Difference between revisions of "Active Directory"
From OpenKM Documentation
(63 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
− | + | {{TOCright}} __TOC__ | |
− | + | == Configuration == | |
+ | * [[Active Directory - OpenKM 6.2| OpenKM 6.2]] | ||
+ | * [[Active Directory - OpenKM 5.1| OpenKM 5.1]] | ||
+ | * [[Active Directory - OpenKM 5.0| OpenKM 5.0]] | ||
+ | * [[Active Directory - OpenKM 4.1| OpenKM 4.1]] ( valid for older versions ) | ||
− | + | == Enable debug on login process == | |
− | + | === OpenKM 6.2 - Tomcat === | |
− | + | Edit the log4j configuration file located at '''$TOMCAT_HOME/conf/log4j.properties''' and add: | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
<source lang="java"> | <source lang="java"> | ||
− | + | log4j.logger.org.springframework.security=DEBUG | |
</source> | </source> | ||
− | + | Tomcat released with OpenKM has a configured a listener which watch the '''log4.properties''' files for changes, so you don't need to restart Tomcat to make these changes effectives. | |
− | ''' | + | === OpenKM 5.1 - JBoss === |
+ | It's good practice to enable login debugging when you make any change to the authentication mechanism. Edit the file '''$JBOSS_HOME/server/default/conf/jboss-log4j.xml''' and add the category ( remember you must restart jboss for it to take effect ): | ||
<source lang="xml"> | <source lang="xml"> | ||
− | < | + | <category name="org.jboss.security"> |
− | + | <priority value="TRACE" class="org.jboss.logging.XLevel"/> | |
− | + | </category> | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | </ | ||
</source> | </source> | ||
− | + | or | |
− | <source lang=" | + | <source lang="xml"> |
− | + | <category name="org.jboss.security"> | |
− | + | <priority value="TRACE" class="org.jboss.logging.XLevel"/> | |
+ | <appender-ref ref="SECURITY_F"/> | ||
+ | </category> | ||
+ | |||
+ | <appender name="SECURITY_F" class="org.jboss.logging.appender.DailyRollingFileAppender"> | ||
+ | <param name="Append" value="true"/> | ||
+ | <param name="DatePattern" value="'.'yyyy-MM-dd"/> | ||
+ | <param name="File" value="${jboss.server.home.dir}/log/jboss.security.log"/> | ||
+ | <layout class="org.apache.log4j.PatternLayout"> | ||
+ | <param name="ConversionPattern" value="%d{ABSOLUTE} %-5p [%c] %m%n"/> | ||
+ | </layout> | ||
+ | </appender> | ||
</source> | </source> | ||
− | + | More info at [http://primalcortex.wordpress.com/2007/11/28/jboss-and-jaas-debug/ JBoss and JAAS debug]. | |
+ | |||
+ | == Active directory utilities == | ||
+ | We recommend to take a look at these tools: | ||
+ | * [http://directory.apache.org/studio/ Apache Directory Studio] | ||
+ | * [http://technet.microsoft.com/en-us/sysinternals/bb963907.aspx Active Directory Explorer Utility] | ||
− | + | See also: | |
− | + | * [[Testing LDAP configuration]] | |
− | + | * [http://forum.openkm.com/viewtopic.php?f=13&t=3535 Forum: Usuario administrador LDAP v.4] | |
+ | * [http://primalcortex.wordpress.com/2007/11/28/jboss-and-jaas-debug/ JBoss and JAAS debug] | ||
+ | * [http://krams915.blogspot.com.es/2011/01/ldap-apache-directory-studio-basic.html LDAP - Apache Directory Studio: A Basic Tutorial] | ||
+ | * [http://community.jboss.org/message/427398 LDAP authentication using LDAPExtUserModuleImpl is case-inse] | ||
+ | * [http://community.jboss.org/wiki/LdapExtLoginModule LdapExtLoginModule] | ||
+ | * [http://community.jboss.org/wiki/LdapLoginModule LdapLoginModule] | ||
+ | * [http://community.jboss.org/thread/159069 Problems with LdapExtLoginModule] | ||
[[Category: Installation Guide]] | [[Category: Installation Guide]] |
Latest revision as of 11:13, 27 December 2012
Configuration
- OpenKM 6.2
- OpenKM 5.1
- OpenKM 5.0
- OpenKM 4.1 ( valid for older versions )
Enable debug on login process
OpenKM 6.2 - Tomcat
Edit the log4j configuration file located at $TOMCAT_HOME/conf/log4j.properties and add:
log4j.logger.org.springframework.security=DEBUG
Tomcat released with OpenKM has a configured a listener which watch the log4.properties files for changes, so you don't need to restart Tomcat to make these changes effectives.
OpenKM 5.1 - JBoss
It's good practice to enable login debugging when you make any change to the authentication mechanism. Edit the file $JBOSS_HOME/server/default/conf/jboss-log4j.xml and add the category ( remember you must restart jboss for it to take effect ):
<category name="org.jboss.security">
<priority value="TRACE" class="org.jboss.logging.XLevel"/>
</category>
or
<category name="org.jboss.security">
<priority value="TRACE" class="org.jboss.logging.XLevel"/>
<appender-ref ref="SECURITY_F"/>
</category>
<appender name="SECURITY_F" class="org.jboss.logging.appender.DailyRollingFileAppender">
<param name="Append" value="true"/>
<param name="DatePattern" value="'.'yyyy-MM-dd"/>
<param name="File" value="${jboss.server.home.dir}/log/jboss.security.log"/>
<layout class="org.apache.log4j.PatternLayout">
<param name="ConversionPattern" value="%d{ABSOLUTE} %-5p [%c] %m%n"/>
</layout>
</appender>
More info at JBoss and JAAS debug.
Active directory utilities
We recommend to take a look at these tools:
See also: