neil.walker Posted July 12, 2017 Share Posted July 12, 2017 Hello,I'm having some difficulty getting LDAP working - from editing the applicationContext-externalAuth-LDAP.xml file (bad credentials, when I know it's all fine).So, I thought I'd modify the default_master.properties file with the values it requires as it might just be me putting in the wrong values in the xml, and doing it here might do it properly.However, I've no idea how to get it to rebuild itself, presumably via buildomatic.How do I do this as it wasn't obvious from the documentation I read, I presumed it would be a case of telling it to upgrade itself...?Thanks Link to comment Share on other sites More sharing options...
elizam Posted July 12, 2017 Share Posted July 12, 2017 You can;t enable LDAP from buildomatic, so I don't think this is a good idea. The typical problem in LDAP is figuring out the right syntax to ensure it's running through your tree correctly & changing buildomatic won't fix that.The general upgrade path is to install the new version, then export your repository from the old version into the new version. Link to comment Share on other sites More sharing options...
hozawa Posted July 12, 2017 Share Posted July 12, 2017 Which settings in default_master.properties did you change for the LDAP? There shouldn't be any because buildomatic is just a script to install JasperReports Server and not about setting security. To set LDAP, follow through the instructions in the authentication cookbook. JasperReports Server is using Spring Security.http://community.jaspersoft.com/documentation/tibco-jasperreports-server-authentication-cookbook/v640/ldap-authentication Link to comment Share on other sites More sharing options...
neil.walker Posted July 13, 2017 Author Share Posted July 13, 2017 Hello,I said this because the authentication cookbook manual says you can do it by entering the following in the default_master.properties:external.ldapUrl=ldap://hostname:389/dc=example,dc=comexternal.ldapDn=cn=Administrator,dc=example,dc=comexternal.ldapPassword=passwordSo I presumed if I did this, on rebuilding it might magically put the right values in :)Anyway, if you assume my credentials are correct (which they are), I get the following in my logs, which shows something is working just not fully working....Authentication attempt using com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSLdapAuthenticationProviderProcessing authentication request for user: pharmacySearching for user 'pharmacy', with user search [ searchFilter: '(sAMAccountName={0})', searchBase: 'OU=Users', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]Got Ldap context on server 'ldap://10.17.188.4:389/dc=harris,dc=local'Searching for entry under DN 'dc=harris,dc=local', base = 'ou=Users', filter = '(sAMAccountName={0})'Found DN: cn=pharmacy,ou=UsersAttempting to bind as cn=pharmacy,ou=Users,dc=harris,dc=localRemoving pooling flag for user cn=pharmacy,ou=Users,dc=harris,dc=localFailed to bind as cn=pharmacy,ou=Users: org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 532, v1772 Bad credentialsI can connect using JXplorer to my ldap server (it's a lightweight version of Microsoft AD) just fine and my credentials for the user are also tested fine, it's just not working. Here are my settings, if anyone can see anything obvious. Thanks.In JXplorer the user credentials are: distinguished name: CN=pharmacy,OU=Users,DC=harris,DC=local <bean id="ldapAuthenticationProvider" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSLdapAuthenticationProvider"> <constructor-arg> <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSBindAuthenticator"> <constructor-arg> <ref local="ldapContextSource"/> </constructor-arg> <property name="userSearch"> <ref local="userSearch" /> </property> </bean> </constructor-arg></bean> <bean id="ldapContextSource" class="com.jaspersoft.jasperserver.api.security.externalAuth.ldap.JSLdapContextSource"> <constructor-arg value="ldap://10.17.188.4:389/DC=harris,DC=local"/> <property name="userDn" value="CN=ldadmin,OU=Users,DC=harris,DC=local"/> <property name="password" value="xxxxx"/> <property name="referral" value="follow" /></bean> <bean id="userSearch" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSFilterBasedLdapUserSearch"> <constructor-arg index="0"> <value>OU=Users</value> </constructor-arg> <constructor-arg index="1"> <value>(sAMAccountName={0})</value> </constructor-arg> <constructor-arg index="2"> <ref local="ldapContextSource" /> </constructor-arg> <property name="searchSubtree"> <value>true</value> </property> </bean> Thanks.Sorry, I cannot seem to format the XML very well with this forum's editor... Link to comment Share on other sites More sharing options...
neil.walker Posted July 13, 2017 Author Share Posted July 13, 2017 Sorry, it's working :)I went into work and it just worked. I'm guessing it's a VPN issue, though strange that JXplorer works. So leaving this post active in case it might help anyone else with getting Jasper working with AD, i.e. the above xml works.But the cookbook definitely says the preferred approach is to update the master file... Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now