1 Reply Latest reply: Mar 22, 2013 11:39 AM by shwa999 RSS

    ldap auth for db app working, same config for websheet not working

    shwa999
      Hi forum-

      I'm running the following:

      Apex version 4.2.1
      Listener version 2.0.1
      RDBMS version 11.2.0.3
      RHEL Linux version 2.6.18-238.5.1.el5

      We've been using apex for quite a while (version 3.something) and have been successfully authenticating application logins w/ our corporate LDAP service. I've recently installed the latest version of apex and have been exploring the websheet application (very cool). Using parameters similar to our 3.0 installation, I was able to create a test database application and was able to successfully authenticate w/ our ldap service. Using the same settings (listed below) I'm NOT able to successfully authenticate a websheet login. Here are the (sanitized) settings for the database application:

      host: ldap.company.com
      port: 389
      use ssl: no sll
      distinguished name string: CN=%LDAP_USER%,OU=All Users,DC=ad,DC=company,DC=com
      use exact distinguished name: yes
      ldap username edit function: return ldap_validate (p_username => :USERNAME);
      username escaping: standard

      and the settings for the websheet application:

      logout url: ws?p=102:home (default)
      ldap host: ldap.company.com
      ldap port: 389
      use ssl: no sll
      use exact distinguished name: yes
      ldap string: CN=%LDAP_USER%,OU=All Users,DC=ad,DC=company,DC=com
      ldap username edit function: return ldap_validate (p_username => :USERNAME);
      ldap username escaping: standard
      cookie name:
      cookie path:
      cookie domain:
      secure: no

      Additional info

      - the ldap username edit function (ldap_validate) take a login ID and returns the ldap-friendly version via an ldap search

      Questions:

      1) is there any additional configuration that is necessary for a websheet to use ldap authentication (acls, for example)?
      2) is there any useful logging where i determine why the login is failing?
      3) has anyone gotten this working and can share their config with me?

      Many thanks-
      -josh