586aa-6d25-4e1f-a345-0cf721d8e304 : /okm:trash
com.openkm.core.PathNotFoundException: 1c5586aa-6d25-4e1f-a345-0cf721d8e304 : /okm:trash
at com.openkm.module.db.stuff.SecurityHelper.checkRead(SecurityHelper.java:106)
at com.openkm.dao.NodeFolderDAO.create(NodeFolderDAO.java:102)
at com.openkm.module.db.DbAuthModule.createBase(DbAuthModule.java:443)
at com.openkm.module.db.DbAuthModule.loadUserData(DbAuthModule.java:406)
at com.openkm.module.db.DbAuthModule.login(DbAuthModule.java:82)
at com.openkm.api.OKMAuth.login(OKMAuth.java:52)
at org.apache.jsp.frontend.index_jsp._jspService(index_jsp.java:68)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:432)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:311)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:116)
at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:101)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:182)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173)
at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:999)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:565)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:309)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:662)
So what is wrong with this exception?
OKM creates the right folder (Create okm:trash/okmstudent) but than looking for a folder (1c5586aa-6d25-4e1f-a345-0cf721d8e304 : /okm:trash) which was never created?!?! I don't understand this step. What is okm doing there? And where did this strange ID comes from?
Thanks guys!
And the "fix" from dejanfc works, too. Authenticated users can't access the admin tab unless they belong to an administrator role.