Hello Mauro, thank you for your response, you were right about the patterns
After a while, we have resumed our tries with the ldap validation and, although now we validate the user correctly using the right patterns, we can not associate ldap users/groups with the role of administrator. The connection test has been performed, for geoserver 2.10.1, with the following parameters (according to Geoserver ldap help <http://docs.geoserver.org/latest/en/user/security/tutorials/ldap/index.html#map-ldap-groups-to-geoserver-roles> ) <http://osgeo-org.1560.x6.nabble.com/file/n5305486/config-ldap.png> returning the group to which the user belongs (IDEM) 2017-01-31 12:36:41,612 DEBUG [org.geoserver.security.ldap.LDAPSecurityProvider$1] - Processing authentication request for user: ADMON 2017-01-31 12:36:41,624 DEBUG [org.geoserver.security.ldap.BindingLdapAuthoritiesPopulator] - Getting authorities for user uid=ADMON,ou=Usuarios,o=icm.es 2017-01-31 12:36:41,631 DEBUG [org.geoserver.security.ldap.BindingLdapAuthoritiesPopulator] - Searching for roles for user 'ADMON', DN = 'uid=ADMON,ou=Usuarios,o=icm.es', with filter cn=IDEM in search base 'ou=Servicios,o=icm.es' 2017-01-31 12:36:41,634 DEBUG [org.geoserver.security.ldap.BindingLdapAuthoritiesPopulator] - Roles from search: [IDEM] but when we try to login with this ldap user, no authorities are assigned 2017-01-31 13:14:44,962 DEBUG [org.geoserver.security.filter.GeoServerUserNamePasswordAuthenticationFilter$1] - Authentication success. Updating SecurityContextHolder to contain: org.springframework.security.authentication.UsernamePasswordAuthenticationToken@f5272e57: Principal: org.springframework.security.ldap.userdetails.LdapUserDetailsImpl@f4f5ab17: Dn: uid=ADMON,ou=Usuarios,o=icm.es; Username: ADMON; Password: [PROTECTED]; Enabled: true; AccountNonExpired: true; CredentialsNonExpired: true; AccountNonLocked: true; *Not granted any authorities*; Credentials: [PROTECTED]; Authenticated: true; Details: org.geoserver.security.filter.GeoServerWebAuthenticationDetails@ffff6a82: RemoteIpAddress: xx.xx.xx.xx; SessionId: 5B76D827476F66033A3A2F6663CE9401.d0123312; Granted Authorities: ROLE_AUTHENTICATED it is necessary to make any other steps? we have been also tried to generate an "IDEM" local role to associate to ldap user with an administration role but with no results. Any advice will be welcome. Thanks -- View this message in context: http://osgeo-org.1560.x6.nabble.com/Problem-with-LDAP-authentication-tp5296027p5305486.html Sent from the GeoServer - User mailing list archive at Nabble.com. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Geoserver-users mailing list Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users
