[Geoserver-users] Geoserver and LDAP

Premysl Vohnout Thu, 30 Aug 2012 07:32:25 -0700


Dear Geoserver community,

I'm trying to use geoserver with LDAP. I'm able to login but I'm unableto grant user permission. I've been using ldap tutorial (http://docs.geoserver.org/latest/en/user/security/tutorials/ldap/index.html). The only difference from tutorial is that I'm not using acme-ldap butOpenLDAP.


Group search base is set to ou=groups
Group search filter is set to member={0}

If I'm looking into log of OpenLDAP I can see that data are send toserver and some data are retrieved


Aug 30 15:38:15 rsa slapd[26271]: conn=1165 fd=28 ACCEPT from 
IP=127.0.0.1:38778 (IP=0.0.0.0:389)
Aug 30 15:38:15 rsa slapd[26271]: conn=1165 op=0 BIND 
dn="cn=test,ou=users,dc=ccss,dc=cz" method=128
Aug 30 15:38:15 rsa slapd[26271]: conn=1165 op=0 BIND 
dn="cn=test,ou=users,dc=ccss,dc=cz" mech=SIMPLE ssf=0
Aug 30 15:38:15 rsa slapd[26271]: conn=1165 op=0 RESULT tag=97 err=0 text=
Aug 30 15:38:15 rsa slapd[26271]: conn=1165 op=1 SRCH 
base="cn=test,ou=users,dc=ccss,dc=cz" scope=0 deref=3 filter="(objectClass=*)"
Aug 30 15:38:15 rsa slapd[26271]: conn=1165 op=1 ENTRY 
dn="cn=test,ou=users,dc=ccss,dc=cz"
Aug 30 15:38:15 rsa slapd[26271]: conn=1165 op=1 SEARCH RESULT tag=101 err=0 
nentries=1 text=
Aug 30 15:38:15 rsa slapd[26271]: conn=1165 op=2 UNBIND
Aug 30 15:38:15 rsa slapd[26271]: conn=1165 fd=28 closed
Aug 30 15:38:15 rsa slapd[26271]: conn=1166 fd=28 ACCEPT from 
IP=127.0.0.1:38779 (IP=0.0.0.0:389)
Aug 30 15:38:15 rsa slapd[26271]: conn=1166 op=0 BIND dn="" method=128
Aug 30 15:38:15 rsa slapd[26271]: conn=1166 op=0 RESULT tag=97 err=0 text=
Aug 30 15:38:15 rsa slapd[26271]: conn=1166 op=1 SRCH base="ou=groups,dc=ccss,dc=cz" 
scope=1 deref=3 filter="(member=cn=test,ou=users,dc=ccss,dc=cz)"
Aug 30 15:38:15 rsa slapd[26271]: conn=1166 op=1 SRCH attr=cn objectClass 
javaSerializedData javaClassName javaFactory javaCodeBase javaReferenceAddress 
javaClassNames javaRemoteLocation
Aug 30 15:38:15 rsa slapd[26271]: conn=1166 op=1 ENTRY 
dn="cn=admin,ou=groups,dc=ccss,dc=cz"
Aug 30 15:38:15 rsa slapd[26271]: conn=1166 op=1 ENTRY 
dn="cn=blabla,ou=groups,dc=ccss,dc=cz"
Aug 30 15:38:15 rsa slapd[26271]: conn=1166 op=1 SEARCH RESULT tag=101 err=0 
nentries=2 text=

On last lines you can see

dn="cn=admin,ou=groups,dc=ccss,dc=cz"
dn="cn=blabla,ou=groups,dc=ccss,dc=cz"

This leads me to that the configuration is setup correctly and onlyproblem is that groups are not "parsed" in geoserver. Am I right?

I've been looking also into JIRA and found similar tickethttp://jira.codehaus.org/browse/GEOS-5054


I'm using 2.2_rc2 ( and I have also tested nightly snapshot )

best regards,
Premysl Vohnout

<<attachment: vohnout.vcf>>

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and 
threat landscape has changed and how IT managers can respond. Discussions 
will include endpoint security, mobile security and the latest in malware 
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/

_______________________________________________
Geoserver-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-users

[Geoserver-users] Geoserver and LDAP

Reply via email to