[Geoserver-users] LDAP user/group service, No password decoder

Thu, 05 Jan 2017 04:38:59 -0800 

I'm struggling with using the LDAP user/group service in geoserver 2.10.1.
I think the actual user/group service is configured correctly as I see my expected list of users. I've then added a "Basic username/password authentication" Authentication Provider for my ldap user/group service, which I think should just delegate password authentication to that service. When I try to login to geoserver with any of the users from ldap I end up with a 500 response and an UnsupportedOperationException being reported, 

java.lang.UnsupportedOperationException: No password decoder for: null
at org.geoserver.security.password.GeoServerMultiplexingPasswordEncoder.lookupEncoderForEncodedPassword(GeoServerMultiplexingPasswordEncoder.java:72) at org.geoserver.security.password.GeoServerMultiplexingPasswordEncoder.isPasswordValid(GeoServerMultiplexingPasswordEncoder.java:90) at org.springframework.security.authentication.dao.DaoAuthenticationProvider.additionalAuthenticationChecks(DaoAuthenticationProvider.java:94)
Have I missed something obvious, have I misunderstood how the user/group services should be used, or is this a bug? I've attached my ldap service config which is using a public read-only ldap service. 

Any help would be greatly appreciated,
Wayne

<org.geoserver.security.ldap.LDAPUserGroupServiceConfig>
  <id>2f6c3308:1596e51a334:-7ffe</id>
  <name>test ldap</name>
  <className>org.geoserver.security.ldap.LDAPUserGroupService</className>
  <serverURL>ldap://ldap.forumsys.com</serverURL>
  <groupSearchBase>dc=example,dc=com</groupSearchBase>
  <allGroupsSearchFilter>objectClass=groupOfUniqueNames</allGroupsSearchFilter>
  <userSearchBase>dc=example,dc=com</userSearchBase>
  <userNameAttribute>uid</userNameAttribute>
  <useTLS>false</useTLS>
  <bindBeforeGroupSearch>true</bindBeforeGroupSearch>
  <user>cn=read-only-admin,dc=example,dc=com</user>
  <password>password</password>
  <passwordEncoderName>emptyPasswordEncoder</passwordEncoderName>
  <passwordPolicyName>default</passwordPolicyName>
</org.geoserver.security.ldap.LDAPUserGroupServiceConfig>

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Geoserver-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-users

Reply via email to