[MGNLLDAP-28] 401 error at activating a page when using only Ldap authentication Created: 26/Feb/08  Updated: 27/Nov/13  Resolved: 03/Jun/08

Status: Closed
Project: LDAP Connector
Component/s: None
Affects Version/s: 1.2.1
Fix Version/s: 1.2.2-m1

Type: Bug Priority: Blocker
Reporter: Yuanhua Qu Assignee: Jan Haderka
Resolution: Fixed Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

linux
tomcat 6.0
jdk 1.5
ldap1.2
all magnolia user password value is null


Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Bug DoR:
[ ]* Steps to reproduce, expected, and actual results filled
[ ]* Affected version filled
Date of First Response:

 Description   

We have users existed in magnolia and also our ldap, we use ldap for authentication, but we still use magnolia role and group to grant permissions. When using ldap authentication only, we can login to both author instance and public instance. But when we tried to active a page , it throws 401 error. Here is the trace http://rafb.net/p/oO9gZY82.html



 Comments   
Comment by Philipp Bracher [ 27/Feb/08 ]

You are sure that:

Comment by Yuanhua Qu [ 27/Feb/08 ]

Yes.

1. The superuser's password matches. Use same ldap account for authentication.
2. Both instances are running version 3.5.4
3. The URL you pointed is reachable

By the way, if I set this magnolia user's password not to be null and allow using magnolia credentials to login. This user will be able to do activation without a problem.

Comment by Yuanhua Qu [ 04/Mar/08 ]

With Vivian's help, find the way to fix this 401 problem.

Didn't realize that the order of userManagers in the admin console under configuration would make such difference. Unfortunately, the system didn't pick up its userManager as externalUserManager once we configured to use ldap login and add external node in the userManager. Under current version, system pick userManager in the order of the list under Configuration/server/security/userManagers/. Therefore put external node under userManagers before admin node will let the system pick up the right userManager (external) to use ldap credentials when doing activation.

Would it be nice if this could be emphasized in the INSTALL.TXT for ldap authentication or hardcoded to take the externalUserManager as the userManager once configured in the admin console under configuration when using ldap authentication?

Comment by Magnolia International [ 03/Jun/08 ]

Updated documentation at http://documentation.magnolia.info/modules/ldap/ldapinstallation.html and removed redundant install.txt file.
Any feedback appreciated

Comment by Yuanhua Qu [ 03/Jun/08 ]

The new documentation for ldap config is great! Thanks.

Generated at Mon Feb 12 02:20:53 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.