All,
I've been able to get the service management up and running with an
ldap-based service registry and would like to now switch the user
authorization over from the hardwired user IDs in the
user-details.properties file to pulling the admin list from an LDAP
group. I am following the example in the docs, and am trying to build
using the spring-security-ldap dependency with version 3.2 (I have tried
several versions from 3.2.0 to the latest 3.2.5). I can't get the
package to build as Maven can't seem to find the .pom file for any of
the versions in Maven central.
I am only using the single repository:
<repositories>
<repository>
<id>maven-central</id>
<url>http://repo1.maven.org/maven2</url>
</repository>
</repositories>
and the error I keep seeing with every version I've tried is:
[INFO] Scanning for projects...
[INFO]
[INFO] Using the builder
org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder
with a thread count of 1
[INFO]
[INFO]
------------------------------------------------------------------------
[INFO] Building cas-management 0.1-DEVELOPMENT
[INFO]
------------------------------------------------------------------------
Downloading:
http://repo1.maven.org/maven2/org/springframework/security/spring-security-ldap/3.2.5/spring-security-ldap-3.2.5.pom
Downloading:
http://repo.maven.apache.org/maven2/org/springframework/security/spring-security-ldap/3.2.5/spring-security-ldap-3.2.5.pom
[WARNING] The POM for
org.springframework.security:spring-security-ldap:jar:3.2.5 is missing,
no dependency information available
Downloading:
http://repo1.maven.org/maven2/org/springframework/security/spring-security-ldap/3.2.5/spring-security-ldap-3.2.5.jar
Downloading:
http://repo.maven.apache.org/maven2/org/springframework/security/spring-security-ldap/3.2.5/spring-security-ldap-3.2.5.jar
[INFO]
------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO]
------------------------------------------------------------------------
[INFO] Total time: 1.370 s
[INFO] Finished at: 2014-09-04T12:32:55-05:00
[INFO] Final Memory: 9M/105M
[INFO]
------------------------------------------------------------------------
[ERROR] Failed to execute goal on project cas-management: Could not
resolve dependencies for project
edu.case.cas:cas-management:war:0.1-DEVELOPMENT: Could not find artifact
org.springframework.security:spring-security-ldap:jar:3.2.5 in
maven-central (http://repo1.maven.org/maven2) -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the
-e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions,
please read the following articles:
[ERROR] [Help 1]
http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException
can anyone point me in the correct direction as far as what additional
repositories I may need to query for the Spring Security LDAP stuff?
Secondly, assuming I can get the package to build now, the docs say to
add the spring security stuff like so:
|<sec:ldap-server id="ldapServer" url="ldap://myserver:13060/";
manager-dn="cn=adminusername,cn=Users,dc=london-scottish,dc=com"
manager-password="mypassword" />
<sec:ldap-user-service id="userDetailsService" server-ref="ldapServer"
group-search-base="cn=Groups,dc=mycompany,dc=com"
group-role-attribute="cn"
group-search-filter="(uniquemember={0})"
user-search-base="cn=Users,dc=mycompany,dc=com"
user-search-filter="(uid={0})"/> |
Everything here makes sense to me except the line that reads:
|group-search-base="cn=Groups,dc=mycompany,dc=com"
group-role-attribute="cn"|
I understand the base DN (group-search-base), but what is the purpose of
the group-role-attribute setting? Are you supposed to have two groups
in the base DN, one defined as cn=USER and one defined as cn=ADMIN or
cn=ROLE_USER and cn=ROLE_ADMIN? Assuming that the code is internally
trying to build the group names that would make sense for building the
group DNs to search, but there is nothing in the docs to describe this.
Dave
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
