Help with configuring LDAP on OSX
PostPosted:Sat May 29, 2010 7:28 am
Hi guys
We used the login-config.xml and openkm.cfg files from the documentation, and modified them for our system.
We are running Zimbra for email, and its this ldap we wish to use.
This is the openkm.cfg
When we start Jboss/OpenKM, this is the output, up to the first error:
If you don't want to read all that, here is the first error:
so can anyone please suggest what may be wrong and suggest a solution? Gettin desparate here!
Note, I have replaced out server address and dc value with "foobar" and have also replaces a password with "password"
Thanks a lot!
We used the login-config.xml and openkm.cfg files from the documentation, and modified them for our system.
We are running Zimbra for email, and its this ldap we wish to use.
This is the openkm.cfg
Code: Select all
This is our login-config.xml# Default configuration values
#
# repository.config=repository.xml
# repository.home=repository
# system.user=system
# default.user.role=UserRol
# default.admin.role=AdminRol
# principal.adapter=es.git.openkm.core.UsersRolesPrincipalAdapter
# max.file.size=5
# max.search.results=25
# system.demo=off
# update.info=off
# system.ocr=/usr/bin/tesseract
# system.openoffice=on
# system.pdf2swf=/usr/bin/pdf2swf
# system.readonly=off
# system.antivir=/usr/bin/clamscan
restrict.file.mime=off
restrict.file.extension=*~,*.bak,._*
principal.adapter=es.git.openkm.principal.LdapPrincipalAdapter
principal.ldap.server=ldap://zimbra.foobar.local
principal.ldap.security.principal=uid=admin,ou=people,dc=foobar,dc=com
principal.ldap.security.credentials="password"
principal.ldap.user.search.base=ou=people,dc=foobar,dc=com
principal.ldap.user.search.filter=(objectClass=organizationalPerson)
principal.ldap.user.atribute=uid
principal.ldap.role.search.base=ou=groups,dc=foobar,dc=com
principal.ldap.role.search.filter=(objectClass=posixGroup)
principal.ldap.role.atribute=cn
principal.ldap.mail.search.base=cn={0},ou=people,dc=foobar,dc=com
principal.ldap.mail.search.filter=(objectClass=organizationalPerson)
principal.ldap.mail.atribute=zimbraMailDeliveryAddress
system.login.lowercase=on
Code: Select all
<?xml version='1.0'?>
<policy>
<application-policy name="OpenKM">
<authentication>
<login-module code="org.jboss.security.auth.spi.LdapExtLoginModule" flag="required" >
<module-option name="java.naming.provider.url">ldap://zimbra.foobar.local:389</module-option>
<module-option name="bindDN">cn=config</module-option>
<module-option name="java.naming.security.authentication">simple</module-option>
<module-option name="bindCredential">password</module-option>
<module-option name="baseCtxDN">ou=people,dc=foobar,dc=com</module-option>
<module-option name="baseFilter">(uid={0})</module-option>
<module-option name="defaultRole">Domain Users</module-option>
<module-option name="rolesCtxDN">ou=groups,dc=foobar,dc=com</module-option>
<module-option name="roleFilter">(memberUid={0})</module-option>
<module-option name="roleAttributeIsDN">false</module-option>
<module-option name="roleAttributeID">cn</module-option>
<module-option name="roleRecursion">1</module-option>
<module-option name="searchTimeLimit">5000</module-option>
<module-option name="searchScope">SUBTREE_SCOPE</module-option>
</login-module>
</authentication>
</application-policy>
</policy>
When we start Jboss/OpenKM, this is the output, up to the first error:
Code: Select all
openkm:bin root# ./run.sh 0.0.0.0
./run.sh: line 90: ulimit: open files: cannot modify limit: Invalid argument
run.sh: Could not set maximum file descriptor limit: unlimited
=========================================================================
JBoss Bootstrap Environment
JBOSS_HOME: //Volumes/Macintosh HD2/openkm/jboss-4.2.3.GA
JAVA: java
JAVA_OPTS: -Dprogram.name=run.sh -Xms256m -Xmx1024m -XX:PermSize=64m -XX:MaxPermSize=128m -Djava.awt.headless=true
CLASSPATH: //Volumes/Macintosh HD2/openkm/jboss-4.2.3.GA/bin/run.jar
=========================================================================
run.sh: unused non-option argument: 0.0.0.0
17:21:27,284 INFO [Server] Starting JBoss (MX MicroKernel)...
17:21:27,285 INFO [Server] Release ID: JBoss [Trinity] 4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181439)
17:21:27,287 INFO [Server] Home Dir: /Volumes/Macintosh HD2/openkm/jboss-4.2.3.GA
17:21:27,287 INFO [Server] Home URL: file:/Volumes/Macintosh HD2/openkm/jboss-4.2.3.GA/
17:21:27,288 INFO [Server] Patch URL: null
17:21:27,288 INFO [Server] Server Name: default
17:21:27,288 INFO [Server] Server Home Dir: /Volumes/Macintosh HD2/openkm/jboss-4.2.3.GA/server/default
17:21:27,288 INFO [Server] Server Home URL: file:/Volumes/Macintosh HD2/openkm/jboss-4.2.3.GA/server/default/
17:21:27,288 INFO [Server] Server Log Dir: /Volumes/Macintosh HD2/openkm/jboss-4.2.3.GA/server/default/log
17:21:27,289 INFO [Server] Server Temp Dir: /Volumes/Macintosh HD2/openkm/jboss-4.2.3.GA/server/default/tmp
17:21:27,289 INFO [Server] Root Deployment Filename: jboss-service.xml
17:21:27,508 INFO [ServerInfo] Java version: 1.6.0_20,Apple Inc.
17:21:27,508 INFO [ServerInfo] Java VM: Java HotSpot(TM) 64-Bit Server VM 16.3-b01-279,Apple Inc.
17:21:27,509 INFO [ServerInfo] OS-System: Mac OS X 10.6.3,x86_64
17:21:27,813 INFO [Server] Core system initialized
17:21:29,433 INFO [WebService] Using RMI server codebase: http://127.0.0.1:8083/
17:21:29,434 INFO [Log4jService$URLWatchTimerTask] Configuring from URL: resource:jboss-log4j.xml
17:21:31,893 INFO [EJB3Deployer] Starting java:comp multiplexer
17:21:33,533 INFO [NativeServerConfig] JBoss Web Services - Native
17:21:33,533 INFO [NativeServerConfig] jbossws-3.0.1-native-2.0.4.GA (build=200803312044)
17:21:34,101 INFO [Embedded] Catalina naming disabled
17:21:34,202 INFO [AprLifecycleListener] The Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: .:/Library/Java/Extensions:/System/Library/Java/Extensions:/usr/lib/java
17:21:34,246 INFO [Http11Protocol] Initializing Coyote HTTP/1.1 on http-127.0.0.1-80
17:21:34,247 INFO [AjpProtocol] Initializing Coyote AJP/1.3 on ajp-127.0.0.1-8009
17:21:34,247 INFO [Catalina] Initialization processed in 146 ms
17:21:34,247 INFO [StandardService] Starting service jboss.web
17:21:34,254 INFO [StandardEngine] Starting Servlet Engine: JBossWeb/2.0.1.GA
17:21:34,308 INFO [Catalina] Server startup in 61 ms
17:21:34,376 INFO [TomcatDeployer] deploy, ctxPath=/, warUrl=.../deploy/jboss-web.deployer/ROOT.war/
17:21:34,813 INFO [TomcatDeployer] deploy, ctxPath=/invoker, warUrl=.../deploy/http-invoker.sar/invoker.war/
17:21:34,919 INFO [TomcatDeployer] deploy, ctxPath=/jbossws, warUrl=.../deploy/jbossws.sar/jbossws-context.war/
17:21:34,992 INFO [TomcatDeployer] deploy, ctxPath=/jbossmq-httpil, warUrl=.../deploy/jms/jbossmq-httpil.sar/jbossmq-httpil.war/
17:21:35,714 INFO [TomcatDeployer] deploy, ctxPath=/web-console, warUrl=.../deploy/management/console-mgr.sar/web-console.war/
17:21:36,089 INFO [MailService] Mail Service bound to java:/Mail
17:21:36,093 INFO [MailService] Mail Service bound to java:/mail/OpenKM
17:21:36,181 INFO [RARDeployment] Required license terms exist, view META-INF/ra.xml in .../deploy/jboss-ha-local-jdbc.rar
17:21:36,202 INFO [RARDeployment] Required license terms exist, view META-INF/ra.xml in .../deploy/jboss-ha-xa-jdbc.rar
17:21:36,219 INFO [RARDeployment] Required license terms exist, view META-INF/ra.xml in .../deploy/jboss-local-jdbc.rar
17:21:36,237 INFO [RARDeployment] Required license terms exist, view META-INF/ra.xml in .../deploy/jboss-xa-jdbc.rar
17:21:36,294 INFO [RARDeployment] Required license terms exist, view META-INF/ra.xml in .../deploy/jms/jms-ra.rar
17:21:36,343 INFO [RARDeployment] Required license terms exist, view META-INF/ra.xml in .../deploy/mail-ra.rar
17:21:36,366 INFO [RARDeployment] Required license terms exist, view META-INF/ra.xml in .../deploy/quartz-ra.rar
17:21:36,372 INFO [QuartzResourceAdapter] start quartz!!!
17:21:36,417 INFO [SimpleThreadPool] Job execution threads will use class loader of thread: main
17:21:36,432 INFO [QuartzScheduler] Quartz Scheduler v.1.5.2 created.
17:21:36,434 INFO [RAMJobStore] RAMJobStore initialized.
17:21:36,435 INFO [StdSchedulerFactory] Quartz scheduler 'DefaultQuartzScheduler' initialized from default resource file in Quartz package: 'quartz.properties'
17:21:36,435 INFO [StdSchedulerFactory] Quartz scheduler version: 1.5.2
17:21:36,435 INFO [QuartzScheduler] Scheduler DefaultQuartzScheduler_$_NON_CLUSTERED started.
17:21:36,872 INFO [ConnectionFactoryBindingService] Bound ConnectionManager 'jboss.jca:service=DataSourceBinding,name=DefaultDS' to JNDI name 'java:DefaultDS'
17:21:36,891 ERROR [GeneralPurposeDatabasePersistencePlugin] Cannot create timer table
java.lang.SecurityException: Invalid authentication attempt, principal=null
at org.jboss.resource.connectionmanager.BaseConnectionManager2.getSubject(BaseConnectionManager2.java:595)
at org.jboss.resource.connectionmanager.BaseConnectionManager2.allocateConnection(BaseConnectionManager2.java:401)
If you don't want to read all that, here is the first error:
Code: Select all
17:21:36,891 ERROR [GeneralPurposeDatabasePersistencePlugin] Cannot create timer table
java.lang.SecurityException: Invalid authentication attempt, principal=null
at org.jboss.resource.connectionmanager.BaseConnectionManager2.getSubject(BaseConnectionManager2.java:595)
so can anyone please suggest what may be wrong and suggest a solution? Gettin desparate here!
Note, I have replaced out server address and dc value with "foobar" and have also replaces a password with "password"
Thanks a lot!