[opencms-dev] Unable to fetch groups from ldap with ocee-ldap
Per-Olof Widström
per-olof.widstrom at splendid.se
Wed Aug 19 10:05:42 CEST 2009
Hi,
I'm trying to set up the ocee-ldap module. Everything works, except
getting groups from ldap.
I can synchronize users i.e. import them to the database, but when I try
to do the same with the groups I get nothing (an empty list).
It is also possible to authenticate against the ldap, but when a valid
combination of username and password is given, while logging in to the
open cms explorer, I get a 500 error message.
The logs tells me this:
Aug 17, 2009 3:04:08 PM org.apache.catalina.core.ApplicationDispatcher
invoke
SEVERE: Servlet.service() for servlet jsp threw exception
java.lang.NullPointerException
at
org.opencms.ocee.ldap.CmsLdapGroupDefinition.getFilterByMember(CmsLdapGroupDefinition.java:145)
at
org.opencms.ocee.ldap.CmsLdapManager.lookupGroupNames(CmsLdapManager.java:789)
at
org.opencms.ocee.ldap.CmsLdapUserDriver.o0000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000000000super(CmsLdapUserDriver.java:1376)
at
org.opencms.ocee.ldap.CmsLdapUserDriver.o0000000000000000000000000000000000000000000000000000000000000000000
00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000000000000000000000000000000000super(CmsLdapUserDriver.java:1197)
at
org.opencms.ocee.ldap.CmsLdapUserDriver.readUser(CmsLdapUserDriver.java:833)
at
org.opencms.ocee.ldap.CmsLdapUserDriver.readUser(CmsLdapUserDriver.java:844)
at
org.opencms.db.CmsDriverManager.loginUser(CmsDriverManager.java:4700)
at
org.opencms.db.CmsSecurityManager.loginUser(CmsSecurityManager.java:2884)
at org.opencms.file.CmsObject.loginUser(CmsObject.java:2267)
at org.opencms.jsp.CmsJspLoginBean.login(CmsJspLoginBean.java:189)
at org.opencms.jsp.CmsJspLoginBean.login(CmsJspLoginBean.java:169)
at org.opencms.workplace.CmsLogin.displayDialog(CmsLogin.java:293)
at
org.apache.jsp.WEB_002dINF.jsp.online.system.login.index_html_jsp._jspService(index_html_jsp.java:59)
at
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:374)
at
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:342)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:267)
[snip]
The ldap server I'm using is Sun Java System Directory Server Enterprise
Edition 6.3. It supports RFC 2798, and it looks as it supports 2256
also, although that RFC number seems to be obsolete, see link below.
http://docs.sun.com/app/docs/doc/820-2766/gdutg?a=view
My ocee-ldap.xml has the following enteries:
<ou-definition> <!-- Splendid -->
<ou-name>org1</ou-name>
<group-definitions>
<group-definition membersformat="fulldn">
<group-access>
<group-filters>
<all>(objectclass=groupofuniquenames)</all>
<by-name>(&(objectclass=groupofuniquenames)(cn=?))</by-name>
</group-filters>
<contexts>
<context>ou=Groups,o=org1,o=comms,dc=domain,dc=com</context>
</contexts>
</group-access>
<group-mappings>
<groupid>cn</groupid>
<groupname>cn</groupname>
<member>uniquemember</member>
</group-mappings>
<editable>false</editable>
</group-definition>
</group-definitions>
I have looked at a the groups in ldap-browser, which tells me that the
group has the following classes: inetlocalmailrecipient, inetmailgroup,
groupofuniquenames, ipgroup, inetmailgroupmanagement, inetgroup. The
query (objectclass=groupofuniquenames) work in the ldapbrowser I use
(Soft terra ldapbrowser).
Any ideas why I don't get any groups from ldap?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20090819/c1183df3/attachment.htm>
More information about the opencms-dev
mailing list