[Cubicweb] Apache + CubicWeb + LDAP

Dimitri Papadopoulos Orfanos dimitri.papadopoulos at cea.fr
Sun Jan 26 17:57:33 CET 2014


Hi,

I haven't been able to get ldapfeed to work yet. Can you help me?

I have created a test CubicWeb instance, added an additional ldapfeed 
source (last question of "cubicweb-ctl create") and finally configured 
this additional source from the "Manage|data sources" link :

* configuration
   auth-mode=simple
   data-cnx-dn=cn=[...]
   data-cnx-password=[...]
   user-base-dn=ou=People,dc=[...]
   user-scope=ONELEVEL
   user-classes=top,posixAccount
   user-login-attr=uid
   user-attrs-map=userPassword:upassword,uid:login
   group-base-dn=ou=Group,dc=[...]
   group-scope=ONELEVEL
   group-classes=top,posixGroup
   group-attrs-map=memberUid:member,cn:name

* url
   ldap://neurospin-ldap1.intra.cea.fr

The LDAP server is a CentOS 6.4 server running OpenLDAP 2.4.23, 
passwords are stored as {MD5}.

CubicWeb does communicate with LDAP and I understand the account is 
found, but authentication eventually fails. Here is an excerpt of the 
CubicWeb instance log:

(cubicweb.sources.NeuroSpin) INFO: ldap authenticate jd123456
(cubicweb.sources.NeuroSpin) DEBUG: ldap search NeuroSpin 
ou=People,dc=[...] 1 
(&(uid=jd123456)(objectClass=top)(objectClass=posixAccount)) []
(cubicweb.sources.NeuroSpin) DEBUG: ldap built results 1
(cubicweb.sources.NeuroSpin) INFO: connecting 
ldap://neurospin-ldap1.intra.cea.fr:389 as cn=John DOE,ou=People,dc=[...]
(cubicweb.session) DEBUG: rollback for session internal done

Any suggestion where to look to?

-- 
Dimitri Papadopoulos
CEA/Saclay
I2BM, NeuroSpin



More information about the Cubicweb mailing list