search

caelum / mamute

Q&A Engine
http://www.mamute.org/
Apache License 2.0
337 stars 152 forks source link

Lookup LDAP by uid instead of email? #283

Open rampatra opened 7 years ago

rampatra commented 7 years ago

Can anyone help me with the ldap configs required in mamute.properties if I want my users to login via their user ids instead of emails?

I have configured this way:

# Use database for authentication
feature.auth.db=false

# LDAP configuration
feature.auth.ldap=true
ldap.host=ldap1.nexagea.aola.net
ldap.port=389
ldap.user=roomptra
ldap.pass=sdfdsf7Mm
ldap.emailAttr=mail
ldap.nameAttr=givenName
ldap.surnameAttr=sn
ldap.userDn=OU=People,DC=nexage,DC=com
ldap.moderatorGroup=CN=Moderators,OU=Groups,DC=nexage,DC=com
ldap.lookupAllAttr=false
#ldap.userObjectClass=inetOrgPerson
ldap.lookupAttr=uid
ldap.useSSL=false
ldap.useTLS=false

and when I try to login with my user id I get this message:

There was an error using the configured authentication mechanism (ldap). Please check the logs for more information.

The logs give me this:

12:00:16 DEBUG [LDAPApi             ] LDAP connection error
org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: ERR_04202 A value is missing on some RDN
    at org.apache.directory.api.ldap.model.name.Dn.<init>(Dn.java:279)
    at org.apache.directory.ldap.client.api.AbstractLdapConnection.bind(AbstractLdapConnection.java:112)
    at org.mamute.auth.LDAPApi$LDAPResource.connection(LDAPApi.java:315)
    at org.mamute.auth.LDAPApi$LDAPResource.<init>(LDAPApi.java:296)
    at org.mamute.auth.LDAPApi$LDAPResource.<init>(LDAPApi.java:292)
    at org.mamute.auth.LDAPApi.authenticate(LDAPApi.java:142)
    at org.mamute.auth.LDAPAuthenticator.authenticate(LDAPAuthenticator.java:15)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:497)
    at org.jboss.weld.bean.proxy.AbstractBeanInstance.invoke(AbstractBeanInstance.java:38)
    at org.jboss.weld.bean.proxy.ProxyMethodHandler.invoke(ProxyMethodHandler.java:100)
    at org.jboss.weld.proxies.Authenticator$1717672998$Proxy$_$$_WeldClientProxy.authenticate(Unknown Source)
    at org.mamute.controllers.AuthController.login(AuthController.java:56)
    at org.mamute.controllers.AuthController$Proxy$_$$_WeldClientProxy.login(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:497)
    at net.vidageek.mirror.provider.java.PureJavaMethodReflectionProvider.invoke(PureJavaMethodReflectionProvider.java:38)
    at net.vidageek.mirror.invoke.MethodHandlerByMethod.withArgs(MethodHandlerByMethod.java:54)
    at br.com.caelum.vraptor.observer.ExecuteMethod.execute(ExecuteMethod.java:87)
    at br.com.caelum.vraptor.actioncache.events.CachedExecuteMethod.access$001(CachedExecuteMethod.java:24)
    at br.com.caelum.vraptor.actioncache.events.CachedExecuteMethod$1.run(CachedExecuteMethod.java:44)
    at br.com.caelum.vraptor.actioncache.events.ExecuteIfNoCache.execute(ExecuteIfNoCache.java:32)
    at br.com.caelum.vraptor.actioncache.events.CachedExecuteMethod.execute(CachedExecuteMethod.java:41)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:497)
    at org.jboss.weld.injection.MethodInjectionPoint.invokeOnInstanceWithSpecialValue(MethodInjectionPoint.java:90)
    at org.jboss.weld.event.ObserverMethodImpl.sendEvent(ObserverMethodImpl.java:271)
    at org.jboss.weld.event.ObserverMethodImpl.sendEvent(ObserverMethodImpl.java:258)
    at org.jboss.weld.event.ObserverMethodImpl.notify(ObserverMethodImpl.java:237)
    at org.jboss.weld.event.ObserverNotifier.notifyObserver(ObserverNotifier.java:174)
    at org.jboss.weld.event.ObserverNotifier.notifyObserver(ObserverNotifier.java:170)
    at org.jboss.weld.event.ObserverNotifier.notifyObservers(ObserverNotifier.java:124)
    at org.jboss.weld.event.EventImpl.fire(EventImpl.java:84)
    at br.com.caelum.vraptor.core.DefaultInterceptorStack.next(DefaultInterceptorStack.java:78)
    at org.mamute.providers.GlobalInterceptor.intercept(GlobalInterceptor.java:28)
    at org.mamute.providers.GlobalInterceptor$Proxy$_$$_WeldClientProxy.intercept(Unknown Source)
    at br.com.caelum.vraptor.core.ToInstantiateInterceptorHandler.execute(ToInstantiateInterceptorHandler.java:58)
    at br.com.caelum.vraptor.core.DefaultInterceptorStack.next(DefaultInterceptorStack.java:83)
    at org.mamute.interceptors.InternalErrorInterceptor.intercept(InternalErrorInterceptor.java:37)
    at org.mamute.interceptors.InternalErrorInterceptor$Proxy$_$$_WeldClientProxy.intercept(Unknown Source)
    at br.com.caelum.vraptor.core.ToInstantiateInterceptorHandler.execute(ToInstantiateInterceptorHandler.java:58)
    at br.com.caelum.vraptor.core.DefaultInterceptorStack.next(DefaultInterceptorStack.java:83)
    at org.mamute.interceptors.RulesInterceptor.intercept(RulesInterceptor.java:49)
    at org.mamute.interceptors.RulesInterceptor$Proxy$_$$_WeldClientProxy.intercept(Unknown Source)
    at br.com.caelum.vraptor.core.ToInstantiateInterceptorHandler.execute(ToInstantiateInterceptorHandler.java:58)
    at br.com.caelum.vraptor.core.DefaultInterceptorStack.next(DefaultInterceptorStack.java:83)
    at br.com.caelum.vraptor.core.ToInstantiateInterceptorHandler.execute(ToInstantiateInterceptorHandler.java:60)
    at br.com.caelum.vraptor.core.DefaultInterceptorStack.next(DefaultInterceptorStack.java:83)

Any ideas?

NOTE: I am running mamute in dev mode.

jp1337 commented 7 years ago

Hi @ramswaroop

I am using mamute with ldap connection. It was not trivial to implement, but here I share the configuration.

# --------------------------------------------
# ----------- LDAP Configuration -------------
# --------------------------------------------
feature.auth.ldap=true
feature.auth.db=false
ldap.host=domaincontroller.my.domain
ldap.port=636
ldap.user=CN=nonadmin,CN=Users,DC=my,DC=domain
ldap.pass=xxxxxx
ldap.emailAttr=mail
ldap.nameAttr=givenName
ldap.surnameAttr=sn
ldap.groupAttr=memberOf
ldap.userDn=CN=Users,DC=my,DC=domain
ldap.moderatorGroup=CN=Mamute Moderator,CN=Users,DC=my,DC=domain
ldap.lookupAttr=mail
ldap.lookupAllAttr=true
ldap.useSSL=true

I think you can change

ldap.lookupAttr=mail

to 

ldap.lookupAttr=sAMAccountName

This should make login by username possible in your case.

rampatra commented 7 years ago

Thanks for the help, let me try this and get back to you.

rampatra commented 7 years ago

Unfortunately, I am facing the same issue. My latest mamute.properties file is like:

# Use database for authentication
feature.auth.db=false

# LDAP configuration
feature.auth.ldap=true
ldap.host=ldap1.xxx.xxx.net
ldap.port=389
ldap.user=Directory Manager
ldap.pass=xxxxx
ldap.emailAttr=mail
ldap.nameAttr=givenName
ldap.surnameAttr=sn
ldap.userDn=OU=People,DC=nexage,DC=com
ldap.moderatorGroup=CN=Moderators,OU=Group,DC=nexage,DC=com
ldap.lookupAllAttr=true
ldap.userObjectClass=inetOrgPerson
ldap.lookupAttr=sAMAccountName
ldap.useSSL=false
ldap.useTLS=false

# enable user signup
feature.signup=false

NOTE: I am running mamute in dev mode. So shall I put the above configs in development.properties in order to take effect?

rampatra commented 7 years ago

@leocwolter @csokol @artdiniz @FernandaBernardo any tips you guys have? Will the ldap work if I am running in dev mode?