Hi Mauro, I have tried many different configurations but they all failed with same or very similar exceptions. I have attached a screenshot of one of the latest attempts that I’m made to JIRA issue https://jira.codehaus.org/browse/GEOS-6894. Here’s a direct link https://jira.codehaus.org/secure/attachment/67287/2015-02-24_120152.png
I tried to follow many examples that I could find on the web, including geoserver docs and others like http://geoserver.geo-solutions.it/edu/en/security/ldap_authentication.html Thank you. Cheers, Pavel From: maurobartolome...@gmail.com [mailto:maurobartolome...@gmail.com] On Behalf Of Mauro Bartolomeoli Sent: Friday, 20 February 2015 3:56 PM To: Golodoniuc, Pavel (Mineral Resources, Kensington) Cc: GeoServer Mailing List List; Justin Deoliveira Subject: Re: LDAP authentication fails with "invalid DN" Hi Pavel, can you please share the configuration details for the LDAP authentication provider? A screenshot showing all the parameters you entered is fine. Thanks Mauro 2015-02-20 5:19 GMT+01:00 <pavel.golodon...@csiro.au>: Hi, I'm trying to set up a layer-based LDAP authentication in GeoServer in order to leverage existing infrastructure for user and group management. I've read http://docs.geoserver.org/latest/en/user/security/tutorials/ldap/index.html and tried many configuration options but still couldn't get it to work. Numerous posts in blogs and forums reporting similar issues with LDAP authentication didn't help much. I have seen a similar issue reported earlier https://jira.codehaus.org/browse/GEOS-5999 and there was one more that I can't find anymore.. I consistently get [LDAP: error code 34 - invalid DN] error and the following gets logged in slapd syslog: Jan 29 10:52:05 cgsrv4 slapd[3326]: conn=8628 op=0 do_bind: invalid dn ((uid=Username)) If I try to fully qualify the user lookup pattern (uid={0},ou=Users,dc=arrc,dc=csiro,dc=au) as some forum posts suggest I get the following with nothing logged in slapd logs (it looks like it doesn't even get there): 29 Jan 10:54:01 WARN [web.security] - Cannot authenticate Username javax.naming.AuthenticationException: Cannot authenticate Username I have logged the issue in JIRA https://jira.codehaus.org/browse/GEOS-6894 with logs and stacktraces attached. I hope this extra bit of information will help identify the issue. Any help of suggestions where do I need to look at will be highly appreciated. Or maybe there're other ways to set up layer based authentication. Any experiences? CC'd the coders of this module so they'll hopefully where I've got it wrong. Thanks for your help! Pavel -- == GeoServer Professional Services from the experts! Visit http://goo.gl/NWWaa2 for more information. == Dott. Mauro Bartolomeoli @mauro_bart Senior Software Engineer GeoSolutions S.A.S. Via Poggio alle Viti 1187 55054 Massarosa (LU) Italy phone: +39 0584 962313 fax: +39 0584 1660272 http://www.geo-solutions.it http://twitter.com/geosolutions_it ------------------------------------------------------- AVVERTENZE AI SENSI DEL D.Lgs. 196/2003 Le informazioni contenute in questo messaggio di posta elettronica e/o nel/i file/s allegato/i sono da considerarsi strettamente riservate. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceviate questo messaggio senza esserne il destinatario, Vi preghiamo cortesemente di darcene notizia via e-mail e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema. Conservare il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse, costituisce comportamento contrario ai principi dettati dal D.Lgs. 196/2003. The information in this message and/or attachments, is intended solely for the attention and use of the named addressee(s) and may be confidential or proprietary in nature or covered by the provisions of privacy act (Legislative Decree June, 30 2003, no.196 - Italy's New Data Protection Code).Any use not in accord with its purpose, any disclosure, reproduction, copying, distribution, or either dissemination, either whole or partial, is strictly forbidden except previous formal approval of the named addressee(s). If you are not the intended recipient, please contact immediately the sender by telephone, fax or e-mail and delete the information in this message that has been received in error. The sender does not give any warranty or accept liability as the content, accuracy or completeness of sent messages and accepts no responsibility for changes made after they were sent or for other risks which arise as a result of e-mail transmission, viruses, etc. ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Geoserver-users mailing list Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users
