Welcome to Knowage Q&A, where you can ask questions and receive answers from other members of the community.

Categories

Most popular tags

cockpit dataset error chart datasource installer datasets installation widget parameters business-model olap knowage knowage_7_1 integration login knowage_7_1-ce report-designer cross-navigation analyticaldriver

LDAP on Knowage 6.2.1

0 votes
1 view

Hello,

I have an issue to get LDAP authentication working on Knowage CE 6.2.1 (Windows Server 2016).

Based on instructions described (https://knowage-suite.readthedocs.io/en/latest/installation-guide/advanced-configuration.html) I:

- defined auth_mode user profile attribute and set it to 'internal' for all build in KW users

- created one additional user (with same name as in my AD) without modifying auth_mode

- created ldap.properties file with below config

INITIAL_CONTEXT_FACTORY:com.sun.jndi.ldap.LdapCtxFactory
PROVIDER_URL:ldap://dany-dc01.dany.hostaky.local:389/
SECURITY_AUTHENTICATION:simple
DN_PREFIX:CN=
DN_POSTFIX:,CN=Users,DC=dany,DC=hostaky,DC=local

- defined ldap.config in setenv.bat pointing to location of my ldap.properties file (set "JAVA_OPTS=%JAVA_OPTS% -Dldap.config=C:\Program%20Files\Knowage-Server-CE\resources\ldap.properties")

- restarted Knowage and changed SPAGOBI.SECURITY.USER-PROFILE-FACTORY-CLASS.className value_check to it.eng.spagobi.security.ProfiledLdapSecurityServiceSupplier

Unfortunately after that neiter LDAP not internal authentication works and I get error:

An error has occurred. Retry later.
If the problems persists, contact the system administrator

Note: DNS works fine to resolve Domain Name, I can connect from KW server to DC on port 389, I tried with ldap.properties file stored on path without a space...

do you see anything wrong in my setup or have any advice how to get LDAP working?

Thank you

Daniel

Environment Knowage CE 6.2.1 x64, JDK 1.8.0_192, Windows Server 2016
in General Configuration by (1.1k points)
this is the error I have in knowage.log

[http-bio-8080-exec-10] 07 Jan 2019 21:48:19,223 ERROR it.eng.spagobi.commons.services.LoginModule.service:240 - Reading user information... ERROR
it.eng.spagobi.utilities.exceptions.SpagoBIRuntimeException: Error while getting user profile object from database
by (1.1k points)

2 Answers

0 votes

Dear, dankog!

I am having the same difficulty as you to configure LDAP authentication.

Got any progress?

An error has occurred. Retry later.
If the problems persists, contact the system administrator.

[http-bio-8080-exec-1] 06 fev 2019 11:27:23,096 ERROR it.eng.spagobi.commons.services.LoginModule.service:240 - Reading user information... ERROR

java.lang.NullPointerException

at it.eng.spagobi.commons.services.LoginModule.service(LoginModule.java:219)

at it.eng.spago.dispatching.module.DefaultPage.invokeServiceBusiness(DefaultPage.java:352)

at it.eng.spago.dispatching.module.DefaultPage.nextStep(DefaultPage.java:302)

at it.eng.spago.dispatching.module.DefaultPage.service(DefaultPage.java:202)

at it.eng.spago.dispatching.module.ModuleCoordinator.service(ModuleCoordinator.java:102)

at it.eng.spago.dispatching.httpchannel.AdapterHTTP.service(AdapterHTTP.java:436)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

at it.eng.spagobi.utilities.filters.AntiInjectionFilter.doFilter(AntiInjectionFilter.java:45)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

at it.eng.spagobi.commons.filters.ProfileFilter.doFilter(ProfileFilter.java:152)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

at it.eng.spagobi.commons.filters.SpagoBICoreCheckSessionFilter.doFilter(SpagoBICoreCheckSessionFilter.java:94)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

at it.eng.spagobi.utilities.filters.EncodingFilter.doFilter(EncodingFilter.java:54)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)

at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)

at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)

at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)

at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)

at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953)

at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)

at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:409)

at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1044)

at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)

at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:315)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)

at java.lang.Thread.run(Thread.java:748)

by (790 points)
unfortunately no progress here and finally I decided not to use ldap authentication
by (1.1k points)

Dear dankog,

I came to a solution that solved my problem !!!

I downloaded the source code (Knowage Labs) and modified the implementation of the LdapSecurityServiceSupplier class.

In my case the variable set la in the setenv "ldap.config" was getting null, so I did the implementation manually.

Hashtable<String, Object> env = new Hashtable<String, Object>();

env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");

env.put(Context.PROVIDER_URL, "ldap://meuldap:389");

env.put(Context.SECURITY_AUTHENTICATION, "simple");

env.put(Context.SECURITY_PRINCIPAL, userId + "@meudominio.com.br");

env.put(Context.SECURITY_CREDENTIALS, psw);

It's not that elegant, but I'm now doing LDAP validation.

I hope it helps you too!

Hugs.

by (790 points)
0 votes

Dear, dankog!

this question always by the user in sbi_user table is null or the sbi_user.flg_pwd_blockd is 1 case,you can check the user in this table is ok?

by (320 points)
Powered by Question2Answer
...