portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eivinn Hustveit <eiv...@fortiden.com>
Subject Re: Jetspeed LDAP
Date Thu, 09 Mar 2006 11:05:29 GMT
Hi Marky,

Thanks for answering!

We have only used the jetspeed.schema from HEAD so it should not have  
any problems to my knowledge. Could it be due to a not fully  
implemented LdapGroupSecurityHandler in the 2.0 installer?

Here is a small bit of jetspeed.log:
-------
2006-03-09 10:30:21,934 [http-11080-Processor25] ERROR  
org.apache.jetspeed.security.impl.GroupManagerImpl - Unable to create  
the role.
org.apache.jetspeed.security.SecurityException:  
javax.naming.directory.SchemaViolationException: [LDAP: error code 65  
- object class 'jetspeed-2-group' requires attribute 'uniqueMember'];  
remaining name 'uid=admin_group,ou=groups'
         at  
org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDaoImpl.create 
(LdapPrincipalDaoImpl.java:113)
         at  
org.apache.jetspeed.security.spi.impl.LdapGroupSecurityHandler.setGroupP 
rincipal(LdapGroupSecurityHandler.java:133)
         at  
org.apache.jetspeed.security.impl.GroupManagerImpl.addGroup 
(GroupManagerImpl.java:115)
-------

As for included schemas, this is the list from slapd.conf:
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/inetorgperson.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/java.schema
include         /etc/openldap/schema/jetspeed.schema


Any pointers would be very much apreciated.


Sincerely

Eivinn Hustveit
System Manager		
http://www.mobiletech.no


On 09/03/2006, at 6:10 AM, Marky Goldstein wrote:

> Hi Eivinn,
>
> As the exception says there is a Schema Violation... did somebody,
> something change the Schema? Read about LDAP Schema and you might
> be able to understand..
>
> Best regards,
> Marky Goldstein
>
> Eivinn Hustveit schrieb:
>>     From:       eivinn@fortiden.com
>>     Subject:     Jetspeed2 LDAP
>>     Date:     8 March 2006 4:41:50 PM
>>     To:       jetspeed-dev@portals.apache.org
>>
>> Hi,
>>
>> We are currently trying to merge our Jetspeed2-M3 server over to  
>> Jetspeed2.0-Final and OpenLDAP. Currently we have gotten Jetspeed  
>> to use user authentication through LDAP.
>>
>> Our steps to get so far was installing Jetspeed2 with the  
>> installer. Fixing up jetspeed.war from that server to include LDAP  
>> specific assembly files and deploying on our linux server.
>>
>> The latest advancement is adding LdapGroupSecurityHandler to  
>> security-spi-atz.xml but this is somewhat unsuccessful. When using  
>> Group Manager to add a new group I get the exception:
>> -----
>> javax.naming.directory.SchemaViolationException: [LDAP: error code  
>> 65 - object class 'jetspeed-2-group' requires attribute  
>> 'uniqueMember']; remaining name 'uid=ldap_eivinn,ou=groups'
>> -----
>>
>> I have also been reading up on the LDAP threads from 3rd of  
>> February which seem to conclude that by using the Jetspeed source  
>> we could get full LDAP support. Is this correct? Will the  
>> LdapSecurityMappingHandler etc be used with LDAP for groups,  
>> roles, and encrypted user authentication if I build Jetspeed from  
>> source? Are there any steps to produce the same result with a patch?
>>
>>
>>
>> Sincerely
>>
>> Eivinn Hustveit
>> System Manager       http://www.mobiletech.no
>>
>>
>
>
> -- 
> R.Ø.S.A.
> Identity: Marky Goldstein
> E-Mail: ready@rosa.com
> Task: Managing Director, Product & Strategy
>
> R.Ø.S.A. Creation. Technology. Intelligence. AG
> Seefeldstrasse 231, 8008 Zurich, Switzerland
> Phone: +41 1 389 63 33
> Fax: +41 1 389 63 30
> URL: http://www.rosa.com/
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message