Nice work.
Thanks for following up on your own question. People don't do that
often enough :)
On 10/18/07, Dimas <[EMAIL PROTECTED]> wrote:
> Solved.
>
> The solution is easy as change {0} with {1} as a user parameter.
>
> {0} contains all the ldap base.
> {1} only the username.
>
> Uff :- )
>
> --
> ____________________________________
> Dimas Streich i Colomeda
> dimas.sc ARROVA gmail.com
> http://www.dimas.cat
>
> 2007/10/17, Dimas <[EMAIL PROTECTED]>:
> >
> > Hi!
> >
> > I am configuring JasperServer to authenticate users from LDAP and assign
> > their roles/groups. JasperServer security authentication is based on
> > AcegiSecurity bean so I try searching help in this list.
> >
> > Until now the LDAP users can login to JS with their passwords, but their
> > ldap-grups aren't recognized. The secret is in the "
> > applicationContext-security.xml" file, and the important bean is:
> >
> > <bean id="ldapAuthenticationProvider" class="
> > org.acegisecurity.providers.ldap.LdapAuthenticationProvider">
> > <constructor-arg>
> > <bean class="
> > org.acegisecurity.providers.ldap.authenticator.BindAuthenticator">
> > <constructor-arg><ref
> > local="initialDirContextFactory"/></constructor-arg>
> > <property
> >
> name="userDnPatterns"><list><value>uid={0},ou=Users</value></list></property>
> > </bean>
> > </constructor-arg>
> > <constructor-arg>
> > <bean class="
> > org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator
> > ">
> > <constructor-arg index="0"><ref
> > local="initialDirContextFactory"/></constructor-arg>
> > <constructor-arg
> > index="1"><value>ou=Groups</value></constructor-arg>
> > <property name="groupRoleAttribute"><value>cn</value></property>
> >
> > <property
> >
> name="groupSearchFilter"><value>(&(memberUid={0})(objectclass=radiusprofile))</value></property>
> > </bean>
> > </constructor-arg>
> > </bean>
> >
> > The last property, "groupSearchFilter" is not working. It seems that the
> > {0} is not the username logging to the system. If I change it by:
> >
> > <property
> >
> name="groupSearchFilter"><value>(&(memberUid=abcdef)(objectclass=radiusprofile))</value></property>
> >
> >
> > where 'abcdefj' is a LDAP user. If I log to JS with the user abcdef it can
> > enter and his LDAP role is assigned. Why {0} is not working and literal
> > username yes? Some help please?
> >
> > Thx!
> >
> > --
> > ____________________________________
> > Dimas Streich i Colomeda
> > dimas.sc ARROVA gmail.com
> > http://www.dimas.cat
>
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
Acegisecurity-developer@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
