Jan 11th, 2013, 11:07 AM
Problem with Spring-Security-Ldap authentication
I had setup my grails-app and install spring-security-core and also Spring-Security-Ldap. I successfully connected to the ldap active directory, and users from all groups could authenticate. However, when I try to retrieveGroupRoles, users get the (Not granted any authorities) problem.
Here is my config for ldap:
grails.plugins.springsecurity.ldap.context.server = 'ldap://ldap.myinstitution.edu'
grails.plugins.springsecurity.ldap.authorities.ign orePartialResultException = true
grails.plugins.springsecurity.ldap.search.base = 'ou=groups,dc=myinstitution,dc=edu'
grails.plugins.springsecurity.ldap.search.searchSu btree = true
grails.plugins.springsecurity.providerNames = ['ldapAuthProvider', 'anonymousAuthenticationProvider', 'rememberMeAuthenticationProvider']
grails.plugins.springsecurity.ldap.authorities.ret rieveDatabaseRoles = false
grails.plugins.springsecurity.ldap.useRememberMe = false
grails.plugins.springsecurity.ldap.authorities.ret rieveGroupRoles = true
grails.plugins.springsecurity.ldap.authorities.gro upRoleAttribute = 'ou'
grails.plugins.springsecurity.ldap.authorities.pre fix = 'ROLE_'
grails.plugins.springsecurity.ldap.authorities.gro upSearchBase ='ou=groups,dc=myinstitution,dc=edu'
there are some groups in my ldap. My understanding was that when retrieveGroupRoles is set to true the group names will turn into a role. a.e ou=employees into ['ROLE_EMPLOYEES]
How would I fix the problem and make sure that the groups turn into roles?
Thanks in advance for any help,
Tags for this Thread