Connect LDAP to Alfresco Community

cancel
Showing results for 
Search instead for 
Did you mean: 
putixo
Member II

Connect LDAP to Alfresco Community

Hello,

I tried connected LDAP to my Alfresco Community
First i created folder in \tomcat\webapps\alfresco\WEB-INF\classes\alfresco\subsystems\Authentication\ldap and added file ldap-authentication.properties
Next i created folder in \tomcat\shared\classes\alfresco\extension\subsystems\Authentication\ldap\ldap1 and added file ldap-authentication.properties
And finally i added properties to \tomcat\shared\classes\alfresco-global.properties:

authentication.chain=alfinst:alfrescoNtlm,ldap1:ldap

ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=%s@***.local
ldap.authentication.java.naming.provider.url=ldap://localhost:389
ldap.authentication.defaultAdministratorUserNames=Administrator,alfresco
ldap.synchronization.java.naming.security.principal=admin@***.local
ldap.synchronization.java.naming.security.credentials=secret
ldap.synchronization.groupSearchBase=ou=***,dc=***,dc=local
ldap.synchronization.userSearchBase=ou=***,dc=***,dc=local

I try running my Alfresco I'm getting an error:
Cannot find Alfresco Repository on this server. (Does this application have access to alfresco-global.properties? Does this application have cross-context permissions?)

Logs:
- alfrescotomcat-stdout:

ERROR [solr.tracker.AbstractTracker] [org.alfresco.solr.AlfrescoCoreAdminHandler@296787a_Worker-2] Tracking failed
	org.alfresco.error.AlfrescoRuntimeException: 10180543 GetModelsDiff return status is 404
	at org.alfresco.solr.client.SOLRAPIClient.getModelsDiff(SOLRAPIClient.java:1181)
	at org.alfresco.solr.tracker.ModelTracker.trackModelsImpl(ModelTracker.java:256)
	at org.alfresco.solr.tracker.ModelTracker.trackModels(ModelTracker.java:214)
	at org.alfresco.solr.tracker.ModelTracker.doTrack(ModelTracker.java:174)
	at org.alfresco.solr.tracker.AbstractTracker.track(AbstractTracker.java:190)
	at org.alfresco.solr.tracker.TrackerJob.execute(TrackerJob.java:54)
	at org.quartz.core.JobRunShell.run(JobRunShell.java:216)
	at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:563)
WARN  [org.alfresco.wcm.client.util.impl.GuestSessionFactoryImpl] WQS unable to connect to repository: Not Found

Did anyone have a similar problem?

5 Replies
angelborroy
Alfresco Employee

Re: Connect LDAP to Alfresco Community

Scroll up your log, a previous error is happening.

Hyland Developer Evangelist
putixo
Member II

Re: Connect LDAP to Alfresco Community

First error i encountered
 
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'authorityBridgeTableCache' defined in class path resource [alfresco/cache-context.xml]: Cannot resolve reference to bean 'tenantAdminService' 
while setting bean property 'tenantAdminService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'tenantAdminService' defined in URL 
[jar:file:/C:/alfresco-community/tomcat/webapps/alfresco/WEB-INF/lib/alfresco-repository-5.2.g.jar!/alfresco/mt/mt-admin-context.xml]: Cannot resolve reference to bean 'dbNodeServiceImpl' while setting bean property 'nodeService';
 nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'dbNodeService' defined in class path resource [alfresco/node-services-context.xml]: Cannot resolve reference to bean 
 'permissionServiceImpl' while setting bean property 'permissionService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'permissionServiceImpl' defined in class path 
 resource [alfresco/public-services-security-context.xml]: Cannot resolve reference to bean 'mtAwareNodeService' while setting bean property 'nodeService'; nested exception is 
 org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'mtAwareNodeService': FactoryBean threw exception on object creation; nested exception is 
 org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'nodeServiceWithMemLocks': FactoryBean threw exception on object creation; nested exception is 
 org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'lockableAspectInterceptor' defined in class path resource [alfresco/core-services-context.xml]: Cannot resolve reference to bean 
 'lockService' while setting bean property 'lockService'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'lockService' defined in class path resource 
 [alfresco/core-services-context.xml]: Cannot resolve reference to bean 'authenticationService' while setting bean property 'authenticationService'; nested exception is org.springframework.beans.factory.BeanCreationException: 
 Error creating bean with name 'authenticationService' defined in class path resource [alfresco/authentication-services-context.xml]: Cannot resolve reference to bean 'Authentication' while setting bean property 
 'applicationContextManager'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'Authentication' defined in class path resource 
 [alfresco/authentication-services-context.xml]: Invocation of init method failed; nested exception is java.lang.IllegalStateException: Invalid type default specified for Authentication subsystem. No context file found
 
jpotts
Professional

Re: Connect LDAP to Alfresco Community

Not sure why you did the first step, which was to add something to the exploded Alfresco web app. You should never have to do that.

narkuss
Established Member II

Re: Connect LDAP to Alfresco Community

Try performing only third step, and revert the first two steps. It seems in the first step you are overwriting default Authentication subsystem configuration from Alfresco.

Hope it helps.

Vic
Active Member II

Re: Connect LDAP to Alfresco Community

If you use only one instance of LDAP to authenticate users you only have to set properties through alfresco-global.properties. No additional ldap-authentication.properties shoud be provided!

If, nevertheless, you want to provide LDAP properties in a separate file then it should be placed at the following path pattern:

%TOMCAT_HOME%\shared\classes\extension\alfresco\subsystems\Authentication\ldap\<ldapN>\ldap-authentication.properties

where <ldapN> - is a unique ID of your auth subsystem. In our case ldap1.

Anyway, properties should be specified in a single place either alfresco-global.properties (preferred way) or in separate property file as mentioned above.

Take some time and thoroughly read through the documentation regarding LDAP configuration:

https://docs.alfresco.com/6.1/concepts/auth-ldap-intro.html

It has all the necessary details to configure LDAP auth properly.