We're Hiring!

Open Microscopy Environment

The OME community

Skip to content

problem setting LDAP properties

Having a problem deploying OMERO? Please ask new questions at https://forum.image.sc/tags/omero
Please note:
Historical discussions about OMERO. Please look for and ask new questions at https://forum.image.sc/tags/omero

The OMERO.server installation documentation begins here and you can find OMERO.web deployment documentation here.
Post a reply

problem setting LDAP properties

Postby bernie » Fri Feb 25, 2011 1:11 pm

I am trying to configure LDAP on our development server, initially without SSL, and cannot configure the property:

omero.ldap.user_filter=(objectClass=person)

Various attempts throw up syntax errors:
[omero@omerodev omero_dist]$ bin/omero config set (objectClass=uosunixobject)
-bash: syntax error near unexpected token `('

[omero@omerodev omero_dist]$ bin/omero config set "(objectClass=uosunixobject)"
"=" in key name. Did you mean "...set (objectClass uosunixobject)"?

so this works:
[omero@omerodev omero_dist]$ bin/omero config set "(objectClass uosunixobject)"

The output of get is:

[omero@omerodev omero_dist]$ bin/omero config get
(objectClass=uosunixobject)
omero.db.name=omero
omero.db.pass=********
omero.db.user=omero
omero.ldap.base=ou=Unix,ou=USCS,o=University of Sussex
omero.ldap.config=true
omero.ldap.new_user_group=omerodev
omero.ldap.urls=ldap://ldap0.uscs.sussex.ac.uk:389
omero.ldap.user_filter=objectClass=uosunixobject
omero.ldap.user_mapping=omeName=uid,firstName=givenName,lastName=sn,email=mail
omero.web.application_host=http://omerodev.lifesci.susx.ac.uk:80
omero.web.application_server=fastcgi-tcp

ie the brackets aren't there.

also note: omeName=uid

Authentication fails and I get the following entries in the Blitz-0.log:

2011-02-25 13:01:27,355 INFO [ ome.services.util.ServiceHandler] (l.Server-1) Excp: org.springframework.ldap.InvalidSearchFilterException: Unbalanced parenthesis; nested exception is javax.naming.directory.InvalidSearchFilterException: Unbalanced parenthesis; remaining name ''
2011-02-25 13:01:27,356 ERROR [services.blitz.fire.PermissionsVerifierI] (l.Server-1) Exception thrown while checking password for:bafy7
ome.conditions.InternalException: Wrapped Exception: (org.springframework.ldap.InvalidSearchFilterException):
Unbalanced parenthesis; nested exception is javax.naming.directory.InvalidSearchFilterException: Unbalanced parenthesis; remaining name ''
at org.springframework.ldap.support.LdapUtils.convertLdapException(LdapUtils.java:133)

Also, I/we need to admit to the sin of trying to edit the config.xml file directly. I mention this because of the unusual entry at the beginning of the get output:

(objectClass=uosunixobject)

This can be seen as an entry in the xml file:

<property name="omero.ldap.user_filter" value="objectClass=uosunixobject"/>
<property name="(objectClass" value="uosunixobject)"/>

and I suspect it shouldn't be there!

Bernie
bernie
 
Posts: 50
Joined: Mon Aug 17, 2009 12:03 pm
Top

Re: problem setting LDAP properties

Postby jmoore » Fri Feb 25, 2011 1:54 pm

Hi Bernie,

You're right, the entry shouldn't be there. You've fallen prey to unix whitespace handling. Originally, you wanted the command:
Code: Select all
bin/omero config set omero.ldap.user_filter "(objectClass=person)"

Rather than editing the config.xml yourself (which isn't really that sinful), you could also try:
Code: Select all
bin/omero config edit

which should open an editor (vim?) for you to modify the files. Any lines you delete will be removed from the config.

Hope that helps!
~Josh
User avatar
jmoore
Site Admin
 
Posts: 1591
Joined: Fri May 22, 2009 1:29 pm
Location: Germany
Top

Re: problem setting LDAP properties

Postby bernie » Fri Feb 25, 2011 4:39 pm

It did. thanks, Bernie
bernie
 
Posts: 50
Joined: Mon Aug 17, 2009 12:03 pm
Top
Post a reply

Return to Installation and Deployment

Who is online

Users browsing this forum: No registered users and 1 guest

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group