[GeoNetwork-devel] spring ldap auth broken ?

Hi,

i've been trying to setup ldap auth (or http header auth) via spring on
the current develop branch HEAD, and so far i've only failed - it seems
something is wrong in spring config wrt ldap, the securityContext is
apparently cleared from the user details right after successfully authenticating.

I've listed all my findings in https://github.com/geonetwork/core-geonetwork/issues/440
but i wont be able to dig more into this before some weeks, so can anyone
who understands spring try to reproduce the issue (to ensure i'm not the only one..)
and understand what can be wrong ?

Thanks!
Landry

On Mon, Apr 7, 2014 at 3:28 PM, Landry Breuil <breuil@anonymised.com> wrote:

Hi,

i've been trying to setup ldap auth (or http header auth) via spring on
the current develop branch HEAD, and so far i've only failed - it seems
something is wrong in spring config wrt ldap, the securityContext is
apparently cleared from the user details right after successfully authenticating.

I've listed all my findings in https://github.com/geonetwork/core-geonetwork/issues/440
but i wont be able to dig more into this before some weeks, so can anyone
who understands spring try to reproduce the issue (to ensure i'm not the only one..)
and understand what can be wrong ?

Thanks!
Landry

Hi,

Just for the record: I have just configured an LDAP on 2.10.x and it
works. So if the configuration is ok (which looks like, as Spring
finds the roles associated to the user), it has to be something 2.11
specific.

Good luck!
María.

On Mon, Apr 07, 2014 at 03:32:45PM +0200, María Arias de Reyna wrote:

On Mon, Apr 7, 2014 at 3:28 PM, Landry Breuil <breuil@anonymised.com> wrote:
> Hi,
>
> i've been trying to setup ldap auth (or http header auth) via spring on
> the current develop branch HEAD, and so far i've only failed - it seems
> something is wrong in spring config wrt ldap, the securityContext is
> apparently cleared from the user details right after successfully authenticating.
>
> I've listed all my findings in https://github.com/geonetwork/core-geonetwork/issues/440
> but i wont be able to dig more into this before some weeks, so can anyone
> who understands spring try to reproduce the issue (to ensure i'm not the only one..)
> and understand what can be wrong ?
>
> Thanks!
> Landry
>

Hi,

Just for the record: I have just configured an LDAP on 2.10.x and it
works. So if the configuration is ok (which looks like, as Spring
finds the roles associated to the user), it has to be something 2.11
specific.

Yes, the same thing works fine in 2.10, i've checked it before.

Landry

On 04/07/14 15:28, Landry Breuil wrote:

Hi,

i've been trying to setup ldap auth (or http header auth) via spring on
the current develop branch HEAD, and so far i've only failed - it seems
something is wrong in spring config wrt ldap, the securityContext is
apparently cleared from the user details right after successfully authenticating.

I've listed all my findings in https://github.com/geonetwork/core-geonetwork/issues/440
but i wont be able to dig more into this before some weeks, so can anyone
who understands spring try to reproduce the issue (to ensure i'm not the only one..)
and understand what can be wrong ?

I've spent a bit more time on this and posted more debug info/logs in the github issue, but i still cant find the root of the actual issue - Jesse, any hint ?

--
Landry Breuil
Mouton a 5 pattes du CRAIG

no idea yet. I just got back from a vacation and am working through my backlog.

···

On Tue, Apr 15, 2014 at 3:13 PM, Landry Breuil <breuil@…888…> wrote:

On 04/07/14 15:28, Landry Breuil wrote:

Hi,

i’ve been trying to setup ldap auth (or http header auth) via spring on
the current develop branch HEAD, and so far i’ve only failed - it seems
something is wrong in spring config wrt ldap, the securityContext is
apparently cleared from the user details right after successfully authenticating.

I’ve listed all my findings in https://github.com/geonetwork/core-geonetwork/issues/440
but i wont be able to dig more into this before some weeks, so can anyone
who understands spring try to reproduce the issue (to ensure i’m not the only one…)
and understand what can be wrong ?

I’ve spent a bit more time on this and posted more debug info/logs in the github issue, but i still cant find the root of the actual issue - Jesse, any hint ?


Landry Breuil
Mouton a 5 pattes du CRAIG