Omeka - platform for digital cultural heritage web publishing
-
@nebulon I added the optional dependencies of Omeka S and the dependencies required by the modules listed on the official website.
However, I have this error when I try to push this commit to our repository:
! [remote rejected] master -> master (pre-receive hook declined) error: failed to push some refs to 'https://git.cloudron.io/cloudron/omeka-s-app.git' -
@girish, I'm trying to go ahead with the configuration of Ldap module.
Settings are located at the bottom of
/app/data/config/local.config.phpThe following configuration allows a first authentication from the username however the account created does not retrieve the email address but an address like this
<username>@<ip>.'ldap' => [ 'adapter_options' => [ 'server1' => [ 'host' => getenv('CLOUDRON_LDAP_SERVER'), 'port' => getenv('CLOUDRON_LDAP_PORT'), 'username' => getenv('CLOUDRON_LDAP_BIND_DN'), 'password' => getenv('CLOUDRON_LDAP_BIND_PASSWORD'), 'bindRequiresDn' => true, 'baseDn' => getenv('CLOUDRON_LDAP_USERS_BASE_DN'), 'accountFilterFormat' => '(&(objectClass=user)(username=%s))', 'accountCanonicalForm' => 4, 'accountDomainName' => getenv('CLOUDRON_LDAP_HOST'), ], ], ],With Omeka, it is usual to connect with the mail but the filter
(&(objectClass=user)(mail=%s))does not work.The module documentation is here https://github.com/biblibre/omeka-s-module-Ldap
-
@girish, I'm trying to go ahead with the configuration of Ldap module.
Settings are located at the bottom of
/app/data/config/local.config.phpThe following configuration allows a first authentication from the username however the account created does not retrieve the email address but an address like this
<username>@<ip>.'ldap' => [ 'adapter_options' => [ 'server1' => [ 'host' => getenv('CLOUDRON_LDAP_SERVER'), 'port' => getenv('CLOUDRON_LDAP_PORT'), 'username' => getenv('CLOUDRON_LDAP_BIND_DN'), 'password' => getenv('CLOUDRON_LDAP_BIND_PASSWORD'), 'bindRequiresDn' => true, 'baseDn' => getenv('CLOUDRON_LDAP_USERS_BASE_DN'), 'accountFilterFormat' => '(&(objectClass=user)(username=%s))', 'accountCanonicalForm' => 4, 'accountDomainName' => getenv('CLOUDRON_LDAP_HOST'), ], ], ],With Omeka, it is usual to connect with the mail but the filter
(&(objectClass=user)(mail=%s))does not work.The module documentation is here https://github.com/biblibre/omeka-s-module-Ldap
-
So, after some debugging I found that the LDAP code hits a
LDAP_X_DOMAIN_MISMATCHexception. This is because of theaccountDomainNamelooks like. It expects the email ids to be in the same domain as the one we set there. Removing it, still fails though. -
@girish, I'm trying to go ahead with the configuration of Ldap module.
Settings are located at the bottom of
/app/data/config/local.config.phpThe following configuration allows a first authentication from the username however the account created does not retrieve the email address but an address like this
<username>@<ip>.'ldap' => [ 'adapter_options' => [ 'server1' => [ 'host' => getenv('CLOUDRON_LDAP_SERVER'), 'port' => getenv('CLOUDRON_LDAP_PORT'), 'username' => getenv('CLOUDRON_LDAP_BIND_DN'), 'password' => getenv('CLOUDRON_LDAP_BIND_PASSWORD'), 'bindRequiresDn' => true, 'baseDn' => getenv('CLOUDRON_LDAP_USERS_BASE_DN'), 'accountFilterFormat' => '(&(objectClass=user)(username=%s))', 'accountCanonicalForm' => 4, 'accountDomainName' => getenv('CLOUDRON_LDAP_HOST'), ], ], ],With Omeka, it is usual to connect with the mail but the filter
(&(objectClass=user)(mail=%s))does not work.The module documentation is here https://github.com/biblibre/omeka-s-module-Ldap
this works (login with username and not email):
'ldap' => [ 'adapter_options' => [ 'server1' => [ 'host' => getenv('CLOUDRON_LDAP_SERVER'), 'port' => getenv('CLOUDRON_LDAP_PORT'), 'username' => getenv('CLOUDRON_LDAP_BIND_DN'), 'password' => getenv('CLOUDRON_LDAP_BIND_PASSWORD'), 'bindRequiresDn' => true, 'baseDn' => getenv('CLOUDRON_LDAP_USERS_BASE_DN'), 'accountFilterFormat' => '(&(objectclass=user)(username=%s))', 'accountCanonicalForm' => 1, // 'accountDomainName' => getenv('CLOUDRON_LDAP_HOST'), ], ], ], -
@girish, I'm trying to go ahead with the configuration of Ldap module.
Settings are located at the bottom of
/app/data/config/local.config.phpThe following configuration allows a first authentication from the username however the account created does not retrieve the email address but an address like this
<username>@<ip>.'ldap' => [ 'adapter_options' => [ 'server1' => [ 'host' => getenv('CLOUDRON_LDAP_SERVER'), 'port' => getenv('CLOUDRON_LDAP_PORT'), 'username' => getenv('CLOUDRON_LDAP_BIND_DN'), 'password' => getenv('CLOUDRON_LDAP_BIND_PASSWORD'), 'bindRequiresDn' => true, 'baseDn' => getenv('CLOUDRON_LDAP_USERS_BASE_DN'), 'accountFilterFormat' => '(&(objectClass=user)(username=%s))', 'accountCanonicalForm' => 4, 'accountDomainName' => getenv('CLOUDRON_LDAP_HOST'), ], ], ],With Omeka, it is usual to connect with the mail but the filter
(&(objectClass=user)(mail=%s))does not work.The module documentation is here https://github.com/biblibre/omeka-s-module-Ldap
-
@jeau it seems the email and displayname fields are simply filled with the DN like
cn=uid-fc561e94-2711-4411-83cd-4d9a7ffe57d4,ou=users,dc=cloudron. I guess we need to ask the module-ldap author on how we can get this properly read in from LDAP.@girish yes, I asked Julian from Biblibre who who develops this module. He talk me that the current released (0.3.0) of Ldap module I used does not allow to configure the LDAP attributes to retrieve the name and email. I tried from source, it's works partially, I retreive the user mail address but I can sign in only with username, not mail.
-
@jeau said in Omeka - platform for digital cultural heritage web publishing:
I can sign in only with username
That is no problem at all as app like Wordpress and Nextcloud also uses usernames as login.
-
@jeau said in Omeka - platform for digital cultural heritage web publishing:
I can sign in only with username
That is no problem at all as app like Wordpress and Nextcloud also uses usernames as login.
-
@imc67 you're right, it's works with the Ldap module, but usually Omeka S users use their email address and in their profile there's no username.
-
@girish said in Omeka - platform for digital cultural heritage web publishing:
@jeau atleast the login form of omeka s says "email or username".
Indeed and for me it’s ok. And for the time being as “Unstable” in the AppStore it might be possible to use username as Account name?
-
@girish said in Omeka - platform for digital cultural heritage web publishing:
@jeau atleast the login form of omeka s says "email or username".
Indeed and for me it’s ok. And for the time being as “Unstable” in the AppStore it might be possible to use username as Account name?
-
-
@girish I installed some components required for official modules and made some settings and tests. I think we can provide this application as "unstable" in the store. I hope I haven't forgotten anything important.
-
@jeau this is great! I've just ran the tests and we are looking good.
I will update the manifest to add things like mediaLinks and such for the appstore and then push it out as unstable later today.Thanks a lot for the work
@nebulon thank's
About tests. Is there a way to test the ldap connection? For my tests, I could connect with my initial administrator, activate and configure the Ldap module but then how to verify? I can't seriously give a Cloudron login and password inside my test code and repo.
I will report this issue.