chuttner Posted May 19, 2011 Share Posted May 19, 2011 I have the JasperSoft Cookbook "Authentication Cookbook 4.0" and I still can't figure this out.First think that confuses me is from the book...2.2.1 Files to ModifyAll configuration changes for external LDAP authentication are made in the following files:<js-webapp>/WEB-INF/applicationContext-security.xml<js-webapp>/WEB-INF/applicationContext-security-web.xml (This file is never mentioned in the LDAP section again)<js-webapp>/WEB-INF/applicationContext-multiTenancy-security.xml in commercial editions, which have the organization architectureNext thing is the logging... I am not even sure I have it turned on right cause I only get like 3 lines that are LDAP related and they haven't been help full.LOG2011-05-19 08:32:02,317 DEBUG AbstractContextSource,main:328 - AuthenticationSource not set - using default implementation2011-05-19 08:32:02,320 DEBUG AbstractContextSource,main:350 - Not using LDAP pooling2011-05-19 08:32:02,327 DEBUG AbstractContextSource,main:371 - Trying provider Urls: ldap://domaincontroller.domain.com/dc=domain,dc=comPlease let me know if you see anything or have so advice or need to see another file. Code: Post Edited by chuttner at 05/19/2011 18:53 Link to comment Share on other sites More sharing options...
chuttner Posted May 26, 2011 Author Share Posted May 26, 2011 bump...Anything? I have configured other systems to use LDAP on our Active Directory (IBM Rational Suit, LSoft LISTSERV, SVN to name a few). Is there some other file I can post that will make it easier to find what I am doing wrong? I am running JasperReport Server CP 4.0.0, is there a newer version? Would that even help? Link to comment Share on other sites More sharing options...
chuttner Posted June 9, 2011 Author Share Posted June 9, 2011 Bump Link to comment Share on other sites More sharing options...
chuttner Posted July 6, 2011 Author Share Posted July 6, 2011 I have included my LOG file and applicationContext-securuty config file. I have read what documentation I can, and this forum for help to no avail. Thank you for looking at this. Link to comment Share on other sites More sharing options...
caseys Posted October 4, 2011 Share Posted October 4, 2011 Did you ever find a fix for this? I'm having a similar issue. Link to comment Share on other sites More sharing options...
sergenz Posted October 5, 2011 Share Posted October 5, 2011 I'm trying to setup Jasper Server to authenticate against AD as well. I am following the guide found at: http://jasperforge.org/plugins/mwiki/index.php/Jasperserver/AuthenticationConfigurationWill let you know how it goes. Link to comment Share on other sites More sharing options...
sergenz Posted October 5, 2011 Share Posted October 5, 2011 Ok, managed to get it working, although the instructions I started off with were a bit crap. I ended up following this article: http://protocol7.com/archives/2006/07/16/acegi-security-system-and-active-directory-howto/which made sense for me. The one thing to note is that in the article the "initialDirContextFactory" which is referred to is actually the bean with the id "ldapContextSource" in the configuration. Also, the properties "userDn" and "password" correspond to "managerDn" and "managerPassword" in the article. If you get stuck, doing a google search for "making acegi plugin work with ActiveDirectory" seems to return quite a few results. Good luck Link to comment Share on other sites More sharing options...
caseys Posted October 5, 2011 Share Posted October 5, 2011 Could you attach your applicationContext-security.xml file. I'm still having some issues and would like to run a compare on my file vs. your file. Thanks! Link to comment Share on other sites More sharing options...
sergenz Posted October 5, 2011 Share Posted October 5, 2011 Ok, I've attached the full file. The relevant bits are:At the top of the file, enabling the LDAP authentication provider:<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager"> <property name="providers"> <list> <ref local="ldapAuthenticationProvider"/> <ref bean="${bean.daoAuthenticationProvider}"/> <ref bean="anonymousAuthenticationProvider"/> <!--ref local="jaasAuthenticationProvider"/--> </list> </property></bean> And then the LDAP configuration sections: For LDAP authentication --> <bean id="ldapContextSource" class="org.springframework.security.ldap.DefaultSpringSecurityContextSource"> <constructor-arg value="ldap://dc1.company.internal:389"/> <!-- You may not need the next properties --> <property name="userDn"><value>CN=Jasper Ldap,OU=Resource,OU=Employees,DC=company,DC=internal</value></property> <property name="password"><value>password</value></property> </bean> <!-- For LDAP authentication This bean is not used by default --> <bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch"> <constructor-arg index="0"> <value>OU=Employees,DC=company,DC=internal</value> </constructor-arg> <constructor-arg index="1"> <value>(sAMAccountName={0})</value> </constructor-arg> <constructor-arg index="2"> <ref local="ldapContextSource" /> </constructor-arg> <property name="searchSubtree"> <value>true</value> </property> </bean> <!-- For LDAP authentication --> <bean id="ldapAuthenticationProvider" class="org.springframework.security.providers.ldap.LdapAuthenticationProvider"> <constructor-arg> <bean class="org.springframework.security.providers.ldap.authenticator.BindAuthenticator"> <constructor-arg><ref local="ldapContextSource"/></constructor-arg> <!-- -property name="userDnPatterns"><list><value>uid={0}</value></list></property- --> <property name="userSearch" ref="userSearch"/> </bean> </constructor-arg> <constructor-arg> <bean class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator"> <constructor-arg index="0"><ref local="ldapContextSource"/></constructor-arg> <constructor-arg index="1"><value>OU=Groups,OU=Employees,DC=company,DC=internal</value></constructor-arg> <property name="groupRoleAttribute"><value>cn</value></property> <!--<property name="groupSearchFilter"><value>(&(uniqueMember={0})(objectclass=groupofuniquenames))</value></property>--> <property name="searchSubtree"><value>true</value></property> </bean> </constructor-arg> </bean> Note that I created the "Jasper Ldap" user to be able to access AD in the first place (it doesn't allow anonymous access) and that in our setup we have an OU called "Employees" off of the domain. Your setup might be slightly different, in that you might have an OU called "People" and then "Employees" off of that (or you might call the OU "Workers" etc...), please adjust according to your setup. Link to comment Share on other sites More sharing options...
caseys Posted October 5, 2011 Share Posted October 5, 2011 Got it working! Thanks for all the help! Link to comment Share on other sites More sharing options...
sergenz Posted October 5, 2011 Share Posted October 5, 2011 That's great! :) You're welcome Link to comment Share on other sites More sharing options...
cameronp Posted October 6, 2011 Share Posted October 6, 2011 Did it create the groups and organization as well? I've got it to read the groups from AD 2008 R2, but only on the pro install, and then well, the db does a rollback and fails anways..lol so im going to try and install to oracle first, then try it and see how ti goes when i try the same config with the community version, it only logs me in, wont create the groups and the likes tho.. Its meant to auto sync org, groups, and user from my understanding. Link to comment Share on other sites More sharing options...
sergenz Posted October 6, 2011 Share Posted October 6, 2011 What I found was that it didn't automatically pull all groups from AD, but rather when an AD authenticated user logs in, it creates a whole bunch of new Roles, based on all of the groups that the newly authenticated user is a member of.If the roles already exist (for example when another user, which is a member of the same groups logs in) I guess it sees that those roles already exist and merely associates it with the new user. Link to comment Share on other sites More sharing options...
gdrumond Posted March 27, 2012 Share Posted March 27, 2012 Do you changed another file? Or only applicationContext-securuty.Thanks. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now