Troubleshooting AREA LDAP plug-in issues

The AR System External Authentication (AREA) LDAP plug-in enables you to authenticate AR System users against external LDAP directory services. The AREA LDAP plug-in implements the AREA LDAP Configuration form.

Related topic

Enabling-plug-ins

Plug-in type

AREA LDAP is a Java-based plug-in.

AR System server connectivity

AR System server interacts with the AREA LDAP plug-in when an event occurs on the AREA LDAP Configuration form. This plug-in (arealdappluginVerNum.jar) is installedP in the <ARInstallationFolder>\pluginsvr directory ( — VerNum represents the release version number).

Configuration information

The configuration information of the AREA LDAP plug-in is available in the AR System Administration: Plugin Server Configuration form.

AREA LDAP plug-in.png

The AR System Administration: AR System Configuration Generic UI form includes the Server-Plugin-Alias setting that points to the correct plug-in server alias as follows:
Server-Plugin-Alias: AREA AREA myServer:9999

See Updating-configuration-settings-by-using-the-AR-System-Configuration-Generic-UI-form, Configuring Java plug-in servers and Setting-plug-in-server-configuration-options.

There is no separate Server-Plugin-Alias for each AREA type of plug-in.

If you have a custom AREA LDAP plug-in that is developed in C, you must use the native plug-in server instead of the Java plug-in server. This fallback can be configured in the pluginsvr_config.xml file and is controlled by a property called enableNativeBridge. This property routes the AREA login verification calls to the native plug-in server.

By default, the value of enableNativeBridge property is false, meaning the native plug-in server is not available. To enable this property, edit the pluginsvr_config.xml file and add the following code under the pluginsvr_config tag:

<pluginsvr_config>
<enableNativeBridge>true</enableNativeBridge>

If the enableNativeBridge property is enabled, during AREA login verification, the Java plug-in server chains through all the Java AREA plug-ins in the order in which they appear in the pluginsvr_config.xml file. If no match is found, the call is propagated to the native plug-in server to check the AREA plug-ins hosted by the native plug-in server.

To avoid infinite looping between the Java plug-in server and the native server, make sure that you have disabled the AREA Proxy plug-in (areaatriumsso.dll) after enabling the enableNativeBridge property.

To troubleshoot AREA LDAP plug-in issues

  1. Verify the AREA LDAP plug-in configuration.
  2. Troubleshoot common plug-in related issues.
    For more information, see General-approach-for-troubleshooting-plug-in-issues.
  3. To further investigate the issue, enable the following logs:

To enable logs for the AREA LDAP plug-in

  1. In a browser, open the AR System Administration Console, and select System > General > Plugin Server Configuration.
  2. On the Plugin Server Configuration form, from the Plugin Server Instance list, select the instance for which you want to enable logs.
  3. Go to the Plugin Server Configuration tab.
  4. In the Logging Configurations area, from the Log Level list, select DEBUG.
  5. Click Apply
    The arjavaplugin.log file generates the debug logs for the AREA LDAP plug-in.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*