how to run buildomatic to regenerate files?

[neil.walker]

Hello,

I'm having some difficulty getting LDAP working - from editing the applicationContext-externalAuth-LDAP.xml file (bad credentials, when I know it's all fine).

So, I thought I'd modify the default_master.properties file with the values it requires as it might just be me putting in the wrong values in the xml, and doing it here might do it properly.

However, I've no idea how to get it to rebuild itself, presumably via buildomatic.

How do I do this as it wasn't obvious from the documentation I read, I presumed it would be a case of telling it to upgrade itself...?

Thanks

[elizam]

You can;t enable LDAP from buildomatic, so I don't think this is a good idea.  The typical problem in LDAP is figuring out the right syntax to ensure it's running through your tree correctly & changing buildomatic won't fix that.

The general upgrade path is to install the new version, then export your repository from the old version into the new version.  

[hozawa]

Which settings in default_master.properties did you change for the LDAP? There shouldn't be any because buildomatic is just a script to install JasperReports Server and not about setting security. To set LDAP, follow through the instructions in the authentication cookbook. JasperReports Server is using Spring Security.

http://community.jaspersoft.com/documentation/tibco-jasperreports-server-authentication-cookbook/v640/ldap-authentication

[neil.walker]

Hello,

I said this because the authentication cookbook manual says you can do it by entering the following in the default_master.properties:

external.ldapUrl=ldap://hostname:389/dc=example,dc=com

external.ldapDn=cn=Administrator,dc=example,dc=com
external.ldapPassword=password

So I presumed if I did this, on rebuilding it might magically put the right values in :)

Anyway, if you assume my credentials are correct (which they are), I get the following in my logs, which shows something is working just not fully working....

• Authentication attempt using com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSLdapAuthenticationProvider
• Processing authentication request for user: pharmacy
• Searching for user 'pharmacy', with user search [ searchFilter: '(sAMAccountName={0})', searchBase: 'OU=Users', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]
• Got Ldap context on server 'ldap://10.17.188.4:389/dc=harris,dc=local'
• Searching for entry under DN 'dc=harris,dc=local', base = 'ou=Users', filter = '(sAMAccountName={0})'
• Found DN: cn=pharmacy,ou=Users
• Attempting to bind as cn=pharmacy,ou=Users,dc=harris,dc=local
• Removing pooling flag for user cn=pharmacy,ou=Users,dc=harris,dc=local
• Failed to bind as cn=pharmacy,ou=Users: org.springframework.ldap.AuthenticationException: [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 532, v1772 Bad credentials

I can connect using JXplorer to my ldap server (it's a lightweight version of Microsoft AD) just fine and my credentials for the user are also tested fine, it's just not working. Here are my settings, if anyone can see anything obvious. Thanks.

In JXplorer the user credentials are: distinguished name: CN=pharmacy,OU=Users,DC=harris,DC=local

 

<bean id="ldapAuthenticationProvider" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSLdapAuthenticationProvider">

    <constructor-arg>

        <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSBindAuthenticator">

            <constructor-arg>

                <ref local="ldapContextSource"/>

            </constructor-arg>

            <property name="userSearch">

                <ref local="userSearch" />

            </property>

        </bean>

    </constructor-arg>

</bean>

 

 

<bean id="ldapContextSource" class="com.jaspersoft.jasperserver.api.security.externalAuth.ldap.JSLdapContextSource">

    <constructor-arg value="ldap://10.17.188.4:389/DC=harris,DC=local"/>

    <property name="userDn" value="CN=ldadmin,OU=Users,DC=harris,DC=local"/>

    <property name="password" value="xxxxx"/>

    <property name="referral" value="follow" />

</bean>

 

 

<bean id="userSearch"

      class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSFilterBasedLdapUserSearch">

    <constructor-arg index="0">

        <value>OU=Users</value>

    </constructor-arg>

    <constructor-arg index="1">

        <value>(sAMAccountName={0})</value>

    </constructor-arg>

    <constructor-arg index="2">

        <ref local="ldapContextSource" />

    </constructor-arg>

    <property name="searchSubtree">

        <value>true</value>

    </property>

 

</bean>

 

Thanks.

Sorry, I cannot seem to format the XML very well with this forum's editor...

[neil.walker]

Sorry, it's working :)

I went into work and it just worked. I'm guessing it's a VPN issue, though strange that JXplorer works. So leaving this post active in case it might help anyone else with getting Jasper working with AD, i.e. the above xml works.

But the cookbook definitely says the preferred approach is to update the master file...