Open Source Document Management System | OpenKM

Because information matters
https://forum.openkm.com/

Receiving a "PathNotFoundException" with LDAP user

https://forum.openkm.com/viewtopic.php?t=9769

Page 1 of 1

Receiving a "PathNotFoundException" with LDAP user

PostPosted:Mon Apr 15, 2013 2:19 am
by jaseeey
Hi,

I have finally managed to configure LDAP login with the help of forum members in another thread. However, I have ran in to another problem. Upon logging in with a non-admin user, I receive the following message: "com.openkm.core.RepositoryException: PathNotFoundException: 03225c14-343c-406b-8836-92d65cd146bd : /okm:trash". I have looked around on this forum and tried numerous changes to try and fix it, but unfortunately I cannot get it to go.

Output from the error log:
Code: Select all
2013-04-15 11:42:41,982 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/services/**'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/status'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/download'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/workflow-register'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/webdav/**'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/j_spring_security_check'; against '/feed/**'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 1 of 8 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - HttpSession returned null object for SPRING_SECURITY_CONTEXT
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: org.apache.catalina.session.StandardSessionFacade@5b5ac942. A new one will be created.
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.FilterChainProxy - /j_spring_security_check at position 2 of 8 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2013-04-15 11:42:41,983 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Request is to process authentication
2013-04-15 11:42:41,984 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.authentication.ProviderManager - Authentication attempt using org.springframework.security.ldap.authentication.LdapAuthenticationProvider
2013-04-15 11:42:42,009 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.authentication.LdapAuthenticationProvider - Processing authentication request for user: jason
2013-04-15 11:42:42,016 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.search.FilterBasedLdapUserSearch - Searching for user 'jason', with user search [ searchFilter: '(cn={0})', searchBase: 'ou=people,dc=server,dc=world', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]
2013-04-15 11:42:42,051 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.SpringSecurityLdapTemplate - Searching for entry under DN '', base = 'ou=people,dc=server,dc=world', filter = '(cn={0})'
2013-04-15 11:42:42,072 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.SpringSecurityLdapTemplate - Found DN: uid=jason,ou=people,dc=server,dc=world
2013-04-15 11:42:42,079 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.authentication.BindAuthenticator - Attempting to bind as uid=jason,ou=people,dc=server,dc=world
2013-04-15 11:42:42,079 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.DefaultSpringSecurityContextSource - Removing pooling flag for user uid=jason,ou=people,dc=server,dc=world
2013-04-15 11:42:42,085 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.authentication.BindAuthenticator - Retrieving attributes...
2013-04-15 11:42:42,093 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator - Getting authorities for user uid=jason,ou=people,dc=server,dc=world
2013-04-15 11:42:42,095 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator - Searching for roles for user 'jason', DN = 'uid=jason,ou=people,dc=server,dc=world', with filter (memberUid={0}) in search base 'ou=groups,dc=server,dc=world'
2013-04-15 11:42:42,095 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.SpringSecurityLdapTemplate - Using filter: (memberUid=uid=jason,ou=people,dc=server,dc=world)
2013-04-15 11:42:42,100 [http-bio-0.0.0.0-8080-exec-5] INFO  org.springframework.ldap.core.LdapTemplate - The returnObjFlag of supplied SearchControls is not set but a ContextMapper is used - setting flag to true
2013-04-15 11:42:42,104 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator - Roles from search: []
2013-04-15 11:42:42,105 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.ldap.userdetails.LdapUserDetailsMapper - Mapping user details from context with DN: uid=jason,ou=people,dc=server,dc=world
2013-04-15 11:42:42,109 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy - Invalidating session with Id '9A0D3B16CC3ECCE87D78D8A8363F88CB' and migrating attributes.
2013-04-15 11:42:42,113 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.authentication.session.SessionFixationProtectionStrategy - Started new session: BBA4E7CF5E93B6ADC301B36B6597E084
2013-04-15 11:42:42,114 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter - Authentication success. Updating SecurityContextHolder to contain: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@e884be07: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@e8856063: Dn: uid=jason,ou=people,dc=server,dc=world; Username: jason; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe21a0: RemoteIpAddress: 192.168.1.43; SessionId: 9A0D3B16CC3ECCE87D78D8A8363F88CB; Not granted any authorities
2013-04-15 11:42:42,114 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler - Redirecting to DefaultSavedRequest Url: http://192.168.1.47:8080/OpenKM/frontend/index.jsp
2013-04-15 11:42:42,116 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.DefaultRedirectStrategy - Redirecting to 'http://192.168.1.47:8080/OpenKM/frontend/index.jsp'
2013-04-15 11:42:42,116 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - SecurityContext stored to HttpSession: 'org.springframework.security.core.context.SecurityContextImpl@e884be07: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@e884be07: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@e8856063: Dn: uid=jason,ou=people,dc=server,dc=world; Username: jason; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe21a0: RemoteIpAddress: 192.168.1.43; SessionId: 9A0D3B16CC3ECCE87D78D8A8363F88CB; Not granted any authorities'
2013-04-15 11:42:42,116 [http-bio-0.0.0.0-8080-exec-5] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
2013-04-15 11:42:42,133 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/services/**'
2013-04-15 11:42:42,134 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/status'
2013-04-15 11:42:42,134 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/download'
2013-04-15 11:42:42,134 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/workflow-register'
2013-04-15 11:42:42,134 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/webdav/**'
2013-04-15 11:42:42,136 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/feed/**'
2013-04-15 11:42:42,136 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 1 of 8 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2013-04-15 11:42:42,136 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - Obtained a valid SecurityContext from SPRING_SECURITY_CONTEXT: 'org.springframework.security.core.context.SecurityContextImpl@e884be07: Authentication: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@e884be07: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@e8856063: Dn: uid=jason,ou=people,dc=server,dc=world; Username: jason; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe21a0: RemoteIpAddress: 192.168.1.43; SessionId: 9A0D3B16CC3ECCE87D78D8A8363F88CB; Not granted any authorities'
2013-04-15 11:42:42,137 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 2 of 8 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2013-04-15 11:42:42,137 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 3 of 8 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2013-04-15 11:42:42,138 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - pathInfo: both null (property equals)
2013-04-15 11:42:42,138 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - queryString: both null (property equals)
2013-04-15 11:42:42,138 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - requestURI: arg1=/OpenKM/frontend/index.jsp; arg2=/OpenKM/frontend/index.jsp (property equals)
2013-04-15 11:42:42,139 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - serverPort: arg1=8080; arg2=8080 (property equals)
2013-04-15 11:42:42,139 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - requestURL: arg1=http://192.168.1.47:8080/OpenKM/frontend/index.jsp; arg2=http://192.168.1.47:8080/OpenKM/frontend/index.jsp (property equals)
2013-04-15 11:42:42,139 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - scheme: arg1=http; arg2=http (property equals)
2013-04-15 11:42:42,139 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - serverName: arg1=192.168.1.47; arg2=192.168.1.47 (property equals)
2013-04-15 11:42:42,139 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - contextPath: arg1=/OpenKM; arg2=/OpenKM (property equals)
2013-04-15 11:42:42,140 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.DefaultSavedRequest - servletPath: arg1=/frontend/index.jsp; arg2=/frontend/index.jsp (property equals)
2013-04-15 11:42:42,140 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.savedrequest.HttpSessionRequestCache - Removing DefaultSavedRequest from session if present
2013-04-15 11:42:42,145 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 4 of 8 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 5 of 8 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.authentication.AnonymousAuthenticationFilter - SecurityContextHolder not populated with anonymous token, as it already contained: 'org.springframework.security.authentication.UsernamePasswordAuthenticationToken@e884be07: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@e8856063: Dn: uid=jason,ou=people,dc=server,dc=world; Username: jason; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe21a0: RemoteIpAddress: 192.168.1.43; SessionId: 9A0D3B16CC3ECCE87D78D8A8363F88CB; Not granted any authorities'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 6 of 8 in additional filter chain; firing Filter: 'SessionManagementFilter'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 7 of 8 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp at position 8 of 8 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/frontend/index.jsp'; against '/frontend/**'
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - Secure object: FilterInvocation: URL: /frontend/index.jsp; Attributes: [IS_AUTHENTICATED_FULLY]
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - Previously Authenticated: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@e884be07: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@e8856063: Dn: uid=jason,ou=people,dc=server,dc=world; Username: jason; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; Granted Authorities: ; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@fffe21a0: RemoteIpAddress: 192.168.1.43; SessionId: 9A0D3B16CC3ECCE87D78D8A8363F88CB; Not granted any authorities
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.access.vote.AffirmativeBased - Voter: org.springframework.security.access.vote.RoleVoter@7f38f3d1, returned: 0
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.access.vote.AffirmativeBased - Voter: org.springframework.security.access.vote.AuthenticatedVoter@740f5f97, returned: 1
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - Authorization successful
2013-04-15 11:42:42,146 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - RunAsManager did not change Authentication object
2013-04-15 11:42:42,147 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.FilterChainProxy - /frontend/index.jsp reached end of additional filter chain; proceeding with original chain
2013-04-15 11:42:42,263 [http-bio-0.0.0.0-8080-exec-7] INFO  com.openkm.module.db.DbAuthModule - Create okm:trash/jason
2013-04-15 11:42:42,272 [http-bio-0.0.0.0-8080-exec-7] ERROR com.openkm.module.db.DbAuthModule - 03225c14-343c-406b-8836-92d65cd146bd : /okm:trash
com.openkm.core.PathNotFoundException: 03225c14-343c-406b-8836-92d65cd146bd : /okm:trash
        at com.openkm.module.db.stuff.SecurityHelper.checkRead(SecurityHelper.java:84)
        at com.openkm.dao.NodeFolderDAO.create(NodeFolderDAO.java:103)
        at com.openkm.module.db.DbAuthModule.createBase(DbAuthModule.java:473)
        at com.openkm.module.db.DbAuthModule.loadUserData(DbAuthModule.java:436)
        at com.openkm.module.db.DbAuthModule.login(DbAuthModule.java:81)
        at com.openkm.api.OKMAuth.login(OKMAuth.java:53)
        at org.apache.jsp.frontend.index_jsp._jspService(index_jsp.java:68)
        at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
        at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:432)
        at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:390)
        at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:334)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:311)
        at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:116)
        at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
        at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
        at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:101)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
        at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
        at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
        at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:182)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
        at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
        at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173)
        at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
        at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
        at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:999)
        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:565)
        at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:309)
        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
        at java.lang.Thread.run(Thread.java:662)
2013-04-15 11:42:42,299 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.access.ExceptionTranslationFilter - Chain processed normally
2013-04-15 11:42:42,299 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - HttpSession is now null, but was not null at start of request; session was invalidated, so do not create a new session
2013-04-15 11:42:42,299 [http-bio-0.0.0.0-8080-exec-7] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
2013-04-15 11:42:42,427 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/services/**'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/status'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/download'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/workflow-register'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/webdav/**'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/feed/**'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 1 of 8 in additional filter chain; firing Filter: 'SecurityContextPersistenceFilter'
2013-04-15 11:42:42,428 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - No HttpSession currently exists
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - No SecurityContext was available from the HttpSession: null. A new one will be created.
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 2 of 8 in additional filter chain; firing Filter: 'UsernamePasswordAuthenticationFilter'
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 3 of 8 in additional filter chain; firing Filter: 'RequestCacheAwareFilter'
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 4 of 8 in additional filter chain; firing Filter: 'SecurityContextHolderAwareRequestFilter'
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 5 of 8 in additional filter chain; firing Filter: 'AnonymousAuthenticationFilter'
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.authentication.AnonymousAuthenticationFilter - Populated SecurityContextHolder with anonymous token: 'org.springframework.security.authentication.AnonymousAuthenticationToken@90550640: Principal: anonymousUser; Credentials: [PROTECTED]; Authenticated: true; Details: org.springframework.security.web.authentication.WebAuthenticationDetails@7798: RemoteIpAddress: 192.168.1.43; SessionId: null; Granted Authorities: ROLE_ANONYMOUS'
2013-04-15 11:42:42,433 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 6 of 8 in additional filter chain; firing Filter: 'SessionManagementFilter'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.session.SessionManagementFilter - Requested session IDBBA4E7CF5E93B6ADC301B36B6597E084 is invalid.
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 7 of 8 in additional filter chain; firing Filter: 'ExceptionTranslationFilter'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login at position 8 of 8 in additional filter chain; firing Filter: 'FilterSecurityInterceptor'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/frontend/**'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/login.jsp'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/admin/**'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/repositorystartup'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/test'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.util.AntPathRequestMatcher - Checking match of request : '/logo/login'; against '/extension/**'
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.access.intercept.FilterSecurityInterceptor - Public object - authentication not attempted
2013-04-15 11:42:42,434 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.FilterChainProxy - /logo/login reached end of additional filter chain; proceeding with original chain
2013-04-15 11:42:42,457 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.access.ExceptionTranslationFilter - Chain processed normally
2013-04-15 11:42:42,457 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.context.HttpSessionSecurityContextRepository - SecurityContext is empty or contents are anonymous - context will not be stored in HttpSession.
2013-04-15 11:42:42,457 [http-bio-0.0.0.0-8080-exec-6] DEBUG org.springframework.security.web.context.SecurityContextPersistenceFilter - SecurityContextHolder now cleared, as request processing completed
The configuration in OpenKM.xml:
Code: Select all
  <security:ldap-server id="ldapServer" url="ldap://127.0.0.1:389" manager-dn="cn=admin,dc=server,dc=world" manager-password="********"/>

  <security:authentication-manager alias="authenticationManager">
    <security:ldap-authentication-provider
      server-ref="ldapServer"
      user-search-base="ou=people,dc=server,dc=world"
      user-search-filter="(cn={0})"
      group-search-base="ou=groups,dc=server,dc=world"
      group-search-filter="(memberUid={0})"
      group-role-attribute="cn"
      role-prefix="">
    </security:ldap-authentication-provider>
    <security:authentication-provider>
      <security:password-encoder hash="md5"/>
      <security:jdbc-user-service
        data-source-ref="dataSource"
        users-by-username-query="select usr_id, usr_password, 1 from OKM_USER where usr_id=? and usr_active='T'"
        authorities-by-username-query="select ur_user, ur_role from OKM_USER_ROLE where ur_user=?"/>
    </security:authentication-provider>
  </security:authentication-manager>
The configuration attributes:
Code: Select all
principal.adapter=com.openkm.principal.LdapPrincipalAdapter	    
principal.database.filter.inactive.users=true		    
principal.ldap.mail.attribute=mail	    
principal.ldap.mail.search.base=ou=people,dc=server,dc=world	    
principal.ldap.mail.search.filter=(&(objectClass=inetOrgPerson)(cn={0}))	    
principal.ldap.referral=follow	    
principal.ldap.role.attribute=cn	    
principal.ldap.role.search.base=ou=groups,dc=server,dc=world	    
principal.ldap.role.search.filter=(objectClass=posixGroup)	    
principal.ldap.roles.by.user.attribute=cn	    
principal.ldap.roles.by.user.search.base=ou=groups,dc=server,dc=world	    
principal.ldap.roles.by.user.search.filter=(memberUid={0})	    
principal.ldap.security.credentials=********
principal.ldap.security.principal=cn=admin,dc=server,dc=world	    
principal.ldap.server=ldap://192.168.1.47:389	    
principal.ldap.user.attribute=cn	    
principal.ldap.user.search.base=ou=people,dc=server,dc=world	    
principal.ldap.user.search.filter=(objectClass=inetOrgPerson)	    
principal.ldap.username.attribute=cn	    
principal.ldap.username.search.base=ou=people,dc=server,dc=world	    
principal.ldap.username.search.filter=(&(objectClass=inetOrgPerson)(cn={0}))	    
principal.ldap.users.by.role.attribute=memberUid	    
principal.ldap.users.by.role.search.base=ou=groups,dc=server,dc=world	    
principal.ldap.users.by.role.search.filter=(&(objectClass=posixGroup)(cn={0}))	    
principal.ldap.users.from.roles=true
My OpenLDAP server contains two groups in the 'ou=groups,dc=server,dc=world' context, which are 'ROLE_USER' and 'ROLE_ADMIN'. I have added 'memberUid=jason' to 'ROLE_USER' and 'memberUid=okmAdmin' to 'ROLE_ADMIN'. The user list and role list show up correctly in the administrator user management area, and my default user role is left as per default in OpenKM.

Am I doing something wrong here? This is only a test environment before I move everything to production, but unfortunately it's getting to the point where I'm endlessly breaking it and not finding a solution.

Any help on this is much appreciated; and should hopefully be the last thing needed before I can get this up and running.

Thank you,

Jason.

Re: Receiving a "PathNotFoundException" with LDAP user

PostPosted:Mon Apr 15, 2013 3:35 am
by jaseeey
Hi,

I have managed to work this one out.

In the OpenKM.xml file, the 'group-search-filter="(memberUid={0})' attribute was changed to 'group-search-filter="(memberUid={1})', because I noticed it was searching for 'memberUid=uid=jason,ou=groups,dc=server,dc=world. Changing the variable to {1} inserts just the username, making it search for 'memberUid=jason,ou=groups,dc=server,dc=world'.

I also noticed that it was setting the role as "ROLE_ROLE_USER" on the login page, but only reading "ROLE_USER" in the integration configuration. Changing 'role-prefix=""' to 'role-prefix="none"' fixed the issue. My LDAP configuration now works perfectly.

Thank you for the many useful posts around this forum and the guides on the Wiki.

Cheers,

Jason.

Re: Receiving a "PathNotFoundException" with LDAP user

PostPosted:Wed Apr 17, 2013 5:52 am
by jllort
As indicates jaseeey yuor problem is in OpenKM.xml configuration file in the part you're getting the roles. You're not getting the roles correctly. I think you're using openldap take a look at that example http://wiki.openkm.com/index.php/Ldap-example1

Re: Receiving a "PathNotFoundException" with LDAP user

PostPosted:Wed Apr 05, 2017 5:36 pm
by Florentin
Hi everybody!
I have same problem. I followed your recommendations but still nothing. Here are my configurations:
Image
I use OpenLdap:
Image
openkm.xlm:
Code: Select all
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns:beans="http://www.springframework.org/schema/beans"
             xmlns:security="http://www.springframework.org/schema/security"
             xmlns:task="http://www.springframework.org/schema/task"
             xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
             xsi:schemaLocation="http://www.springframework.org/schema/beans
                                 http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
                                 http://www.springframework.org/schema/security
                                 http://www.springframework.org/schema/security/spring-security-3.1.xsd
                                 http://www.springframework.org/schema/task
                                 http://www.springframework.org/schema/task/spring-task-3.1.xsd">

<security:ldap-server id="ldapServer" url="ldap://127.0.0.1:389" manager-dn="cn=admin,dc=slimbot,dc=tic" manager-password="02097787"/>

  <security:authentication-manager alias="authenticationManager">
    <security:ldap-authentication-provider
      server-ref="ldapServer"
      user-search-base="ou=sambaSlimbot,dc=slimbot,dc=tic"
      user-search-filter="(uid={0})"
      group-search-base="ou=samba,dc=slimbot,dc=tic"
      group-search-filter="(memberUid={1})"
      group-role-attribute="cn"
      role-prefix="none">
    </security:ldap-authentication-provider>
    <security:authentication-provider>
      <security:password-encoder hash="md5"/>
      <security:jdbc-user-service
        data-source-ref="dataSource"
        users-by-username-query="select usr_id, usr_password, 1 from OKM_USER where usr_id=? and usr_active='T'"
        authorities-by-username-query="select ur_user, ur_role from OKM_USER_ROLE where ur_user=?"/>
    </security:authentication-provider>
  </security:authentication-manager>								 

</beans:beans>
Can you help me please!
Thanks in advance.

Re: Receiving a "PathNotFoundException" with LDAP user

PostPosted:Fri Apr 07, 2017 6:17 pm
by jllort
The problem I think might be from this configuration are not getting the roles of the user. Ensure in your AD have created ROLE_USER and ROLE_ADMIN and the user is member of one of them. Finally seems you are in openLdap, correct me if I'm wrong ? but in this case I suggest take a look at this configuration https://docs.openkm.com/kcenter/view/ok ... login.html ( if you are working with microsoft ad then look at here https://docs.openkm.com/kcenter/view/ok ... roles.html )

Re: Receiving a "PathNotFoundException" with LDAP user

PostPosted:Tue Apr 11, 2017 9:21 am
by Florentin
Hi! thank you. it works fine.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited