Unable to get LDAP Auth work

Hi,

I am trying to install CMDBuild 3.0 on Linux.

1. After installing tomcat and creating a demo Postgres DB with cmdbuild.sh I can log in with the admin user.

I created my user with a dummy password then, tried to configure LDAP authentication.

2. I used both auth.conf located in WEB-INF/conf 

3. and the rest calls with cmdbuild.sh, but none of them seem to take effect and I am not able to log in with my LDAP user.

      Once I run the first command:

     ./cmdbuild.sh restws setconfig org.cmdbuild.auth.methods LdapAuthenticator,DBAuthenticator

     All other rest calls fail with the following error:
     [ asmtadm on rams1.natinst.com :] ./cmdbuild.sh restws setconfig org.cmdbuild.auth.methods LdapAuthenticator,DBAuthenticator

Exception in thread "main" java.lang.RuntimeException: java.lang.reflect.InvocationTargetException

        at org.cmdbuild.utils.cli.commands.restcommandutils.CliCommandParser$CliActionImpl.execute(CliCommandParser.java:105)

        at org.cmdbuild.utils.cli.commands.restcommandutils.CliCommandUtils$1.execute(CliCommandUtils.java:35)

        at org.cmdbuild.utils.cli.commands.RestCommandRunner.exec(RestCommandRunner.java:214)

        at org.cmdbuild.utils.cli.commands.AbstractCommandRunner.exec(AbstractCommandRunner.java:62)

        at org.cmdbuild.utils.cli.Main.runMain(Main.java:144)

        at org.cmdbuild.utils.cli.Main.main(Main.java:89)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

        at java.lang.reflect.Method.invoke(Method.java:498)

        at org.cmdbuild.webapp.cli.Main.runCli(Main.java:98)

        at org.cmdbuild.webapp.cli.Main.main(Main.java:76)

Caused by: java.lang.reflect.InvocationTargetException

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

        at java.lang.reflect.Method.invoke(Method.java:498)

        at org.cmdbuild.utils.cli.commands.restcommandutils.CliCommandParser$CliActionImpl.execute(CliCommandParser.java:103)

        ... 11 more

Caused by: org.cmdbuild.client.rest.core.RestClientException: error calling rest ws method loginapi.doLoginWithAnyGroup

        at org.cmdbuild.client.rest.RestClientImpl$ExceptionWrappingInvocationHandler.invoke(RestClientImpl.java:263)

        at com.sun.proxy.$Proxy3.doLoginWithAnyGroup(Unknown Source)

        at org.cmdbuild.client.rest.RestClient.doLoginWithAnyGroup(RestClient.java:63)

        at org.cmdbuild.utils.cli.commands.RestCommandRunner.setConfig(RestCommandRunner.java:821)

        ... 16 more

Caused by: java.lang.IllegalArgumentException: error: response status code = HTTP/1.1 401 , error message = ERROR: access denied

        at com.google.common.base.Preconditions.checkArgument(Preconditions.java:440)

        at org.cmdbuild.client.rest.core.AbstractServiceClientImpl$RequestRunner.checkResponse(AbstractServiceClientImpl.java:335)

        at org.cmdbuild.client.rest.core.AbstractServiceClientImpl$RequestRunner.execute(AbstractServiceClientImpl.java:305)

        at org.cmdbuild.client.rest.core.AbstractServiceClientImpl.post(AbstractServiceClientImpl.java:81)

        at org.cmdbuild.client.rest.impl.LoginApiImpl.doLogin(LoginApiImpl.java:50)

        at org.cmdbuild.client.rest.impl.LoginApiImpl.doLoginWithAnyGroup(LoginApiImpl.java:39)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

        at java.lang.reflect.Method.invoke(Method.java:498)

        at org.cmdbuild.client.rest.RestClientImpl$ExceptionWrappingInvocationHandler.invoke(RestClientImpl.java:258)

        ... 19 more

 

 

Also, documentation is very vague, I can even say poor.

I need instructions on how to implement LDAP authentication.

Thanks!

Since 3.1, what worked for me was to put the auth.conf file in <cmdbuild home>/conf/cmdbuild/
 
Previously, with 3.0, I had to put it in <cmdbuild home>/webapps/cmdbuild/WEB-INF/conf/, but it doesn't seem to work anymore.
 
Be careful as with 3.1, the file seems to be read on startup and then deleted from the folder.
 
Previously Ferenc wrote:

Hi,

I am trying to install CMDBuild 3.0 on Linux.

1. After installing tomcat and creating a demo Postgres DB with cmdbuild.sh I can log in with the admin user.

I created my user with a dummy password then, tried to configure LDAP authentication.

2. I used both auth.conf located in WEB-INF/conf 

3. and the rest calls with cmdbuild.sh, but none of them seem to take effect and I am not able to log in with my LDAP user.

      Once I run the first command:

     ./cmdbuild.sh restws setconfig org.cmdbuild.auth.methods LdapAuthenticator,DBAuthenticator

     All other rest calls fail with the following error:
     [ asmtadm on rams1.natinst.com :] ./cmdbuild.sh restws setconfig org.cmdbuild.auth.methods LdapAuthenticator,DBAuthenticator

Exception in thread "main" java.lang.RuntimeException: java.lang.reflect.InvocationTargetException

        at org.cmdbuild.utils.cli.commands.restcommandutils.CliCommandParser$CliActionImpl.execute(CliCommandParser.java:105)

        at org.cmdbuild.utils.cli.commands.restcommandutils.CliCommandUtils$1.execute(CliCommandUtils.java:35)

        at org.cmdbuild.utils.cli.commands.RestCommandRunner.exec(RestCommandRunner.java:214)

        at org.cmdbuild.utils.cli.commands.AbstractCommandRunner.exec(AbstractCommandRunner.java:62)

        at org.cmdbuild.utils.cli.Main.runMain(Main.java:144)

        at org.cmdbuild.utils.cli.Main.main(Main.java:89)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

        at java.lang.reflect.Method.invoke(Method.java:498)

        at org.cmdbuild.webapp.cli.Main.runCli(Main.java:98)

        at org.cmdbuild.webapp.cli.Main.main(Main.java:76)

Caused by: java.lang.reflect.InvocationTargetException

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

        at java.lang.reflect.Method.invoke(Method.java:498)

        at org.cmdbuild.utils.cli.commands.restcommandutils.CliCommandParser$CliActionImpl.execute(CliCommandParser.java:103)

        ... 11 more

Caused by: org.cmdbuild.client.rest.core.RestClientException: error calling rest ws method loginapi.doLoginWithAnyGroup

        at org.cmdbuild.client.rest.RestClientImpl$ExceptionWrappingInvocationHandler.invoke(RestClientImpl.java:263)

        at com.sun.proxy.$Proxy3.doLoginWithAnyGroup(Unknown Source)

        at org.cmdbuild.client.rest.RestClient.doLoginWithAnyGroup(RestClient.java:63)

        at org.cmdbuild.utils.cli.commands.RestCommandRunner.setConfig(RestCommandRunner.java:821)

        ... 16 more

Caused by: java.lang.IllegalArgumentException: error: response status code = HTTP/1.1 401 , error message = ERROR: access denied

        at com.google.common.base.Preconditions.checkArgument(Preconditions.java:440)

        at org.cmdbuild.client.rest.core.AbstractServiceClientImpl$RequestRunner.checkResponse(AbstractServiceClientImpl.java:335)

        at org.cmdbuild.client.rest.core.AbstractServiceClientImpl$RequestRunner.execute(AbstractServiceClientImpl.java:305)

        at org.cmdbuild.client.rest.core.AbstractServiceClientImpl.post(AbstractServiceClientImpl.java:81)

        at org.cmdbuild.client.rest.impl.LoginApiImpl.doLogin(LoginApiImpl.java:50)

        at org.cmdbuild.client.rest.impl.LoginApiImpl.doLoginWithAnyGroup(LoginApiImpl.java:39)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

        at java.lang.reflect.Method.invoke(Method.java:498)

        at org.cmdbuild.client.rest.RestClientImpl$ExceptionWrappingInvocationHandler.invoke(RestClientImpl.java:258)

        ... 19 more

 

 

Also, documentation is very vague, I can even say poor.

I need instructions on how to implement LDAP authentication.

Thanks!

 

Hi, in my installation, authenticating using Ldap for openMAINT ver2 doesnot work and once i run the command:

./cmdbuild.sh restws setconfig org.cmdbuild.auth.methods LdapAuthenticator,DBAuthenticator

i get: invalid auth dir (see details below)

Which dir is meant? I have moved auth.conf in different directories in order to make Ldap authentication work but not succeeded. Any ideas where should i move it to? (in my case i use openmaint ver2, not cmdbuild, and is installed in /var/lib/tomcat9/webapps/openmaint/ )

Error details:

ERROR o.c.u.cli.commands.RestCommandRunner - error building file password
java.lang.IllegalArgumentException: invalid auth dir = /var/lib/tomcat9/webapps/openmaint/…/…/temp

   at com.google.common.base.Preconditions.checkArgument(Preconditions.java:216)*

   at org.cmdbuild.auth.login.file.FileAuthUtils.buildAuthFile(FileAuthUtils.java:27)*

   at org.cmdbuild.utils.cli.commands.RestCommandRunner.tryToBuildFilePassword(RestCommandRunner.java:297)*

   at org.cmdbuild.utils.cli.commands.RestCommandRunner.exec(RestCommandRunner.java:246)*

   at org.cmdbuild.utils.cli.commands.AbstractCommandRunner.exec(AbstractCommandRunner.java:78)*

   at org.cmdbuild.utils.cli.Main.runMain(Main.java:127)*

   at org.cmdbuild.utils.cli.Main.main(Main.java:56)*

   at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)*

   at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)*

   at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)*

   at java.base/java.lang.reflect.Method.invoke(Method.java:566)*

   at org.cmdbuild.webapp.cli.Main.runCli(Main.java:125)*

   at org.cmdbuild.webapp.cli.Main.startFromWebappDir(Main.java:43)*

   at org.cmdbuild.webapp.cli.Main.main(Main.java:35)*

Exception in thread “main” java.lang.NullPointerException: missing ‘password’ param for user = system

   at com.google.common.base.Preconditions.checkNotNull(Preconditions.java:919)*

   at org.cmdbuild.utils.lang.CmPreconditions.checkNotBlank(CmPreconditions.java:78)*

   at org.cmdbuild.utils.cli.commands.RestCommandRunner.exec(RestCommandRunner.java:268)*

   at org.cmdbuild.utils.cli.commands.AbstractCommandRunner.exec(AbstractCommandRunner.java:78)*

   at org.cmdbuild.utils.cli.Main.runMain(Main.java:127)*

   at org.cmdbuild.utils.cli.Main.main(Main.java:56)*

   at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)*

   at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)*

   at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)*

   at java.base/java.lang.reflect.Method.invoke(Method.java:566)*

   at org.cmdbuild.webapp.cli.Main.runCli(Main.java:125)*

   at org.cmdbuild.webapp.cli.Main.startFromWebappDir(Main.java:43)*

   at org.cmdbuild.webapp.cli.Main.main(Main.java:35)*

Thank you