Solved.
The solution is easy as change {0} with {1} as a user parameter.
{0} contains all the ldap base.
{1} only the username.
Uff :- )
--
____________________________________
Dimas Streich i Colomeda
dimas.sc ARROVA gmail.com
http://www.dimas.cat
2007/10/17, Dimas <[EMAIL PROTECTED]>:
>
> Hi!
>
> I am configuring JasperServer to authenticate users from LDAP and assign
> their roles/groups. JasperServer security authentication is based on
> AcegiSecurity bean so I try searching help in this list.
>
> Until now the LDAP users can login to JS with their passwords, but their
> ldap-grups aren't recognized. The secret is in the "
> applicationContext-security.xml" file, and the important bean is:
>
> <bean id="ldapAuthenticationProvider" class="
> org.acegisecurity.providers.ldap.LdapAuthenticationProvider">
> <constructor-arg>
> <bean class="
> org.acegisecurity.providers.ldap.authenticator.BindAuthenticator">
> <constructor-arg><ref
> local="initialDirContextFactory"/></constructor-arg>
> <property
> name="userDnPatterns"><list><value>uid={0},ou=Users</value></list></property>
> </bean>
> </constructor-arg>
> <constructor-arg>
> <bean class="
> org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
> ">
> <constructor-arg index="0"><ref
> local="initialDirContextFactory"/></constructor-arg>
> <constructor-arg
> index="1"><value>ou=Groups</value></constructor-arg>
> <property name="groupRoleAttribute"><value>cn</value></property>
>
> <property
> name="groupSearchFilter"><value>(&(memberUid={0})(objectclass=radiusprofile))</value></property>
> </bean>
> </constructor-arg>
> </bean>
>
> The last property, "groupSearchFilter" is not working. It seems that the
> {0} is not the username logging to the system. If I change it by:
>
> <property
> name="groupSearchFilter"><value>(&(memberUid=abcdef)(objectclass=radiusprofile))</value></property>
>
>
> where 'abcdefj' is a LDAP user. If I log to JS with the user abcdef it can
> enter and his LDAP role is assigned. Why {0} is not working and literal
> username yes? Some help please?
>
> Thx!
>
> --
> ____________________________________
> Dimas Streich i Colomeda
> dimas.sc ARROVA gmail.com
> http://www.dimas.cat
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
