Hi List! I’ve tried to use the new LDAP authentication feature to connect Geoserver to our active directory based LDAP server as described in [1]. After some trial and error, I successfully tested the connection with the “Test Connection” button and following settings:
ServerURL: ldap://server:port/dc=z,dc=y,dc=x User lookup pattern: cn={0}, ou=users, ou=b,ou=a (Note that we had to use “cn={0}” instead of “uid={0}”) Group search base: ou=groups,ou=e,ou=d Group search filter: member={0} However, when testing the login on the home page as described in [2] with the same username/password, Geoserver redirects to “geoserver/web/?wicket:bookmarkablePage=:org.geoserver.web.GeoServerLoginPage&error=true”. There is no error in the log or UI but the login obviously didn’t work. It would surely help to show the log messages from Spring, but I couldn’t enable them (editing e.g. VERBOSE_LOGGING.properties didn’t work). I also noticed, that the Users/Groups tab in [3] does not show any users or groups. Shouldn’t they get populated with the LDAP users/groups? Any ideas what’s wrong? Regards, Torsten [1] http://docs.geoserver.org/latest/en/user/security/tutorials/ldap/index.html#configure-the-ldap-authentication-provider [2] http://docs.geoserver.org/latest/en/user/security/tutorials/ldap/index.html#test-a-ldap-login [3] http://localhost:8080/geoserver/web/?wicket:bookmarkablePage=:org.geoserver.security.web.UserGroupRoleServicesPage ------------------------------------------------------------------------------ Better than sec? Nothing is better than sec when it comes to monitoring Big Data applications. Try Boundary one-second resolution app monitoring today. Free. http://p.sf.net/sfu/Boundary-dev2dev _______________________________________________ Geoserver-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/geoserver-users
