New Geoportal install issue

DavidEdmends · ‎05-31-2012

Hi All,

I was wondering if someone could offer me some install for an issue I am unable to resolve.

I have followed the Geoportal 1.2 install guide from here http://sourceforge.net/apps/mediawiki/geoportal/index.php?title=Installation_Version_1.2

My set-up consists of:

Windows Server 2008 R2 (64Bit)
SQL Server 2008 R2
Java JDK 6
Apache Tomcat 6.0.35
Apache Directory Server
Apache Directory Studio

I followed the install guide knowing that I wanted to use LDAP Authentication however as I am new geoportal I decided to first try Simple Authentication.

After a few hours of install I tried the smoke test and everything worked perfectly. I could login using my single sign in and see that the new user had been entered into the geoportal.GPT_user table in SQL Server.

Once I was happy that everything was OK I started setting up the system for the LDAP Authentication and this was when things came unstuck.

If I try to login as gptadmin i get the following message

Your username or password was not valid, please try again...

If I try to login as gptpublisher I get

A valid userid was not auto-generated for remote user: cn=gptpublisher,ou=users,ou=system

Back on the server I can see no new records being added into my SQL Server db and my Tomcat error log has a few Severe: Exceptions raised which ever I know can't be good!

Any advice would be very much welcome, if you need more information please ask and I will update this post.

Thank in advance

David

DavidEdmends · ‎06-06-2012

Hi All,

Would it help if I posted my error logs, gpt.xml or geoportal.xml files?

Cheers

David

DavidEdmends · ‎06-12-2012

Hi All,

Seems people are reading this tread so I have decided to chance putting some of my code up on the off chance that I have made a basic error and someone can spot it for me.

I have two questions, the first relates to the ldap connection properties:

I believe that my geoportal.xml file in the conf\Catalina\localhost folder is working correctly as changing the password kicks up error messages. This makes me think that the issue may be coming from my gpt.xml file within the webapps\geoportal\WEB-INF\classes\gpt\config folder.



<identity encKey="PtkEsri" realm="Geoportal">  
      
       <ldapAdapter>
       
          <ldapConnectionProperties
              providerURL="ldap://SERVERNAME:10389"
              initialContextFactoryName="com.sun.jndi.ldap.LdapCtxFactory"
              securityAuthentication="simple"
              securityProtocol="">
              <ldapServiceAccount
                  securityPrincipal="uid=admin,ou=system"
                  securityCredentials="secret"
                  encrypted="false"
                  catalogAdminDN="cn=gptadmin,ou=users,ou=system"/>
          </ldapConnectionProperties>
        
          <singleSignOn
              active="false"
              credentialLocation="userPrincipal"
              anonymousValue=""
              logoutOutcome=""/>
            
          <selfCareSupport
              supportsLogin="true"
              supportsLogout="true"
              supportsUserRegistration="true"
              supportsUserProfileManagement="true"
              supportsPasswordChange="true"
              supportsPasswordRecovery="true"/>
            
          <roles authenticatedUserRequiresRole="true">
              <role
                  key="gptRegisteredUser"
                  groupDN="cn=gpt_registeredUsers,ou=groups,ou=system"/>
              <role
                  key="gptPublisher"
                  inherits="gptRegisteredUser"
                  groupDN="cn=gpt_publishers,ou=groups,ou=system"/>
              <role
                  key="gptAdministrator"
                  inherits="gptPublisher"
                  groupDN="cn=gpt_administrators,ou=groups,ou=system"/>
          </roles>
        
          <users
              displayNameAttribute="uid"
              passwordEncryptionAlgorithm="SHA"
              newUserDNPattern="cn={0},ou=users,ou=system"
              usernameSearchPattern="(&amp;(objectclass=person)(cn={0}))"
              searchDIT="ou=users,ou=system">
              <requiredObjectClasses>
                  <objectClass name="top"/>
                  <objectClass name="person"/>
                  <objectClass name="organizationalPerson"/>
                  <objectClass name="inetOrgPerson"/>
              </requiredObjectClasses>
              <userAttributeMap>
                  <attribute key="username"     ldapName="uid"/>
                  <attribute key="password"     ldapName="userPassword"/>
                  <attribute key="email"        ldapName="mail"/>
                  <attribute key="firstName"    ldapName="givenName"/>
                  <attribute key="lastName"     ldapName="sn"/>
                  <attribute key="organization" ldapName="o"/>
                  <attribute key="affiliation"  ldapName="businessCategory"/>
                  <attribute key="street"       ldapName="street"/>
                  <attribute key="city"         ldapName="l"/>
                  <attribute key="stateOrProv"  ldapName="st"/>
                  <attribute key="postalCode"   ldapName="postalCode"/>
                  <attribute key="country"      ldapName=""/>
                  <attribute key="phone"        ldapName="telephoneNumber"/>
              </userAttributeMap>
          </users>
      
          <groups
              displayNameAttribute="cn"
              dynamicMemberOfGroupsAttribute=""
              dynamicMembersAttribute=""
              memberAttribute="uniquemember"
              memberSearchPattern="(&amp;(objectclass=groupOfUniqueNames)(uniquemember={0}))"
              searchDIT="ou=groups,ou=system">
     
          </groups>
       </ldapAdapter>
    </identity>

My second question relates to SQLServer:

As I am new to geoportal and have never seen it running server side therefore could anyone tell me if I should see any entries in the geoportal.GTP_User table when I start my tomcat service?

When I start the service I have no entries in this table unless I register a new user via the "register" button on the geoportal homepage.

Thanks in advance

David

DavidEdmends · ‎06-15-2012

Just to close out this post - the problem was resolved thanks to the help of Gianni over on the SourceForge forum https://sourceforge.net/projects/geoportal/forums/forum/1096643/topic/5354443/index/page/1.

The main issue was a missing UID attribute in the LDAP user entries.

David

MartenHogeweg · ‎06-15-2012

As you have noticed, most discussion on Geoportal Server happens over on the SourceForge site.

DavidEdmends · ‎06-15-2012

Yes Marten - sadly it took me a few weeks to figure that one out.

Cheers

David

RichBaldwin · ‎08-29-2012

Is the ldapServiceAccount element limited to securityPrincipal, securityCredentials, encrypted, and catalogAdminDN attributes? It would seem that if encrypted="true" that a passwordEncryptionAlgorithm attribute would also be needed. I don't see any ESRI examples where encryption is true, any ESRI schema defining the attributes, or an java API showing the elements of this object. I'd like clarification on what seems to be an incomplete definition.

Tx, Rich