[daisy] Authentication to Active Directory Server

Gwendolyn van der Linden G.W.vanderLinden at rijnhuizen.nl
Thu Jul 27 06:56:45 CDT 2006 

Hi,

We've decided on using Daisy for our internal and external website, so
we're busy getting everything working as desired.  First of all, kudos
to the Daisy developers!

I'm trying to get authentication to our Active Directory Server going,
using a fresh install of 1.5-M2.  First I've tested authentication using
a Java program that uses javax.naming.directory.InitialDirContext
(following the example Bruno posted some time ago), using the following
configuration:

INITIAL_CONTEXT_FACTORY = com.sun.jndi.ldap.LdapCtxFactory
PROVIDER_URL = ldap://ws1:3268
SECURITY_AUTHENTICATION = simple
SECURITY_PRINCIPAL = <username>@rijnh.nl
SECURITY_CREDENTIALS = <password>

This works OK, as long as I don't enable SSL.

I've configured daisydata/conf/myconfig.xml as follows:

  <target path="/daisy/repository/authentication/authenticator">
    <configuration>
      <!-- Indicates which authentication scheme to use, if any, to
automatically create new users. -->
 
<authenticationSchemeForUserCreation>ldap-ws1</authenticationSchemeForUs
erCreation>
    </configuration>
  </target>

and:

      <scheme name="ldap-ws1" description="Windows Active Directory
Server">
        <environment>
          <property name="java.naming.factory.initial"
value="com.sun.jndi.ldap.LdapCtxFactory"/>
          <property name="java.naming.provider.url"
value="ldap://ws1.rijnh.nl:3268"/>
          <property name="java.naming.security.authentication"
value="simple"/>
          <!-- <property name="java.naming.security.protocol"
value="ssl"/> -->
          <property name="java.naming.security.principal"
value="${daisyLogin}@rijnh.nl"/>
        </environment>
        <cache enabled="true" maxCacheSize="3000"
maxCacheDuration="1800000"/>
        <autoCreateUser>
          <roles>
            <role>User</role>
          </roles>
          <defaultRole>User</defaultRole>
          <updateableByUser>true</updateableByUser>
        </autoCreateUser>
      </scheme>

Note that SSL is not configured.  Now if I try to login using my Windows
account (with no daisy user with that name), I get:

[ERROR  ] <2006-07-27 11:34:49,409>
(daisy.repository.httpconnector.request-errors): Error authenticating
user.
org.outerj.daisy.repository.user.UserNotFoundException: The user with
login "vdlinden" does not exist

I had hoped of course that the user would be created automatically, and
logged in succesfully.  What am I missing here?

Thanks,
Gwendolyn.

--
Gwendolyn van der Linden
FOM Institute for Plasma Physics Rijnhuizen
Nieuwegein, The Netherlands

More information about the daisy mailing list