environment: windows 2008R2, webMethods 9.5
I’m trying to config the borker basic authentication with openldap, the basicauth.cfg is showed as below:
alias=LDAP1
authtype=LDAP
serverhost=10.78.1.173
serverport=389
alias-min-disabletime=10
alias-max-disable-time=180
defaultDomain=dc=staples,dc=cn
ldap-person-base-binddn=ou=brokerAccount,dc=staples,dc=cn
ldap-group-base-binddn=ou=brokeGroup,dc=staples,dc=cn
ldap-person-objectclass=inetOrgPerson
ldap-group-objectclass=groupOfUniqueNames
ldap-group-prs-attr=uniqueMember
ldap-server-type=OpenLDAP
ldap-userid-field=uid
ldap-passwd-field=userPassword
ldap-groupid-field=cn
ldap-allow-domain-as-base-bind-dn=true
ldap-person-property-attr=cn,sn
ldap-group-property-attr=cn
resolve-groups=ru
The basicauth.log shows that Basic Authentication works after adding the Broker Administrator Basic Identity in MWS -
D 13:35:48 (0000130c) AuthUser_A: calling function with user: Admin, domain:
D 13:35:48 (0000130c) [authldap] | checkLDAPpwdA[exposed] : Entering.
D 13:35:48 (0000130c) (017A0078) [ authldap.c ] | ssx_ldap_open_connectionA
Entering…
D 13:35:48 (0000130c) [authldap] | ssx_ldap_open_connectionA : Entering.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_open_connectionA : Parameters
User: Admin
BaseBindDn: dc=staples,dc=cn
RequestBaseDN:
fullBindDN:
D 13:35:48 (0000130c) [authldap] | ssx_ldap_open_connectionA : Request Base DN passed is NULL.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_open_connectionA : Server host retrieved - “10.78.1.173”.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_open_connectionA : User name - “Admin”.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_open_connectionA : Distinguished name filter is - “(&(objectclass=inetOrgPerson)(uid=Admin))”.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_open_connectionA : Trying to bind to LDAP server(“10.78.1.173:389” with user “Admin”, and base bind DN was specified).
D 13:35:48 (0000130c) (017A0078) [ authldap.c ] | ssx_ldap_init_connectionA
Entering…
D 13:35:48 (0000130c) (017A0078) [ authldap.c ] | ssx_ldap_init_connectionA
Request Base DN passed is NULL.
D 13:35:48 (0000130c) (017A0078) [ authldap.c ] | ssx_ldap_init_connectionA
Server host retrieved!
D [VAR]Server host: 10.78.1.173
D 13:35:48 (0000130c) (017A0078) [ authldap.c ] | ssx_ldap_init_connectionA
ldap_init called successfully.
D 13:35:48 (0000130c) (017A0078) [ authldap.c ] | ssx_ldap_init_connectionA
Setting LDAP protocol version.
D 13:35:48 (0000130c) (017A0078) [ authldap.c ] | ssx_ldap_init_connectionA
Setting LDAP_OPT_REFERRALS option to OFF.
D 13:35:48 (0000130c) (017A0078) [ authldap.c ] | ssx_ldap_init_connectionA
ldap_connect called successfully.
D 13:35:48 (0000130c) (017A0078) [ authldap.c ] | ssx_ldap_init_connectionA
Done.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_open_connectionA : Connection initialized successfully.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_open_connectionA : Full DN - “uid=Admin,dc=staples,dc=cn”.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_open_connectionA : Binding…
D 13:35:48 (0000130c) (017A0078) [ authldap.c ] | ssx_ldap_init_requestA
Entering…
D 13:35:48 (0000130c) (017A0078) [ authldap.c ] | ssx_ldap_init_requestA
Done.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_get_distinguished_nameA : Entering.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_searchA : Entering.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_searchA : Request to be executed :
[authldap] | ssx_ldap_searchA : =================================
[authldap] | ssx_ldap_searchA : Request : 73657168
[authldap] | ssx_ldap_searchA : Connection : 32708232
[authldap] | ssx_ldap_searchA : Auth Handle: 24772728
[authldap] | ssx_ldap_searchA : User Handle: 0
[authldap] | ssx_ldap_searchA : Base : ou=brokerAccount,dc=staples,dc=cn
[authldap] | ssx_ldap_searchA : Scope : 2
[authldap] | ssx_ldap_searchA : Filter : (&(objectclass=inetOrgPerson)(uid=Admin))
[authldap] | ssx_ldap_searchA : Size Limit : 0
[authldap] | ssx_ldap_searchA : Time Limit : 5, 0
[authldap] | ssx_ldap_searchA : =================================
D 13:35:48 (0000130c) [authldap] | ssx_ldap_searchA : ldap_search retcode: 0, request result : request->res[0] = 0000000001F36758
D 13:35:48 (0000130c) [authldap] | ssx_ldap_searchA : ldap_search call duration: 0.002 sec
D 13:35:48 (0000130c) [authldap] | ssx_ldap_searchA : Search results count 1.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_searchA : Done(0).
D 13:35:48 (0000130c) [authldap] | ssx_ldap_distinguished_name_parseA : Entering.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_distinguished_name_parseA : First entry found.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_distinguished_name_parseA : Entries count is 1.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_distinguished_name_parseA : Done.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_get_distinguished_nameA : new determined DN (uid=Admin,ou=brokerAccount,dc=staples,dc=cn).
D 13:35:48 (0000130c) [authldap] | ssx_ldap_get_distinguished_nameA : Done.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_open_connectionA : Full DN - “uid=Admin,ou=brokerAccount,dc=staples,dc=cn”.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_open_connectionA : Binding…
D 13:35:48 (0000130c) [authldap] | ssx_ldap_open_connectionA : Successful binding to user dn - “uid=Admin,ou=brokerAccount,dc=staples,dc=cn”
D 13:35:48 (0000130c) [authldap] | ssx_ldap_open_connectionA : Connecting and binding to LDAP server(“10.78.1.173:389” with user “uid=Admin,ou=brokerAccount,dc=staples,dc=cn”) was successful.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_open_connectionA : Done.
D 13:35:48 (0000130c) (017A0078) [ authldap.c ] | ssx_ldap_open_connectionA
Done.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_release_connectionA : Entering.
D 13:35:48 (0000130c) [authldap] | ssx_ldap_release_connectionA : Closing connection
D 13:35:48 (0000130c) [authldap] | ssx_ldap_release_connectionA : Done.
D 13:35:48 (0000130c) [authldap] | checkLDAPpwdA[exposed] : Done.
D 13:35:48 (0000130c) AuthUser_A: login of user ‘Admin’ (domain: dc=staples,dc=cn, host:10.78.1.173, port:389) was successful(17ACE80).
D 13:35:48 (0000130c) SSXCloseUserHandleA: The user handle(17ACE80) will be closed.
D 13:35:48 (0000130c) CloseUserHandleA: Closing the handle of user ‘Admin’.
But the status for Broker Administrator Identity show that “Connected without a identity.” and i can’t config the server’s basic Identity .
please suggest.