[MGNLLDAP-28] 401 error at activating a page when using only Ldap authentication Created: 26/Feb/08 Updated: 27/Nov/13 Resolved: 03/Jun/08 |
|
| Status: | Closed |
| Project: | LDAP Connector |
| Component/s: | None |
| Affects Version/s: | 1.2.1 |
| Fix Version/s: | 1.2.2-m1 |
| Type: | Bug | Priority: | Blocker |
| Reporter: | Yuanhua Qu | Assignee: | Jan Haderka |
| Resolution: | Fixed | Votes: | 1 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Environment: |
linux |
||
| Template: |
|
| Acceptance criteria: |
Empty
|
| Task DoD: |
[ ]*
Doc/release notes changes? Comment present?
[ ]*
Downstream builds green?
[ ]*
Solution information and context easily available?
[ ]*
Tests
[ ]*
FixVersion filled and not yet released
[ ] 
Architecture Decision Record (ADR)
|
| Bug DoR: |
[ ]*
Steps to reproduce, expected, and actual results filled
[ ]*
Affected version filled
|
| Date of First Response: |
| Description |
|
We have users existed in magnolia and also our ldap, we use ldap for authentication, but we still use magnolia role and group to grant permissions. When using ldap authentication only, we can login to both author instance and public instance. But when we tried to active a page , it throws 401 error. Here is the trace http://rafb.net/p/oO9gZY82.html |
| Comments |
| Comment by Philipp Bracher [ 27/Feb/08 ] |
|
You are sure that:
|
| Comment by Yuanhua Qu [ 27/Feb/08 ] |
|
Yes. 1. The superuser's password matches. Use same ldap account for authentication. By the way, if I set this magnolia user's password not to be null and allow using magnolia credentials to login. This user will be able to do activation without a problem. |
| Comment by Yuanhua Qu [ 04/Mar/08 ] |
|
With Vivian's help, find the way to fix this 401 problem. Didn't realize that the order of userManagers in the admin console under configuration would make such difference. Unfortunately, the system didn't pick up its userManager as externalUserManager once we configured to use ldap login and add external node in the userManager. Under current version, system pick userManager in the order of the list under Configuration/server/security/userManagers/. Therefore put external node under userManagers before admin node will let the system pick up the right userManager (external) to use ldap credentials when doing activation. Would it be nice if this could be emphasized in the INSTALL.TXT for ldap authentication or hardcoded to take the externalUserManager as the userManager once configured in the admin console under configuration when using ldap authentication? |
| Comment by Magnolia International [ 03/Jun/08 ] |
|
Updated documentation at http://documentation.magnolia.info/modules/ldap/ldapinstallation.html and removed redundant install.txt file. |
| Comment by Yuanhua Qu [ 03/Jun/08 ] |
|
The new documentation for ldap config is great! Thanks. |