portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marky Goldstein <re...@rosa.com>
Subject Re: Jetspeed LDAP error
Date Thu, 09 Mar 2006 13:23:06 GMT
Hi Eivinn,

Actually I am not the programmer behind LDAP in
Jetspeed, but I am currently reading a book for Java
LDAP programming, therefore my knowledge is completely
theoretical...

What I read from the message:
"Unable to create the role"

"object class 'jetspeed-2-group' requires attribute 'uniqueMember'"

In the Object Class definition it says that there must be an Attribute
"uniqueMember", and I guess also the value of this field must be given
when creating the "jetspeed-2-group" object class.

To also the uid=admin_group looks a bit strange...
is admin_group a group or a user?

Also look into this class which throws the exception..
org.apache.jetspeed.security.impl.GroupManagerImpl

Best regards,
Marky



Eivinn Hustveit schrieb:
> Hi Marky,
>
> Thanks for answering!
>
> We have only used the jetspeed.schema from HEAD so it should not have 
> any problems to my knowledge. Could it be due to a not fully 
> implemented LdapGroupSecurityHandler in the 2.0 installer?
>
> Here is a small bit of jetspeed.log:
> -------
> 2006-03-09 10:30:21,934 [http-11080-Processor25] ERROR 
> org.apache.jetspeed.security.impl.GroupManagerImpl - Unable to create 
> the role.
> org.apache.jetspeed.security.SecurityException: 
> javax.naming.directory.SchemaViolationException: [LDAP: error code 65 
> - object class 'jetspeed-2-group' requires attribute 'uniqueMember']; 
> remaining name 'uid=admin_group,ou=groups'
>         at 
> org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDaoImpl.create(LdapPrincipalDaoImpl.java:113)

>
>         at 
> org.apache.jetspeed.security.spi.impl.LdapGroupSecurityHandler.setGroupPrincipal(LdapGroupSecurityHandler.java:133)

>
>         at 
> org.apache.jetspeed.security.impl.GroupManagerImpl.addGroup(GroupManagerImpl.java:115)

>
> -------
>
> As for included schemas, this is the list from slapd.conf:
> include         /etc/openldap/schema/core.schema
> include         /etc/openldap/schema/cosine.schema
> include         /etc/openldap/schema/inetorgperson.schema
> include         /etc/openldap/schema/nis.schema
> include         /etc/openldap/schema/java.schema
> include         /etc/openldap/schema/jetspeed.schema
>
>
> Any pointers would be very much apreciated.
>
>
> Sincerely
>
> Eivinn Hustveit
> System Manager       
> http://www.mobiletech.no
>
>
> On 09/03/2006, at 6:10 AM, Marky Goldstein wrote:
>
>> Hi Eivinn,
>>
>> As the exception says there is a Schema Violation... did somebody,
>> something change the Schema? Read about LDAP Schema and you might
>> be able to understand..
>>
>> Best regards,
>> Marky Goldstein
>>
>> Eivinn Hustveit schrieb:
>>>     From:       eivinn@fortiden.com
>>>     Subject:     Jetspeed2 LDAP
>>>     Date:     8 March 2006 4:41:50 PM
>>>     To:       jetspeed-dev@portals.apache.org
>>>
>>> Hi,
>>>
>>> We are currently trying to merge our Jetspeed2-M3 server over to 
>>> Jetspeed2.0-Final and OpenLDAP. Currently we have gotten Jetspeed to 
>>> use user authentication through LDAP.
>>>
>>> Our steps to get so far was installing Jetspeed2 with the installer. 
>>> Fixing up jetspeed.war from that server to include LDAP specific 
>>> assembly files and deploying on our linux server.
>>>
>>> The latest advancement is adding LdapGroupSecurityHandler to 
>>> security-spi-atz.xml but this is somewhat unsuccessful. When using 
>>> Group Manager to add a new group I get the exception:
>>> -----
>>> javax.naming.directory.SchemaViolationException: [LDAP: error code 
>>> 65 - object class 'jetspeed-2-group' requires attribute 
>>> 'uniqueMember']; remaining name 'uid=ldap_eivinn,ou=groups'
>>> -----
>>>
>>> I have also been reading up on the LDAP threads from 3rd of February 
>>> which seem to conclude that by using the Jetspeed source we could 
>>> get full LDAP support. Is this correct? Will the 
>>> LdapSecurityMappingHandler etc be used with LDAP for groups, roles, 
>>> and encrypted user authentication if I build Jetspeed from source? 
>>> Are there any steps to produce the same result with a patch?
>>>
>>>
>>>
>>> Sincerely
>>>
>>> Eivinn Hustveit
>>> System Manager       http://www.mobiletech.no
>>>
>>>
>>
>>
>> --R.Ø.S.A.
>> Identity: Marky Goldstein
>> E-Mail: ready@rosa.com
>> Task: Managing Director, Product & Strategy
>>
>> R.Ø.S.A. Creation. Technology. Intelligence. AG
>> Seefeldstrasse 231, 8008 Zurich, Switzerland
>> Phone: +41 1 389 63 33
>> Fax: +41 1 389 63 30
>> URL: http://www.rosa.com/
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
>> For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
> For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
>


-- 
R.Ø.S.A.
Identity: Marky Goldstein
E-Mail: ready@rosa.com
Task: Managing Director, Product & Strategy

R.Ø.S.A. Creation. Technology. Intelligence. AG
Seefeldstrasse 231, 8008 Zurich, Switzerland
Phone: +41 1 389 63 33
Fax: +41 1 389 63 30
URL: http://www.rosa.com/ 



---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message