Uploaded image for project: 'Archiva'
  1. Archiva
  2. MRM-1013

Fresh installation of Archiva with LDAP authentication does not survive restart of the servlet container

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.2-M1
    • Fix Version/s: 1.2
    • Component/s: Users/Security
    • Labels:
      None
    • Environment:
      Archiva 1.2-M1, Tomcat 6.0.18, Sun JDK 1.6, ActiveDirectory LDAP for user authentication

      Description

      I'm trying to setup an Archiva instance from the scratch. I've configured Archiva to use LDAP for user authentication (see attached security.policy). The admin user is defined to be "maven" and there's corresponding entry in the ActiveDirectory for the user. When I start Tomcat with no existing Derby database, everything work just fine. The Derby database is created and I can log in using any user in the ActiveDirectory, including the Archiva admin user.

      However, troubles begin if I shutdown Tomcat and re-start it. Now Archiva won't start. Log entries in localhost.2008-11-19.log (attached, as the other log files) would suggest that the system tried to find some user (probably admin user) in the local Derby database, but couldn't find one since we're using remote LDAP directory.

      As a workaround, I was able get Archiva properly running with LDAP support so that I first deleted the Derby databased and used minimal security.properties like this:

      redback.default.admin=maven
      redback.default.guest=mavengu
      security.policy.password.expiration.enabled=false

      This will configure Redback to use the same admin and guest user names that the LDAP setup has. When accessing Archiva for the first time, it'll redirect to admin creation form. After creating the admin user, I shutdown Tomcat and replaced security.properties with the full one that enables LDAP support. Now when Tomcat is started, also Archiva start properly and I'm able to login as any user in LDAP.

      As a summary, quick instructions to reproduce this:
      0. Have a working Archiva setup ready
      1. Configure security.properties so that Archiva is using LDAP
      2. Delete existing Derby database directory
      3. Start the servlet container and verify LDAP login works
      4. Shutdown servlet container
      5. Start servlet container, Archiva application fails to load

      Correct behaviour would be that that Archiva would just work when configured to use LDAP, with no aforementioned workaround needed.

        Attachments

        1. security.properties
          0.6 kB
          Tuomas Jormola
        2. security.properties
          0.6 kB
          Tuomas Jormola
        3. localhost.2008-11-19.log
          3 kB
          Tuomas Jormola
        4. catalina.2008-11-19.log
          70 kB
          Tuomas Jormola
        5. archiva.log
          1 kB
          Tuomas Jormola

          Activity

            People

            • Assignee:
              brettporter Brett Porter
              Reporter:
              tjormola Tuomas Jormola
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: