LDAPAuthentication: Error when trying to login in with an user that has no user on the database yet
46 views
Skip to first unread message
Guilherme Iepsen
May 5, 2026, 5:08:31 PM (13 days ago) May 5
to DSpace Technical Support
The login with users that are already on the database works normally:
################ LOG ###############
2026-05-05 17:41:48,750 INFO unknown unknown org.dspace.authenticate.LDAPAuthentication @ anonymous::auth:attempting trivial auth of user=00240997
2026-05-05 17:41:49,649 INFO unknown unknown org.dspace.eperson.EPersonServiceImpl @ sarakl...@gmail.com::update_eperson:eperson_id=209cc081-7986-484e-976a-e7a1744ee0dd
2026-05-05 17:41:49,650 INFO unknown unknown org.dspace.authenticate.LDAPAuthentication @ sarakl...@gmail.com::authenticate:type=ldap
2026-05-05 17:41:49,650 INFO unknown unknown org.dspace.eperson.EPersonServiceImpl @ sarakl...@gmail.com::update_eperson:eperson_id=209cc081-7986-484e-976a-e7a1744ee0dd
2026-05-05 17:41:49,651 INFO unknown unknown org.dspace.app.rest.security.EPersonRestAuthenticationProvider @ sarakl...@gmail.com::login:type=explicit
2026-05-05 17:41:51,315 WARN unknown unknown org.dspace.discovery.SolrServiceImpl @ We have a collection or community admin with ID: 209cc081-7986-484e-976a-e7a1744ee0dd without any administrable collection or community!
2026-05-05 17:41:51,478 WARN unknown unknown org.dspace.discovery.SolrServiceImpl @ We have a collection or community admin with ID: 209cc081-7986-484e-976a-e7a1744ee0dd without any administrable collection or community!
2026-05-05 17:41:51,931 INFO unknown unknown org.dspace.eperson.EPersonServiceImpl @ sarakl...@gmail.com::update_eperson:eperson_id=209cc081-7986-484e-976a-e7a1744ee0dd
2026-05-05 17:41:52,579 WARN unknown unknown org.dspace.discovery.SolrServiceImpl @ We have a collection or community admin with ID: 209cc081-7986-484e-976a-e7a1744ee0dd without any administrable collection or community!
2026-05-05 17:41:52,643 WARN unknown unknown org.dspace.discovery.SolrServiceImpl @ We have a collection or community admin with ID: 209cc081-7986-484e-976a-e7a1744ee0dd without any administrable collection or community!
2026-05-05 17:41:52,667 INFO 6266e056-de8f-4f1c-b656-4adac9802432 140b58da-620b-4e2e-a3c8-56068f7b6ca1 org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request [GET /server/api/authn/status] originated from /home
################ END OF LOG ###############
################ LOG ###############
2026-05-05 17:45:59,384 INFO unknown unknown org.dspace.authenticate.LDAPAuthentication @ anonymous::auth:attempting trivial auth of user=00303779
2026-05-05 17:45:59,399 INFO unknown unknown org.dspace.authenticate.LDAPAuthentication @ anonymous::autoregister:netid=00303779
2026-05-05 17:45:59,400 WARN unknown unknown org.dspace.authenticate.LDAPAuthentication @ anonymous::autoregister:Unable to locate email address for account '00303779', so it has been set to '00303779'. Please check the LDAP 'email_field' OR consider configuring 'netid_email_domain'.
2026-05-05 17:46:01,447 INFO unknown unknown org.dspace.eperson.EPersonServiceImpl @ anonymous::create_eperson:eperson_id=6254fbaa-3f6b-41ad-b694-811aa8d3404a
2026-05-05 17:46:01,454 INFO unknown unknown org.dspace.eperson.EPersonServiceImpl @ anonymous::update_eperson:eperson_id=6254fbaa-3f6b-41ad-b694-811aa8d3404a
2026-05-05 17:46:01,735 INFO unknown unknown org.dspace.authenticate.LDAPAuthentication @ null::authenticate:type=ldap-login, created ePerson
2026-05-05 17:46:01,737 WARN unknown unknown org.dspace.core.Context @ null::restore_auth_sys_state:not previous state info available\colon; null
2026-05-05 17:46:01,738 INFO unknown unknown org.dspace.eperson.EPersonServiceImpl @ null::update_eperson:eperson_id=6254fbaa-3f6b-41ad-b694-811aa8d3404a
2026-05-05 17:46:01,738 INFO unknown unknown org.dspace.app.rest.security.EPersonRestAuthenticationProvider @ null::login:type=explicit
2026-05-05 17:46:01,738 INFO unknown unknown org.dspace.app.rest.security.EPersonRestAuthenticationProvider @ null::failed_login:No eperson with a non-blank e-mail address found
2026-05-05 17:46:01,740 ERROR unknown unknown org.dspace.app.rest.security.StatelessLoginFilter @ Authentication failed (status:401)
org.springframework.security.authentication.BadCredentialsException: Login failed
at org.dspace.app.rest.security.EPersonRestAuthenticationProvider.createAuthentication(EPersonRestAuthenticationProvider.java:173) ~[dspace-server-webapp-8.2.jar:8.2]
at org.dspace.app.rest.security.EPersonRestAuthenticationProvider.authenticateNewLogin(EPersonRestAuthenticationProvider.java:133) ~[dspace-server-webapp-8.2.jar:8.2]
at org.dspace.app.rest.security.EPersonRestAuthenticationProvider.authenticate(EPersonRestAuthenticationProvider.java:88) ~[dspace-server-webapp-8.2.jar:8.2]
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182) ~[spring-security-core-6.5.1.jar:6.5.1]
at org.dspace.app.rest.security.StatelessLoginFilter.attemptAuthentication(StatelessLoginFilter.java:85) ~[dspace-server-webapp-8.2.jar:8.2]
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:239) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:229) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.dspace.app.rest.security.StatelessAuthenticationFilter.doFilterInternal(StatelessAuthenticationFilter.java:105) ~[dspace-server-webapp-8.2.jar:8.2]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.2.8.jar:6.2.8]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:134) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.2.8.jar:6.2.8]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:91) ~[spring-web-6.2.8.jar:6.2.8]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.2.8.jar:6.2.8]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.2.8.jar:6.2.8]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:82) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69) ~[spring-security-web-6.5.1.jar:6.5.1]
################ END OF LOG ###############
################ LOG ###############
2026-05-05 17:41:48,750 INFO unknown unknown org.dspace.authenticate.LDAPAuthentication @ anonymous::auth:attempting trivial auth of user=00240997
2026-05-05 17:41:49,649 INFO unknown unknown org.dspace.eperson.EPersonServiceImpl @ sarakl...@gmail.com::update_eperson:eperson_id=209cc081-7986-484e-976a-e7a1744ee0dd
2026-05-05 17:41:49,650 INFO unknown unknown org.dspace.authenticate.LDAPAuthentication @ sarakl...@gmail.com::authenticate:type=ldap
2026-05-05 17:41:49,650 INFO unknown unknown org.dspace.eperson.EPersonServiceImpl @ sarakl...@gmail.com::update_eperson:eperson_id=209cc081-7986-484e-976a-e7a1744ee0dd
2026-05-05 17:41:49,651 INFO unknown unknown org.dspace.app.rest.security.EPersonRestAuthenticationProvider @ sarakl...@gmail.com::login:type=explicit
2026-05-05 17:41:51,315 WARN unknown unknown org.dspace.discovery.SolrServiceImpl @ We have a collection or community admin with ID: 209cc081-7986-484e-976a-e7a1744ee0dd without any administrable collection or community!
2026-05-05 17:41:51,478 WARN unknown unknown org.dspace.discovery.SolrServiceImpl @ We have a collection or community admin with ID: 209cc081-7986-484e-976a-e7a1744ee0dd without any administrable collection or community!
2026-05-05 17:41:51,931 INFO unknown unknown org.dspace.eperson.EPersonServiceImpl @ sarakl...@gmail.com::update_eperson:eperson_id=209cc081-7986-484e-976a-e7a1744ee0dd
2026-05-05 17:41:52,579 WARN unknown unknown org.dspace.discovery.SolrServiceImpl @ We have a collection or community admin with ID: 209cc081-7986-484e-976a-e7a1744ee0dd without any administrable collection or community!
2026-05-05 17:41:52,643 WARN unknown unknown org.dspace.discovery.SolrServiceImpl @ We have a collection or community admin with ID: 209cc081-7986-484e-976a-e7a1744ee0dd without any administrable collection or community!
2026-05-05 17:41:52,667 INFO 6266e056-de8f-4f1c-b656-4adac9802432 140b58da-620b-4e2e-a3c8-56068f7b6ca1 org.dspace.app.rest.utils.DSpaceAPIRequestLoggingFilter @ Before request [GET /server/api/authn/status] originated from /home
################ END OF LOG ###############
But when trying to log in with a user that has never been created, it seems like it's not possible to retrieve the user email via LDAP:
################ LOG ###############
2026-05-05 17:45:59,384 INFO unknown unknown org.dspace.authenticate.LDAPAuthentication @ anonymous::auth:attempting trivial auth of user=00303779
2026-05-05 17:45:59,399 INFO unknown unknown org.dspace.authenticate.LDAPAuthentication @ anonymous::autoregister:netid=00303779
2026-05-05 17:45:59,400 WARN unknown unknown org.dspace.authenticate.LDAPAuthentication @ anonymous::autoregister:Unable to locate email address for account '00303779', so it has been set to '00303779'. Please check the LDAP 'email_field' OR consider configuring 'netid_email_domain'.
2026-05-05 17:46:01,447 INFO unknown unknown org.dspace.eperson.EPersonServiceImpl @ anonymous::create_eperson:eperson_id=6254fbaa-3f6b-41ad-b694-811aa8d3404a
2026-05-05 17:46:01,454 INFO unknown unknown org.dspace.eperson.EPersonServiceImpl @ anonymous::update_eperson:eperson_id=6254fbaa-3f6b-41ad-b694-811aa8d3404a
2026-05-05 17:46:01,735 INFO unknown unknown org.dspace.authenticate.LDAPAuthentication @ null::authenticate:type=ldap-login, created ePerson
2026-05-05 17:46:01,737 WARN unknown unknown org.dspace.core.Context @ null::restore_auth_sys_state:not previous state info available\colon; null
2026-05-05 17:46:01,738 INFO unknown unknown org.dspace.eperson.EPersonServiceImpl @ null::update_eperson:eperson_id=6254fbaa-3f6b-41ad-b694-811aa8d3404a
2026-05-05 17:46:01,738 INFO unknown unknown org.dspace.app.rest.security.EPersonRestAuthenticationProvider @ null::login:type=explicit
2026-05-05 17:46:01,738 INFO unknown unknown org.dspace.app.rest.security.EPersonRestAuthenticationProvider @ null::failed_login:No eperson with a non-blank e-mail address found
2026-05-05 17:46:01,740 ERROR unknown unknown org.dspace.app.rest.security.StatelessLoginFilter @ Authentication failed (status:401)
org.springframework.security.authentication.BadCredentialsException: Login failed
at org.dspace.app.rest.security.EPersonRestAuthenticationProvider.createAuthentication(EPersonRestAuthenticationProvider.java:173) ~[dspace-server-webapp-8.2.jar:8.2]
at org.dspace.app.rest.security.EPersonRestAuthenticationProvider.authenticateNewLogin(EPersonRestAuthenticationProvider.java:133) ~[dspace-server-webapp-8.2.jar:8.2]
at org.dspace.app.rest.security.EPersonRestAuthenticationProvider.authenticate(EPersonRestAuthenticationProvider.java:88) ~[dspace-server-webapp-8.2.jar:8.2]
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:182) ~[spring-security-core-6.5.1.jar:6.5.1]
at org.dspace.app.rest.security.StatelessLoginFilter.attemptAuthentication(StatelessLoginFilter.java:85) ~[dspace-server-webapp-8.2.jar:8.2]
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:239) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:229) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.dspace.app.rest.security.StatelessAuthenticationFilter.doFilterInternal(StatelessAuthenticationFilter.java:105) ~[dspace-server-webapp-8.2.jar:8.2]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.2.8.jar:6.2.8]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:134) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.2.8.jar:6.2.8]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:91) ~[spring-web-6.2.8.jar:6.2.8]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.2.8.jar:6.2.8]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:116) ~[spring-web-6.2.8.jar:6.2.8]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.ObservationFilterChainDecorator$VirtualFilterChain.doFilter(ObservationFilterChainDecorator.java:137) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:82) ~[spring-security-web-6.5.1.jar:6.5.1]
at org.springframework.security.web.context.SecurityContextHolderFilter.doFilter(SecurityContextHolderFilter.java:69) ~[spring-security-web-6.5.1.jar:6.5.1]
################ END OF LOG ###############
Michael Plate
May 6, 2026, 4:49:54 AM (12 days ago) May 6
to dspac...@googlegroups.com
Hi,
Am 05.05.26 um 22:51 schrieb Guilherme Iepsen:
[…]
could you try "ldapsearch" (might to be installed first) ? You will find
the params usually in [dspace]/config/modules/authentication-ldap.cfg .
ldapsearch -H <authentication-ldap.provider_url> -b
<authentication-ldap.search_context> -D
<authentication-ldap.search.user> -W -x "cn=<userid>"
You need the password from <authentication-ldap.search.password> for
that. If this is an MS Active Directory, the attributes have different
names (mostly "cn" is "samaccountname").
You should get a bunch of info about the user specified in "cn=<userid>"
, mostly one or multiple "mail" attributes. The wanted one should be a
single attribute called "userPreferredEmail" (or "USERPREFERREDEMAIL",
its case insensitive).
Hope it helps,
Michael
Am 05.05.26 um 22:51 schrieb Guilherme Iepsen:
[…]
could you try "ldapsearch" (might to be installed first) ? You will find
the params usually in [dspace]/config/modules/authentication-ldap.cfg .
ldapsearch -H <authentication-ldap.provider_url> -b
<authentication-ldap.search_context> -D
<authentication-ldap.search.user> -W -x "cn=<userid>"
You need the password from <authentication-ldap.search.password> for
that. If this is an MS Active Directory, the attributes have different
names (mostly "cn" is "samaccountname").
You should get a bunch of info about the user specified in "cn=<userid>"
, mostly one or multiple "mail" attributes. The wanted one should be a
single attribute called "userPreferredEmail" (or "USERPREFERREDEMAIL",
its case insensitive).
Hope it helps,
Michael
Guilherme Iepsen
May 6, 2026, 4:42:12 PM (12 days ago) May 6
to DSpace Technical Support
Hi Michael,
The ldapsearch is working fine with any user.
I can retrieve the "mail" attribute perfectly using ldapsearch. But it seems that's not possible through DSpace.
I forgot to mention that I'm working on the migration of an application from DSpace 5 to DSpace 8.2.
The LDAP authentication works with no problem at the application running on DSpace 5.
Here's the authentication-ldap.cfg file configs (the ones I've set)
authentication-ldap.enable = true
authentication-ldap.autoregister = true
authentication-ldap.provider_url = ldap://xxxxxxxx
authentication-ldap.id_field = uid
authentication-ldap.object_context = ou=people\,dc=ufrgs\,dc=br
authentication-ldap.search_context = ou=people\,dc=ufrgs\,dc=br
authentication-ldap.email_field = mail
authentication-ldap.surname_field = ufrgsRestoNome
authentication-ldap.givenname_field = ufrgsPrimeiroNome
authentication-ldap.login.specialgroup = UFRGS
authentication-ldap.search.user = xxxxxxx
authentication-ldap.search.password = xxxxxxx
The ldapsearch is working fine with any user.
I can retrieve the "mail" attribute perfectly using ldapsearch. But it seems that's not possible through DSpace.
I forgot to mention that I'm working on the migration of an application from DSpace 5 to DSpace 8.2.
The LDAP authentication works with no problem at the application running on DSpace 5.
Here's the authentication-ldap.cfg file configs (the ones I've set)
authentication-ldap.enable = true
authentication-ldap.autoregister = true
authentication-ldap.provider_url = ldap://xxxxxxxx
authentication-ldap.id_field = uid
authentication-ldap.object_context = ou=people\,dc=ufrgs\,dc=br
authentication-ldap.search_context = ou=people\,dc=ufrgs\,dc=br
authentication-ldap.email_field = mail
authentication-ldap.surname_field = ufrgsRestoNome
authentication-ldap.givenname_field = ufrgsPrimeiroNome
authentication-ldap.login.specialgroup = UFRGS
authentication-ldap.search.user = xxxxxxx
authentication-ldap.search.password = xxxxxxx
Michael Plate
May 8, 2026, 12:55:43 PM (10 days ago) May 8
to dspac...@googlegroups.com
Hi Guilherme,
I'm out of imagination on that.
Am 06.05.26 um 22:42 schrieb Guilherme Iepsen:
have a bunch of that, so we use userPreferredEmail instead.
Another possibility is to switch to debug mode in config/log4j2.xml and
try the logs, but this is painful.
Michael
I'm out of imagination on that.
Am 06.05.26 um 22:42 schrieb Guilherme Iepsen:
> Hi Michael,
>
> The ldapsearch is working fine with any user.
> I can retrieve the "mail" attribute perfectly using ldapsearch. But it
> seems that's not possible through DSpace.
are there multiple "mail" attributes - maybe this is a problem ? E.g., I
>
> The ldapsearch is working fine with any user.
> I can retrieve the "mail" attribute perfectly using ldapsearch. But it
> seems that's not possible through DSpace.
have a bunch of that, so we use userPreferredEmail instead.
Another possibility is to switch to debug mode in config/log4j2.xml and
try the logs, but this is painful.
Michael
Guilherme Iepsen
May 12, 2026, 2:06:17 PM (6 days ago) May 12
to DSpace Technical Support
Problem solved:
It was way simpler than I thought:
It was way simpler than I thought:
In the authentication-ldap.cfg file, the authentication-ldap.search.user was set to:
authentication-ldap.search.user = cn=Leitor2\,dc=ufrgs\,dc=br
But the correct user was:
authentication-ldap.search.user = uid=Leitor2\,dc=ufrgs\,dc=br
As soon as we changed this, DSpace was able to set the EPerson email correctly and everything got back to normal.
Thanks for trying to help, Michael.
authentication-ldap.search.user = cn=Leitor2\,dc=ufrgs\,dc=br
But the correct user was:
authentication-ldap.search.user = uid=Leitor2\,dc=ufrgs\,dc=br
As soon as we changed this, DSpace was able to set the EPerson email correctly and everything got back to normal.
Thanks for trying to help, Michael.
Reply all
Reply to author
Forward
0 new messages