Nice work. Thanks for following up on your own question. People don't do that often enough :)
On 10/18/07, Dimas <[EMAIL PROTECTED]> wrote: > Solved. > > The solution is easy as change {0} with {1} as a user parameter. > > {0} contains all the ldap base. > {1} only the username. > > Uff :- ) > > -- > ____________________________________ > Dimas Streich i Colomeda > dimas.sc ARROVA gmail.com > http://www.dimas.cat > > 2007/10/17, Dimas <[EMAIL PROTECTED]>: > > > > Hi! > > > > I am configuring JasperServer to authenticate users from LDAP and assign > > their roles/groups. JasperServer security authentication is based on > > AcegiSecurity bean so I try searching help in this list. > > > > Until now the LDAP users can login to JS with their passwords, but their > > ldap-grups aren't recognized. The secret is in the " > > applicationContext-security.xml" file, and the important bean is: > > > > <bean id="ldapAuthenticationProvider" class=" > > org.acegisecurity.providers.ldap.LdapAuthenticationProvider"> > > <constructor-arg> > > <bean class=" > > org.acegisecurity.providers.ldap.authenticator.BindAuthenticator"> > > <constructor-arg><ref > > local="initialDirContextFactory"/></constructor-arg> > > <property > > > name="userDnPatterns"><list><value>uid={0},ou=Users</value></list></property> > > </bean> > > </constructor-arg> > > <constructor-arg> > > <bean class=" > > org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator > > "> > > <constructor-arg index="0"><ref > > local="initialDirContextFactory"/></constructor-arg> > > <constructor-arg > > index="1"><value>ou=Groups</value></constructor-arg> > > <property name="groupRoleAttribute"><value>cn</value></property> > > > > <property > > > name="groupSearchFilter"><value>(&(memberUid={0})(objectclass=radiusprofile))</value></property> > > </bean> > > </constructor-arg> > > </bean> > > > > The last property, "groupSearchFilter" is not working. It seems that the > > {0} is not the username logging to the system. If I change it by: > > > > <property > > > name="groupSearchFilter"><value>(&(memberUid=abcdef)(objectclass=radiusprofile))</value></property> > > > > > > where 'abcdefj' is a LDAP user. If I log to JS with the user abcdef it can > > enter and his LDAP role is assigned. Why {0} is not working and literal > > username yes? Some help please? > > > > Thx! > > > > -- > > ____________________________________ > > Dimas Streich i Colomeda > > dimas.sc ARROVA gmail.com > > http://www.dimas.cat > ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer