Hi all,
I tested the geoserver A&A against an Active Directory server, I used a nightly build of geoserver master (2.9 -SNAPSHOT build 08-Apr-2016 08:01) in order to check that the recent update to spring4 didn’t introduce regressions on that part.
I Followed the Authentication with LDAP against ActiveDirectory tutorial using a production clone of a LDAP server (ActiveDirectory).
I succesfully configured the LDAP authentication provider and added it to the provider chain. No problems found logging in the geoserver GUI with a couple of test user stored on that Active Directory.
Then I configured the role service in order to map LDAP group on the Geoserver roles, no problems have been found neither at this step.
The only weird thing I noticed is when I tried to play a bit with the role service configuration:
after I changed the Administrator roles mapping in the GUI I was still able to login as administrator with an user assigned to the previous set Admin group. After a geoserver restart (or after few minutes) the expected behaviour started to work (I was able to login with that user but without admin grants). I guess that is due to user caching and it’s not related to an issue/regression.
Regards,
Damiano.
On Wed, Apr 6, 2016 at 11:36 AM, Damiano Giampaoli <damiano.giampaoli@anonymised.com> wrote:
Hi list,
After having discused it with Simone in the next days I’m going to do some manual testing of the CAS and LDAP integrations on geoserver master, especially to ensure no regressions after the spring4 upgrade.
I’ll share a test report on the list, if someone already noticed some problems please let me know!
Regards,
Damiano
–
==
GeoServer Professional Services from the experts!
Visit http://goo.gl/it488V for more information.
Dott. Damiano Giampaoli
Software Engineer
GeoSolutions S.A.S.
Via di Montramito 3/A
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 333 8128928
http://www.geo-solutions.it
http://twitter.com/geosolutions_it
AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate.
Il loro utilizzo è consentito esclusivamente al destinatario del
messaggio, per le finalità indicate nel messaggio stesso. Qualora
riceviate questo messaggio senza esserne il destinatario, Vi preghiamo
cortesemente di darcene notizia via e-mail e di procedere alla
distruzione del messaggio stesso, cancellandolo dal Vostro sistema.
Conservare il messaggio stesso, divulgarlo anche in parte,
distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità
diverse, costituisce comportamento contrario ai principi dettati dal
D.Lgs. 196/2003.
The information in this message and/or attachments, is intended solely
for the attention and use of the named addressee(s) and may be
confidential or proprietary in nature or covered by the provisions of
privacy act (Legislative Decree June, 30 2003, no.196 - Italy’s New
Data Protection Code).Any use not in accord with its purpose, any
disclosure, reproduction, copying, distribution, or either
dissemination, either whole or partial, is strictly forbidden except
previous formal approval of the named addressee(s). If you are not the
intended recipient, please contact immediately the sender by
telephone, fax or e-mail and delete the information in this message
that has been received in error. The sender does not give any warranty
or accept liability as the content, accuracy or completeness of sent
messages and accepts no responsibility for changes made after they
were sent or for other risks which arise as a result of e-mail
transmission, viruses, etc.
–
==
GeoServer Professional Services from the experts!
Visit http://goo.gl/it488V for more information.
Dott. Damiano Giampaoli
Software Engineer
GeoSolutions S.A.S.
Via di Montramito 3/A
55054 Massarosa (LU)
Italy
phone: +39 0584 962313
fax: +39 0584 1660272
mob: +39 333 8128928
http://www.geo-solutions.it
http://twitter.com/geosolutions_it
AVVERTENZE AI SENSI DEL D.Lgs. 196/2003
Le informazioni contenute in questo messaggio di posta elettronica e/o
nel/i file/s allegato/i sono da considerarsi strettamente riservate.
Il loro utilizzo è consentito esclusivamente al destinatario del
messaggio, per le finalità indicate nel messaggio stesso. Qualora
riceviate questo messaggio senza esserne il destinatario, Vi preghiamo
cortesemente di darcene notizia via e-mail e di procedere alla
distruzione del messaggio stesso, cancellandolo dal Vostro sistema.
Conservare il messaggio stesso, divulgarlo anche in parte,
distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità
diverse, costituisce comportamento contrario ai principi dettati dal
D.Lgs. 196/2003.
The information in this message and/or attachments, is intended solely
for the attention and use of the named addressee(s) and may be
confidential or proprietary in nature or covered by the provisions of
privacy act (Legislative Decree June, 30 2003, no.196 - Italy’s New
Data Protection Code).Any use not in accord with its purpose, any
disclosure, reproduction, copying, distribution, or either
dissemination, either whole or partial, is strictly forbidden except
previous formal approval of the named addressee(s). If you are not the
intended recipient, please contact immediately the sender by
telephone, fax or e-mail and delete the information in this message
that has been received in error. The sender does not give any warranty
or accept liability as the content, accuracy or completeness of sent
messages and accepts no responsibility for changes made after they
were sent or for other risks which arise as a result of e-mail
transmission, viruses, etc.