[Dspace-tech] Problem with DSpace-1.5.2 on Ubuntu linux
49 views
Skip to first unread message
Wynne, David
Aug 25, 2015, 1:07:56 PM8/25/15
to dspac...@lists.sourceforge.net
Read all the FAQ's &
documentation I can find. Googled the error, but I can't find a solution so I'd
appreciate any help.
I've recently installed
DSpace. Build & install went without a single error.
I then copied the jspui
directory to where Tomcat 6 is looking:
/var/lib/tomcat6/webapps
Stopped & restarted
Tomcat6, but the following error is in
localhost.2009-10-07.log:
DSpace has failed to
initialize, during stage 2. Error while attempting to read
the
DSpace configuration file (Path: '/usr/local/dspace-1.5.2/config/dspace.cfg').
This has likely occurred because either the file does not exist, or it's permiss
ions
are set incorrectly, or the path to the configuration file is incorrect. The pat
h to
the DSpace configuration file is stored in a context variable, 'dspace-config',
in
either the local servlet or global context.
the
DSpace configuration file (Path: '/usr/local/dspace-1.5.2/config/dspace.cfg').
This has likely occurred because either the file does not exist, or it's permiss
ions
are set incorrectly, or the path to the configuration file is incorrect. The pat
h to
the DSpace configuration file is stored in a context variable, 'dspace-config',
in
either the local servlet or global context.
The file is
there:
-rw-r--r-- 1 tomcat6
tomcat6 68726 2009-10-06 17:19
/usr/local/dspace-1.5.2/config/dspace.cfg
Checked the web.xml in
the jspui/WEB-INF to make sure there wasn't any hidden chars ( like ^M that can
happen with PC files ).
Thanks
Dave Wynne
Senior Technical Officer
School of
Computing and Maths
Liverpool John Moores University
Byrom
Street
Liverpool L2 2AF
E-Mail:
D.W...@ljmu.ac.uk
Tel:0151-231-2108
Stuart Lewis
Aug 25, 2015, 1:08:03 PM8/25/15
to Wynne, David, dspac...@lists.sourceforge.net
Hi David,
I've recently installed DSpace. Build & install went without a single error.
Excellent - that is often the trickiest bit.
I then copied the jspui directory to where Tomcat 6 is looking:/var/lib/tomcat6/webappsStopped & restarted Tomcat6, but the following error is in localhost.2009-10-07.log:DSpace has failed to initialize, during stage 2. Error while attempting to read
the
DSpace configuration file (Path: '/usr/local/dspace-1.5.2/config/dspace.cfg').
The file is there:-rw-r--r-- 1 tomcat6 tomcat6 68726 2009-10-06 17:19 /usr/local/dspace-1.5.2/config/dspace.cfg
Tomcat has a security manager which is often configured to be pretty restrictive in terms of allowing applications to open files outside of the tomcat installation folders.
The easiest solution (if this is what is causing the problem) is to edit /etc/default/tomcat6 and addor edit the line about TOMCAT6_SECURITY and set it to equal to 'no':
TOMCAT6_SECURITY = no
Alternatively you could edit the catalina policy file to only provide read and write access to the relevant files, but unless you are hosting other applications iwth security considerations on the same server, turning security off should be fine.
I hope this helps,
Stuart Lewis
IT Innovations Analyst and Developer
Te Tumu Herenga The University of Auckland Library
Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand
Ph: 64 9 373-7599 x81928
http://www.library.auckland.ac.nz/
IT Innovations Analyst and Developer
Te Tumu Herenga The University of Auckland Library
Auckland Mail Centre, Private Bag 92019, Auckland 1142, New Zealand
Ph: 64 9 373-7599 x81928
http://www.library.auckland.ac.nz/
Wynne, David
Aug 25, 2015, 1:08:10 PM8/25/15
to Stuart Lewis, dspac...@lists.sourceforge.net
Stuart,
many thanks, that worked like a charm. Never would
have figured that out. Not really used Tomcat before.
Dave
From: Stuart Lewis [mailto:s.l...@auckland.ac.nz]
Sent: 07 October 2009 21:00
To: Wynne, David
Cc: dspac...@lists.sourceforge.net
Subject: Re: [Dspace-tech] Problem with DSpace-1.5.2 on Ubuntu linux
Wynne, David
Aug 25, 2015, 1:08:56 PM8/25/15
to dspac...@lists.sourceforge.net
I've configured & tested openldap on my
ubuntu system & ldapsearch all works as expected.
The problem is that our Active Directory has a
rather unusual setup. Basically the person "object" has a CN
of
CN=David Wynne
xxxxxxxxxxx
where xxxxxxxxxx is the
number on my id card. I've seen a couple of posts about DSpace & AD where:
ldap.id_field =
sAMAccountName
ldap.id_field = CN
ldap.id_field = CN
But using JExplorer if
I do a search on:
sAMAccountName=username,.ou=People, dc=jmu. dc=ac.
dc=uk
or
CN=username,.ou=People, dc=jmu. dc=ac. dc=uk
or
CN=username,.ou=People, dc=jmu. dc=ac. dc=uk
I dont get any results,
but if I do a search on:
ou=People, dc=jmu.
dc=ac. dc=uk
with a filter of
:
sAMAccountName=username
I get the right person
object.
In terms of the
dspace.cfg file can this be done ? Or do I need to patch the DSpace java files
?
At the moment in ther
dspace.log file:
2009-10-15 13:27:53,489
INFO org.dspace.authenticate.LDAPHierarchicalAuthentica
tion @ anonymous:session_id=116B1778D9539B1DDC5B49BF0820463B:ip_addr=150.204.48.
5:auth:attempting trivial auth of user=cmsdwynn
2009-10-15 13:27:53,493 WARN org.dspace.app.webui.servlet.InternalErrorServlet
@ :session_id=116B1778D9539B1DDC5B49BF0820463B:internal_error:-- URL Was: http:/
/dspace.cms.livjm.ac.uk:8080/jspui/password-login
-- Method: POST
-- Parameters were:
-- login_email: "cmsdwynn"
-- login_password: *not logged*
-- login_submit: "Log In"
tion @ anonymous:session_id=116B1778D9539B1DDC5B49BF0820463B:ip_addr=150.204.48.
5:auth:attempting trivial auth of user=cmsdwynn
2009-10-15 13:27:53,493 WARN org.dspace.app.webui.servlet.InternalErrorServlet
@ :session_id=116B1778D9539B1DDC5B49BF0820463B:internal_error:-- URL Was: http:/
/dspace.cms.livjm.ac.uk:8080/jspui/password-login
-- Method: POST
-- Parameters were:
-- login_email: "cmsdwynn"
-- login_password: *not logged*
-- login_submit: "Log In"
java.lang.NullPointerException
I'm guessing that the
NullPointer is because the person "object" is NULL.
Many Thanks
Stuart Lewis
Aug 25, 2015, 1:08:58 PM8/25/15
to Wynne, David, dspac...@lists.sourceforge.net
Hi David,
I've configured & tested openldap on my ubuntu system & ldapsearch all works as expected.The problem is that our Active Directory has a rather unusual setup.
At the moment in ther dspace.log file:2009-10-15 13:27:53,489 INFO org.dspace.authenticate.LDAPHierarchicalAuthentica
tion @ anonymous:session_id=116B1778D9539B1DDC5B49BF0820463B:ip_addr=150.204.48.
5:auth:attempting trivial auth of user=cmsdwynn
2009-10-15 13:27:53,493 WARN org.dspace.app.webui.servlet.InternalErrorServlet
@ :session_id=116B1778D9539B1DDC5B49BF0820463B:internal_error:-- URL Was: http:/
/dspace.cms.livjm.ac.uk:8080/jspui/password-login
-- Method: POST
-- Parameters were:
-- login_email: "cmsdwynn"
-- login_password: *not logged*
-- login_submit: "Log In"java.lang.NullPointerException
Is there any further information directly after "java.lang.NullPointerException"? Typically the stack trace will contain line numbers that will tell us where in the code the error is occurring which will allow us to debug the problem.
Thanks,
Wynne, David
Aug 25, 2015, 1:09:00 PM8/25/15
to Stuart Lewis, dspac...@lists.sourceforge.net
Stuart,
full listing is:
java.lang.NullPointerException
at org.dspace.authenticate.LDAPHierarchicalAuthentication$SpeakerToLDAP.
getDNOfUser(LDAPHierarchicalAuthentication.java:383)
at org.dspace.authenticate.LDAPHierarchicalAuthentication.authenticate(L
DAPHierarchicalAuthentication.java:214)
at org.dspace.authenticate.AuthenticationManager.authenticateInternal(Au
thenticationManager.java:199)
at org.dspace.authenticate.AuthenticationManager.authenticate(Authentica
tionManager.java:136)
at org.dspace.app.webui.servlet.PasswordServlet.doDSPost(PasswordServlet
.java:95)
at org.dspace.app.webui.servlet.DSpaceServlet.processRequest(DSpaceServl
et.java:147)
at org.dspace.app.webui.servlet.DSpaceServlet.doPost(DSpaceServlet.java:
105)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:286)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
:845)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce
ss(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:44
7)
at java.lang.Thread.run(Thread.java:636)
at org.dspace.authenticate.LDAPHierarchicalAuthentication$SpeakerToLDAP.
getDNOfUser(LDAPHierarchicalAuthentication.java:383)
at org.dspace.authenticate.LDAPHierarchicalAuthentication.authenticate(L
DAPHierarchicalAuthentication.java:214)
at org.dspace.authenticate.AuthenticationManager.authenticateInternal(Au
thenticationManager.java:199)
at org.dspace.authenticate.AuthenticationManager.authenticate(Authentica
tionManager.java:136)
at org.dspace.app.webui.servlet.PasswordServlet.doDSPost(PasswordServlet
.java:95)
at org.dspace.app.webui.servlet.DSpaceServlet.processRequest(DSpaceServl
et.java:147)
at org.dspace.app.webui.servlet.DSpaceServlet.doPost(DSpaceServlet.java:
105)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:233)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:191)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:128)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:102)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:286)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
:845)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.proce
ss(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:44
7)
at java.lang.Thread.run(Thread.java:636)
Dave
From: Stuart Lewis [mailto:s.l...@auckland.ac.nz]
Sent: 15 October 2009 15:04
Subject: Re: [Dspace-tech] DSpace & Active Directory
Wynne, David
Aug 25, 2015, 1:09:00 PM8/25/15
to Stuart Lewis, dspac...@lists.sourceforge.net
Stuart,
sorry
just read your blog about adding a trailing / to the ldap://jmu.ac.uk:389
seems to work now, No need to trace
it.
Dave
Wynne, David
Aug 25, 2015, 1:09:10 PM8/25/15
to dspac...@lists.sourceforge.net
Apologies for posting ag a in so quickly.
I've now got DSpace working with LDAP (
Active Direstory
)
But the login page just uses HTTP, which I
am concerned about as my main Uni password will be passed
unencrypted.
1. I enabled HTTPS in th e tomcat server.xml
file.
2. I generated a certificate using
keytool
3. I now have HTTPS enabled in Tomcat 6 on
Port 8443
My questyion is how to force the login
page to use:
Not bothered about the whole of DSpace
using HTTPS just the login.
Tried:
xmlui.force.ssl = true
In dspace.cfg, but that doesn't do
it.
Also since setting LDAP to work I can't get the local administrator username / password that I setup when I initially setup DSpace ( D.S.W...@ljmu.ac.uk ).
2009-10-16 14:43:20,855 INFO
org.dspace.authenticate.LDAPHierarchicalAuthentication @
anonymous:session_id=E841C1A380011133295B5204F4A74449:ip_addr=150.204.48.5:auth:attempting
trivial auth of user=D.S.W...@ljmu.ac.uk
2009-10-16 14:43:20,936 INFO org.dspace.authenticate.LDAPHierarchicalAuthentication @ anonymous:session_id=E841C1A380011133295B5204F4A74449:ip_addr=150.204.48.5:failed_login:no DN found for user D.S.W...@ljmu.ac.uk
2009-10-16 14:43:20,936 INFO org.dspace.app.webui.servlet.LDAPServlet @ anonymous:session_id=E841C1A380011133295B5204F4A74449:ip_addr=150.204.48.5:failed_login:netid=D.S.W...@ljmu.ac.uk, result=2
2009-10-16 14:43:20,936 INFO org.dspace.authenticate.LDAPHierarchicalAuthentication @ anonymous:session_id=E841C1A380011133295B5204F4A74449:ip_addr=150.204.48.5:failed_login:no DN found for user D.S.W...@ljmu.ac.uk
2009-10-16 14:43:20,936 INFO org.dspace.app.webui.servlet.LDAPServlet @ anonymous:session_id=E841C1A380011133295B5204F4A74449:ip_addr=150.204.48.5:failed_login:netid=D.S.W...@ljmu.ac.uk, result=2
I read about the Stackable Authenication in dspace.cfg & I've got
both:
plugin.sequence.org.dspace.authenticate.AuthenticationMethod =
\
org.dspace.authenticate.PasswordAuthentication
org.dspace.authenticate.PasswordAuthentication
plugin.sequence.org.dspace.authenticate.AuthenticationMethod =
\
org.dspace.authenticate.LDAPHierarchicalAuthentication
org.dspace.authenticate.LDAPHierarchicalAuthentication
But is doesn't seem to use the first one which I believe is for "local" accounts.
Graham Triggs
Aug 25, 2015, 1:09:14 PM8/25/15
to Wynne, David, dspac...@lists.sourceforge.net
I've not tried doing this, but after looking around, I would attempt the following as a non-invasive way of making this work.
http://www.coderanch.com/t/413965/Servlets/java/Force-URL-redirect-from-http
Create a security constraint in your web.xml, that will force certain URLs to use a secure transport.
<security-constraint>
<web-resource-collection>
<web-resource-name>SSL Pages</web-resource-name>
<url-pattern>/ldap-login*</url-pattern>
<http-method>GET</http-method>
<http-method>PUT</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
If this doesn't work, the next best option would be to write a servlet filter that checks for secure transport, and redirects if it isn't - then map it to the login pages in the web.xml.
Graham Triggs
Technical Architect
Open Repository
http://www.openrepository.com/
Reply all
Reply to author
Forward
0 new messages