Ldap authentication

afpaps · July 8, 2020, 4:31pm

I tried to configure cmdbuild for ldap authentication.
my config is:
centos 8.2.2004
tomcat 9.0.33
java openjdk version “11.0.7” 2020-04-14 LTS
cmdbuild 3.2-b

i run thos command found in user manual:
cmdbuild.sh restws setconfig auth.methods LdapAuthenticator,DBAuthenticator
cmdbuild.sh restws setconfig auth.ldap.server.address 192.168.1.1
cmdbuild.sh restws setconfig auth.ldap.server.port 389
cmdbuild.sh restws setconfig auth.ldap.use.ssl false
cmdbuild.sh restws setconfig auth.ldap.basedn dc=mydomain,dc=com
cmdbuild.sh restws setconfig auth.ldap.bind.attribute userPrincipalName
cmdbuild.sh restws setconfig auth.ldap.search.auth.method simple
cmdbuild.sh restws setconfig auth.ldap.search.auth.password MyPassWord123
cmdbuild.sh restws setconfig auth.ldap.search.auth.principal uid=cmdbuilduser,ou=mycompany,dc=mydomain,dc=com

i created a usr in cmdbuild with login equal to expected userprincipalname
i restarted tomcat
but no authentication succeded.
i tried filtering connection with tcpdump on cmdbuild server but port 389 was newer contarted .
i don’t have X11 installed on server so i cant run cmdbuild.sh restws editconfig.
i also tried to configure auth.conf file under /opt/tomcat/9.0.33/conf/cmdbuild with same parameters exept for sintax “directive = example” this file was been rewrited after tomcat restart.

Have you got any suggestions?

afpaps · July 9, 2020, 10:43pm

i have encreased log level to debug!
i can’t see any entry related to ldap authentication in log file.
Obviously i seted up authentication method to LdapAuthenticator,DBAuthenticator!
even is i set auhentication method to LdapAuthenticator (ONLY)
All users authentications are against DB!
i tried “cmdbuild.sh restws reloadconfig” and “systemctl restart tomcat”. Nothing changed!
As i wrote in the first post tcpdump dosen’t cach any traffic to ldap server.
firewall is stopped!
Any suggestions?

sagard_mowt · February 8, 2021, 5:06pm

Where do you go to configure LDAP? I can’t seem to be able to find it.

petrb · July 8, 2021, 12:36pm

Hi afpaps, I am facing exactly the same issue on CMDBuild 3.3.2… How did you resolve the issue?

Thank you in advance,

Petr

fheinrich2 · September 15, 2021, 5:45pm

Hi,
only for other people with the same problem:
./cmdbuild.sh restws setconfig org.cmdbuild.auth.ldap.enabled true

This seems to be new in 3.3.x.

Franz

sagard_mowt · October 5, 2021, 4:49pm

I’ve yet to get LDAP working. Does anyone have a detail guide?