Hitachi Vantara Pentaho Community Forums
Results 1 to 3 of 3

Thread: Pentaho 7 CE and LDAP

  1. #1

    Default Pentaho 7 CE and LDAP

    Hi,

    so after dealing with PostgreSQL integration and the famous "QRTZ" table creation... now I'm stuck on LDAP auth. Already been able to resolve ssl cerftificate trust against my AD. But unable to login. At each try I get this in the logs:

    catalina.out
    Code:
    19-May-2017 16:31:18.881 INFO [main] org.apache.catalina.startup.Catalina.start Server startup in 113402 ms Attempting to load ESAPI.properties via file I/O. Attempting to load ESAPI.properties as resource file via file I/O. Not found in 'org.owasp.esapi.resources' directory or file not readable: /home/pentaho/pentaho/server/pentaho-server/tomcat/bin/ESAPI.properties Not found in SystemResource Directory/resourceDirectory: .esapi/ESAPI.properties Not found in 'user.home' (/home/pentaho) directory: /home/pentaho/esapi/ESAPI.properties Loading ESAPI.properties via file I/O failed. Exception was: java.io.FileNotFoundException Attempting to load ESAPI.properties via the classpath. SUCCESSFULLY LOADED ESAPI.properties via the CLASSPATH from '/ (root)' using current thread context class loader! SecurityConfiguration for Validator.ConfigurationFile not found in ESAPI.properties. Using default: validation.properties Attempting to load validation.properties via file I/O. Attempting to load validation.properties as resource file via file I/O. Not found in 'org.owasp.esapi.resources' directory or file not readable: /home/pentaho/pentaho/server/pentaho-server/tomcat/bin/validation.properties Not found in SystemResource Directory/resourceDirectory: .esapi/validation.properties Not found in 'user.home' (/home/pentaho) directory: /home/pentaho/esapi/validation.properties Loading validation.properties via file I/O failed. Attempting to load validation.properties via the classpath. validation.properties could not be loaded by any means. fail. Exception was: java.lang.IllegalArgumentException: Failed to load ESAPI.properties as a classloader resource.
    files:

    applicationContext-security-ldap.properties:
    Code:
    contextSource.providerUrl=ldaps\://company.com\:636 contextSource.userDn=cn\=app.pentaho,ou\=Aplicaciones,ou\=Sistemas,ou\=SYS,ou\=MYOU,dc\=COMPANY,dc\=COM contextSource.password=*********** userSearch.searchBase=ou\=MYOU,dc\=COMPANY,dc\=COM userSearch.searchFilter=(sAMAccountName\={0}) populator.convertToUpperCase=false populator.groupRoleAttribute=cn populator.groupSearchBase=ou\=MYOU,dc\=COMPANY,dc\=COM populator.groupSearchFilter=(member\={0}) populator.rolePrefix= populator.searchSubtree=true allAuthoritiesSearch.roleAttribute=cn allAuthoritiesSearch.searchBase=ou\=MYOU,dc\=COMPANY,dc\=COM allAuthoritiesSearch.searchFilter=(objectClass\=group) allUsernamesSearch.usernameAttribute=sAMAccountName allUsernamesSearch.searchBase=ou\=MYOU,dc\=COMPANY,dc\=COM allUsernamesSearch.searchFilter=objectClass\=Person adminRole=cn\=Pentaho Administrators,ou\=Aplicaciones,ou\=Sistemas,ou\=SYS,ou\=MYOU,dc\=COMPANY,dc\=COM adminUser=cn\=Pentaho Administrator,ou\=Aplicaciones,ou\=Sistemas,ou\=SYS,ou\=MYOU,dc\=COMPANY,dc\=COM
    repository.spring.properties:
    Code:
    #Tue Mar 26 17:50:44 EDT 2013 singleTenantAdminDefaultUserName=admin singleTenantAdminUserName=admin singleTenantAdminDefaultAuthorityName=Administrator singleTenantAdminAuthorityName=Administrator repositoryAdminUsername=pentahoRepoAdmin singleTenantAuthenticatedAuthorityName=Authenticated singleTenantAnonymousAuthorityName=Anonymous superAdminAuthorityName=SysAdmin superAdminUserName=super systemTenantAdminUserName=system systemTenantAdminPassword=cGFzc3dvcmQ= cache-size=100 cache-ttl=300 versioningEnabled=false versionCommentsEnabled=false # This is the property to enable/disable multi byte encoding in the repository # This property can only be changed to "true" if you are installing it fresh. For upgrades, # this must be set to false. useMultiByteEncoding=false
    Could you point me to the right direction for authentication against ldap?

    Lot of thanks!

    Best.
    Last edited by pablo.alcover; 05-24-2017 at 07:36 AM. Reason: Problem not related

  2. #2

    Default

    Hi,

    the problem in the logs was not related to LDAP. My LDAP auth configuration is now working well and I can still see those ESAPI.properties errors. Doesn't seem to be affecting normal operation.

    Best,

  3. #3

    Default

    Hi again,

    I'm still facing troubles with LDAP integration. Whenever I switch singleTenantAdminUserName and singleTenantAdminAuthorityName as stated in https://help.pentaho.com/Documentati...d_Security/000 I end up with those horrible errors in catalina.out:

    Code:
    ERROR [FileHandler] Couldn't find or create CDE .  dir
    org.pentaho.platform.api.repository2.unified.UnifiedRepositoryAccessDeniedException: access denied while creating folder with name "cde"
    And if I let the default values no errors show up upon startup in catalina.out but I'm not very sure if everything will work as expected.

    The doc. is not very clear about what should be put in those sections "Find these two sections and edit them to match your Active Directory settings, then save and close the file." I tried to match those values with my Pentaho AD administrator user and with my Pentaho AD Admin Group:

    Code:
    #Tue Mar 26 17:50:44 EDT 2013
    singleTenantAdminDefaultUserName=admin
    singleTenantAdminUserName=pentaho
    singleTenantAdminDefaultAuthorityName=PentahoAdministrators
    singleTenantAdminAuthorityName=PentahoAdministrators
    repositoryAdminUsername=pentahoRepoAdmin
    singleTenantAuthenticatedAuthorityName=PentahoUsers
    singleTenantAnonymousAuthorityName=Anonymous
    superAdminAuthorityName=SysAdmin
    superAdminUserName=super
    systemTenantAdminUserName=system
    systemTenantAdminPassword=cGFzc3dvcmQ=
    cache-size=100
    cache-ttl=300
    versioningEnabled=false
    versionCommentsEnabled=false
    # This is the property to enable/disable multi byte encoding in the repository
    # This property can only be changed to "true" if you are installing it fresh. For upgrades,
    # this must be set to false.
    useMultiByteEncoding=false
    So I do not now which are the right maps to set up. Colud someone point me in the right direction?

    Lot of thanks!

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Privacy Policy | Legal Notices | Safe Harbor Privacy Policy

Copyright © 2005 - 2017 Pentaho Corporation. All Rights Reserved.