[Geoserver-users] Geoserver 2.4.4 LDAP

2014-02-19 17:18 GMT+01:00 joern ahlers <jahlers@anonymised.com.>:

Hallo,

i have problems to configurate geoserver 2.4.4 with OpenLDAP.

The user authentification is no problem, but the role mapping.

This ist the configuration:

auth/LDAP/config.xml:

-124b92a0:144408f13cf:-7ff6 LDAP org.geoserver.security.ldap.LDAPAuthenticationProvider ldap://*LDAPServerAdress*:389/dc=*test2*,dc=*test*,dc=de ou=GeoServer,ou=group memberUid={0} false uid={0},ou=people

To activate role mapping from LDAP you need to fill some more options in the LDAP Authentication Provider page:

• check the “Use LDAP groups for authorization” checkbox
• fill the “Group search base” field: ou=GeoServer,ou=group should be good for your configuration
• fill the “Group search filter” field: memberUid={0} should be good for your configuration
• fill the “Admin Group” field: GEOSERVER_ADMIN should be good for your configuration
• fill the “Group Admin Group” field: GEOSERVER_GROUP_ADMIN should be good for your configuration

Some more documentation here: http://docs.geoserver.org/stable/en/user/webadmin/security/auth.html#ldap-provider

role/LDAP/config.xml
<org.geoserver.security.ldap.LDAPRoleServiceConfig>
-124b92a0:144408f13cf:-7ff5
LDAP
org.geoserver.security.ldap.LDAPRoleService
ldap://LDAPServerAdress:389/dc=test2,dc=test,dc=de
ou=GeoServer,ou=group
memberUid={0}
false
true
ROLE_GEOSERVER_ADMIN
ROLE_GEOSERVER_GROUP_ADMIN
cn=admin,dc=test2,dc=test,dc=de
secret
cn=*
</org.geoserver.security.ldap.LDAPRoleServiceConfig>

The RoleService seems to be correctly configured, but this is not used for role mapping (so it wasn’t enough to get roles to user assignment), just for role listing and permission assignments.

Let me know if this solves your issues.

Mauro