You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@archiva.apache.org by "Olivier Lamy (JIRA)" <ji...@codehaus.org> on 2014/06/20 06:14:10 UTC
[jira] (MRM-1486) ldap.config.mapper.attribute.user.filter using
ldap not working correctly with commas.
[ https://jira.codehaus.org/browse/MRM-1486?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Olivier Lamy updated MRM-1486:
------------------------------
Description:
Redback (i guess) security system replace in a wrong way the key user id in ldap.config.mapper.attribute.user.filter property.
Using ldap.config.mapper.attribute.user.filter=ismemberof=cn=apps.archiva,ou=group,dc=example,dc=com
Cases ldap query be like this:
(&(objectClass=<SOME_STRUCTURAL_OC>)(ismemberof=cn=apps.archiva(uid=admin))
The correct query, IMO, should be like this:
(&(objectClass=<SOME_STRUCTURAL_OC>)(ismemberof=cn=apps.archiva,ou=group,dc=example,dc=com)(uid=admin))',
as I specified before.
<SOME_STRUCTURA_OC> may be something like this: (objectClass=posixAccount), assembled using ldap.config.mapper.attribute.user.object.class property.
To solve (workarounding) the problem I had to hardcode all my ldap user mapping settings, in application.xml, like this:
<component>
<role>org.codehaus.plexus.redback.common.ldap.UserMapper</role>
<role-hint>ldap</role-hint>
<implementation>org.codehaus.plexus.redback.common.ldap.LdapUserMapper</implementation>
<configuration>
<email-attribute>email</email-attribute>
<full-name-attribute>cn</full-name-attribute>
<password-attribute>userPassword</password-attribute>
<user-id-attribute>uid</user-id-attribute>
<user-base-dn>ou=people,dc=ampliato,dc=com,dc=br</user-base-dn>
<user-object-class>posixAccount</user-object-class>
<user-filter>(ismemberof=cn=apps.archiva,ou=group,dc=ampliato,dc=com,dc=br)</user-filter>
</configuration>
<requirements>
<requirement>
<role>org.codehaus.plexus.redback.configuration.UserConfiguration</role>
</requirement>
</requirements>
</component>
Thats another related link around the same problem:
http://jira.codehaus.org/browse/REDBACK-168
Solved, but It just doesn't fix the problem.
was:
Redback (i guess) security system replace in a wrong way the key user id in ldap.config.mapper.attribute.user.filter property.
Using ldap.config.mapper.attribute.user.filter=ismemberof=cn=apps.archiva,ou=group,dc=example,dc=com
Cases ldap query be like this:
(&(objectClass=<SOME_STRUCTURAL_OC>)(ismemberof=cn=apps.archiva(uid=admin))
The correct query, IMO, should be like this:
(&(objectClass=<SOME_STRUCTURAL_OC>)(ismemberof=cn=apps.archiva,ou=group,dc=example,dc=com)(uid=admin))',
as I specified before.
<SOME_STRUCTURA_OC> may be something like this: (objectClass=posixAccount), assembled using ldap.config.mapper.attribute.user.object.class property.
To solve (workarounding) the problem I had to hardcode all my ldap user mapping settings, in application.xml, like this:
<component>
<role>org.codehaus.plexus.redback.common.ldap.UserMapper</role>
<role-hint>ldap</role-hint>
<implementation>org.codehaus.plexus.redback.common.ldap.LdapUserMapper</implementation>
<configuration>
<email-attribute>email</email-attribute>
<full-name-attribute>cn</full-name-attribute>
<password-attribute>userPassword</password-attribute>
<user-id-attribute>uid</user-id-attribute>
<user-base-dn>ou=people,dc=ampliato,dc=com,dc=br</user-base-dn>
<user-object-class>posixAccount</user-object-class>
<user-filter>(ismemberof=cn=apps.archiva,ou=group,dc=ampliato,dc=com,dc=br)</user-filter>
</configuration>
<requirements>
<requirement>
<role>org.codehaus.plexus.redback.configuration.UserConfiguration</role>
</requirement>
</requirements>
</component>
Thats another related link around the same problem:
http://jira.codehaus.org/browse/REDBACK-168?page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#issue-tabs
Solved, but It just doesn't fix the problem.
> ldap.config.mapper.attribute.user.filter using ldap not working correctly with commas.
> --------------------------------------------------------------------------------------
>
> Key: MRM-1486
> URL: https://jira.codehaus.org/browse/MRM-1486
> Project: Archiva
> Issue Type: Bug
> Components: Users/Security
> Affects Versions: 1.3.5
> Environment: opensuse 11.4 (x86_64), sun jvm 1.6.0_22
> Reporter: Bruno Simioni
> Labels: LDAP, TOCHECK
> Fix For: 2.1.1
>
>
> Redback (i guess) security system replace in a wrong way the key user id in ldap.config.mapper.attribute.user.filter property.
> Using ldap.config.mapper.attribute.user.filter=ismemberof=cn=apps.archiva,ou=group,dc=example,dc=com
> Cases ldap query be like this:
> (&(objectClass=<SOME_STRUCTURAL_OC>)(ismemberof=cn=apps.archiva(uid=admin))
> The correct query, IMO, should be like this:
> (&(objectClass=<SOME_STRUCTURAL_OC>)(ismemberof=cn=apps.archiva,ou=group,dc=example,dc=com)(uid=admin))',
> as I specified before.
> <SOME_STRUCTURA_OC> may be something like this: (objectClass=posixAccount), assembled using ldap.config.mapper.attribute.user.object.class property.
>
> To solve (workarounding) the problem I had to hardcode all my ldap user mapping settings, in application.xml, like this:
> <component>
> <role>org.codehaus.plexus.redback.common.ldap.UserMapper</role>
> <role-hint>ldap</role-hint>
> <implementation>org.codehaus.plexus.redback.common.ldap.LdapUserMapper</implementation>
> <configuration>
> <email-attribute>email</email-attribute>
> <full-name-attribute>cn</full-name-attribute>
> <password-attribute>userPassword</password-attribute>
> <user-id-attribute>uid</user-id-attribute>
> <user-base-dn>ou=people,dc=ampliato,dc=com,dc=br</user-base-dn>
> <user-object-class>posixAccount</user-object-class>
> <user-filter>(ismemberof=cn=apps.archiva,ou=group,dc=ampliato,dc=com,dc=br)</user-filter>
> </configuration>
> <requirements>
> <requirement>
> <role>org.codehaus.plexus.redback.configuration.UserConfiguration</role>
> </requirement>
> </requirements>
> </component>
> Thats another related link around the same problem:
> http://jira.codehaus.org/browse/REDBACK-168
> Solved, but It just doesn't fix the problem.
--
This message was sent by Atlassian JIRA
(v6.1.6#6162)