Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Login Issue

We're trying to set up LDAP authentication. In my tomcat-users.xml file, I changed the name of the admin account from the default 'ec2-user' to 'admin' and set the password.

I was able to log in as admin, go to the admin menu and set up LDAP settings. After logging out and restarting tomcat, I was unable to log in using one of my LDAP users, so I logged back in as 'admin' but could not find the 'admin' page again.

So, after searching around, I found that the admin page could be found by adding '/admin' to the base URL for my instance...except that this just generated a 404 error. Since then, I'm no longer to log in as any user...LDAP or any user defined in the tomcat-users.xml.

I reset the tomcat-users.xml to the original state, restarted tomcat and am still unable to log in.

What am I missing?

18 Community Answers

Daniel Carrington —

Well....I just tried it again in IE and got logged in as my admin user. But I still don't have an admin page. Still get a 404 if I use /admin path manually and there is nothing on the UI for getting there.


Matillion Agent  

Kalyan Arangam —

Hi Daniel

What version are you on? Help→about

The latest version has the admin menu built into the main interface.

Best
Kalyan


Daniel Carrington —

We are using 1.28.7 (build 36)

Thanks!


Matillion Agent  

Harpreet Singh —

Hi Daniel,

In the latest release Admin console has been integrated in the User Console itself. When you login to the User console you would see the Admin Option in the Top right Corner next to Help button.
Can you try again and see if you can access the Admin Option using the Admin button?

Thanks
Harpreet Singh


Daniel Carrington —

Yes. That's where I got to the admin page the first time I logged in. Now, that doesn't show up any more so I don't seem to have any way to get to the admin console.


Matillion Agent  

Harpreet Singh —

Hi Daniel

What user are you using to login to Matillion ? If its the user without “Admin” Role it would not be able to see the Admin button in the console.

Thanks
Harpreet Singh


Daniel Carrington —

I'm using the default 'ec2-user' admin user. The Admin Options was available the first time I logged in, but I haven't seen it since.


Matillion Agent  

Kalyan Arangam —

Hi Daniel,

A few additional questions

  1. Have you already tried restarting the server to see if it works?
  2. Also, have you attempted to use LDAP integration anytime in the past?

Best
Kalyan


Daniel Carrington —

Hi, Kalyan

Yes, I did restart the instance. Also, this is a new implementation and is the first time we are planning to attempt to configure LDAP authentication.

Thanks!


Matillion Agent  

Laura Malins —

Hi Daniel

It sounds like your integration with LDAP has lost your Admin user. Or your admin user as been lost if you’ve not started to configure.

To reinstate it, you need to SSH onto your Matillion EC2 instance using the private key file you set up when you created the instance. From there navigate to /etc/tomcat8/tomcat-users.xml

If you open this file as sudo then you can either add a new line to create a new Admin User or add the role Admin to your ec2-user.

Before integrating LDAP I recommend you backup both of the below files:

/etc/tomcat8/server.xml
/etc/tomcat8/tomcat-users.xml

Please do let us know how you get on.

Thanks
Laura


Daniel Carrington —

Thanks, Laura.

The contents of my tomcat-users.xml is as follows (somewhat redacted):

<?xml version='1.0' encoding='utf-8'?>
<tomcat-users xmlns="http://tomcat.apache.org/xml"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
version="1.0">
<role rolename="Emerald"/>
<role rolename="API"/>
<role rolename="Admin"/>
<user username="*******" password="*******" fullName="mati_developer" roles="Emerald,API"/>
<user username="ec2-user" password="*******" fullName="administrator" roles="Emerald,API,Admin"/>
</tomcat-users>


Matillion Agent  

Laura Malins —

Hi Daniel

Thanks for this. Do you have some time for a quick screenshare and we can see if we can get this working for you? I’m available now or at 4pm GMT?

Thanks
Laura


Daniel Carrington —

I'm available right now.


Daniel Carrington —

Laura,

Actually, I think 4:00 AZ time would work better. How do you want to go about connecting for this?

Thanks!


Matillion Agent  

Laura Malins —

Hi Daniel

Apologies I’m just about to jump onto another call now, but I’m available in 30 mins if that works for you? I’ll wait on this line. If this doesn’t work please let me know some times which do:

discounttire
Mon, Aug 21, 2017 4:00 PM – 5:00 PM BST

Please join my meeting from your computer, tablet or smartphone.
https://global.gotomeeting.com/join/828406997

You can also dial in using your phone.
United States: +1 (786) 535-3219

Access Code: 828-406-997

More phone numbers
United Kingdom: +44 20 3713 5028

First GoToMeeting? Try a test session: https://care.citrixonline.com/g2m/getready

Thanks
Laura


Daniel Carrington —

Laura,

I will be available around 9:30 am AZ time and I can be available any time after that until 5:00pm. I can work around any time frame in that window.

Thanks!


Matillion Agent  

Laura Malins —

Hi Daniel

I’ve sent you an invite for later today.

Thanks
Laura


Daniel Carrington —

Thanks!

Post Your Community Answer

To add an answer please login