my project recently opted for LDAP authenctication from HTTP, is it possible to change them with out re-running the steps,. or pls let me know how we can do this.
It is possible, however you need to do some manual steps.
Please check out the following link for some hints (it is for OpenId to LDAP migration, but you need to do some manual work in the same database tables):
https://groups.google.com/forum/#!topic/repo-discuss/VMpG0k119AY
Related
I am trying to have SCM Manager accept users from my organization so they can log in using their Windows username and password. I have installed the LDAP plugin, but it still doesn't recognize my own windows username and password from my organization
I don't really understand - I think I shouldn't even need LDAP and some kind of basic authentication should be able to figure out my username password on windows active directory etc type of thing...
Do I need the SSL to do this? It says various things about a binding problem.
I am using the custom LDAP profile. I put wsproxy in the proxy server area and enabled. I have no idea what that means but it was the same configuration that I saw in a previous installation of SCM-server that worked with organizational credentials on windows server.
This problem occurred after upgrading from version 1.6 to 2.9.
Though I was not the person who set it up on v1.6.
UPDATE: what's needed is not LDAP plugin, but rather understanding how to configure active directory for SCM - previously, in 1.X versions active directory plugin worked under the hood - now it needs to be configured and I have no idea how -- also the active directory plugin for 1.X is no longer available - if you could provide me with that code I might be able to see how it connects to AD and then go from there on version 2.X - any chance you can get me access to the code of https://bitbucket.org/sdorra/scm-manager/wiki/active-directory-plugin??
We have an issue for the LDAP plugin saying that the migration of the ldap password may fail (though I cannot reproduce this), so maybe this happened with your migration, too. Proxy settings should not play any part in this game, because as far as I know company ldaps aren't behind a proxy.
The configuration for 2.x should be the same as for 1.60. We haven't changed anything here. So first I would try to reenter the "Connection Password". If this still fails, please use the "Test connection" feature. Enter a valid authentication here. This tells you, on what level the connection fails and may show you an exception with further information.
Feel free to post your results here for further investigation.
I'm trying to install Umbraco on an ASP.NET environment. After I downloaded the umbraco nuget package I tried to run the installation wizard, by building and running the project. All is fine and good, if i take the default database configuration, but if I want to customize my configuration, it fails and says :
"Could not connect to database"
I'm trying to configure it to use my local SQLExpress database, but I just cannot get it working. I have both tried putting in the server information and connecting via. a connection string, via. the wizard. It produces the same error every time.
I have made a database called umbracoblog and created an admin user, with credentials. He has dbowner etc. for the database. Besides that, I have also given full permissions to IIS_IUSRS and Network Service accounts for the project and all subdirectories, and it still doesn't work.
These are some of the connection strings I have tried:
datalayer=SqlServer;Data Source=.\SQLExpress;Initial Catalog=umbracoblog;User Id=admin;Password=********;
datalayer=SqlServer;Data Source=127.0.0.1\SQLExpress;Initial Catalog=umbracoblog;User Id=admin;Password=*******;
I have also tried putting in the connectionstring into the web.config, manually, but that just makes the project load infinitely in the browser, when I run it.
It's starting to get frustrating, that I cannot even get past the configuration of Umbraco, because it look very cool. I have tried everything I was able to found online. Have anyone gone through this and know what I need to do ?
Start again - clear out and remove the umbracoDbDSN connection string entirely from your web.config and reset the umbracoConfigurationStatus AppSetting back to empty if it has been populated.
Use the Wizard to configure the database - if it's still having problems connecting then here's a few things to check:
Check the Log file here: ~/App_Settings/Logs/UmbracoTraceLog.txt - does that show up any errors?
Make sure you can connect to the database using other clients - if Umbraco can't connect to it, chances are something else won't be able to as well.
What happens if you use Integrated Authentication? If that works, then it's most likely an issue with the username and password you specified.
The password I had for the SQL Server user had a character that the installation UI didn't accept. I changed the password to remove special characters and it was able to connect to the server again. I could successfully log in through SSMS with the previous password.
I am developing test application for displaying claims of authenticated identity in MVC-ASP.net (Visual studio 2013)
I have given authentication from active directory in following way.
1.Add new mvc project in solution .
2.click on Change authentication.
3.select organization account
4.select on premises.
5.given federation url
6.App Id url
After running the application i am getting following error.
WIF10201: No valid key mapping found for securityToken: 'System.IdentityModel.Tokens.X509SecurityToken' and issuer: 'http://websso.avanade.com/adfs/services/trust'
This error is coming only for this federation for other federation i am able to see claims.
After searching on internet i am thinking that it is certificate(thumbprint) issue.
But I am not clear with solutions.
Can anybody explain me why this error throwing and solution for the same.
Thanks in Advance !!!
There could be 2 causes for this error.
Missing thumbprint in web.config: Get the actual thumbprint from ADFS and put in web.config under the thumbprint tag
Mismatch in port number between the site and ADFS configuration: Update ADFS configuration with the url containing the correct port number
The second solution fixed it for me...
I ran into this while trying to update a legacy MVC application to use AAD.
I based the changes on a newly created project with organizational authentication and noticed I did not have a connection string named DefaultConnection, which the DatabaseIssuerNameRegistry assumes you will, nor did I have either of the required tables in the database.
Using Vittorio Bertocci's great post with all the details, I refactored the code to integrate the new database tables, created and applied a migration, and inserted the appropriate key and tenant in the new IssuingAuthorityKey and Tenant tables, respectively. I also had to make sure to change the DatabaseIssueNameRegistry to use the existing DbContext.
For solutions created in VS2013 and later, the solution should contain the logic to roll over keys automatically. No need to put the value in the web.config file.
You might run into this issue when migrating your solution from local to another environment. In that case you will probably try to point your solution to a new application in Azure Active Directory. Check the following:
Make sure all urls in the web.config are pointing to the correct url not the one automatically generated when you set it up locally
Remove all enteries from IssuingAuthorityKeys table. The keys will autopopulate when you re-build the solution and run it. On the server you might need to replace the dlls manually for it to refresh
Last and most important, delete all rows from the Tenants table. On the first run on the new environment, an Admin from the owning Active Directory has to sign up and authorize the application.
If the values in both tables are still not populated automatically after these steps, check this article for steps on how to manually get the values.
Thumbprints and server names are case sensitive in web.config. make sure they are typed correctly and restart IIS.
It fixed my issue.
So I have an application that works perfectly on my desktop, and also works perfectly when deployed to tomcat on a windows machine. However, when I attempt to use this application while deployed on the same version of tomcat, but on AIX, it fails to retrieve data out of LDAP.
A user is able to successfully authenticate, but the context is null. DirContextOperations is passed into my ContextMapper as null. Does anyone know what ports that need to be open to get this data or what other configuration may need to be done? Based on what I am seeing it has to be a server configuration issue somewhere.
If you are using Spring Security LDAP plugin then it will be easy to co-relate the below mentioned configuration in AIX with the app. I prepared few snapshots for the configuration so that I do not clutter the answer space here. Have a look at LDAP config in AIX and try to setup the same in AIX Server.
Now coming to the LDAP plugin, there is nothing much other than setting up a bunch of properties is required. Values for these properties will be available once the LDAP configuration is done in AIX (as mentioned in the above mentioned slide).
Note:-
After creating a standalone LDAP, you might need to add realm if the user is associated to a group. I have not mentioned the same in the slides since I do not have an active LDAP host available now.
UPDATE
Instead of using BindAuthenticator can you try switching to PasswordComparisonAuthenticator for authentication.
Using the below setting in Config forces to use PasswordComparisonAuthenticator to authenticate and return back the DirContextOperations. Can this setting be tried?
grails.plugins.springsecurity.ldap.authenticator.useBind = false
#Refer LdapAuthentication Implementations.
I am not sure if this will be the answer in your case. I was also getting null in DirContextOperations object when trying to obtain values from Active Directory.
I was trying to get ldap attributes like this as the Grails LDAP plugin Documentation states:
String mail = ctx.originalAttrs.attrs['mail'].values[0]
and all those were null. So I have changed the line above for this one instead and it works for me:
String mail = ctx.attributes.getAt('mail').values[0].toString()
i have service to send sms to the mobile through Application. I am getting the follwing error.
2011-06-06 19:37:35,729 [http-8080-2] ERROR sipgate.SipgateService - Server returned HTTP response code: 401 for URL: https://samurai.sipgate.net/RPC2
This probably means you are using an invalid username or password
Have you set up the config as explained on the plugin page (at the top of the documentation)?
I also assume that this means your earlier problem was solved... Can you accept the answer if my answer helped, or explain what you did to fix it if it did not?
I agree with Tim. You can only log in, if your Sipgate-Registration was verified by Sipgate.
Points, which you can check to see if your account is not working:
Try to log in on the sipgate.de webpage
Use the Perl-Client given here: http://www.sipgate.de/basic/api
The client can be downloaded at this location:http://www.sipgate.de/beta/public/static/downloads/basic/api/sipgate_api_perl_examples.zip
Hopefully you should not be able to do at least one of these things. Then you know you have to talk to the support # sipgate
The documentation on the plugin-page says, you have to have a 'conf/Config.groovy'-file. This means that you should have the basic Config.groovy file in the folder 'grails-app/conf/', which ships with every Grails installation. So my guess is that you might have created a different Config.groovy-file. So better check on the Config.groovy-file. The SMS-plugin should have generated some placeholders for you, where you need to enter your sipgate-account-data.