Indeed in the PG case, you have a real PG user in the database so you can assign users like you want. GeoServer does not have this user store.
If you already have an experience on Keycloak, it's definitely a good candidate for your case: you manage groups and users in Keycloak and delegate authentication to AD. Alexandre Le jeu. 14 avr. 2022 à 18:17, Tom Chadwin <tomchad...@astuntechnology.com> a écrit : > Hi Alexandre > > I thought that was the case. I'm looking at the same pattern in > Postgres, in which it is possible. This is because Postgres requires > you to create Postgres users with the same username as your AD/LDAP > ones. You can therefore assign group membership purely within > Postgres. We've used Keycloak for another project, so it's an option > we can consider. > > Thanks again > > Tom > > > On Thu, 14 Apr 2022 at 17:14, Alexandre Gacon <alexandre.ga...@gmail.com> > wrote: > > > > I just played with LDAP/AD integration this week and I don't think it's > a possible pattern: when authenticated through LDAP/AD users are not > defined in the GeoServer UI so you cannot associate them to existing groups. > > > > A workaround could be to use SAML authentication with Keycloak and to > manage the groups inside keycloak, if you cannot manage groups in AD. > > > > Alexandre > > > > Le jeu. 14 avr. 2022 à 18:07, Tom Chadwin < > tomchad...@astuntechnology.com> a écrit : > >> > >> Hello > >> > >> We've got a test setup of Geoserver authenticating users against LDAP > >> (Active Directory). I can see various methods of using LDAP/AD group > >> membership to apply permissions to Geoserver layers etc. > >> > >> However, is there a way in which I can group LDAP users in Geoserver > >> itself, without having to use the Active directory groups? > >> > >> Thanks > >> > >> Tom > >> > >> -- > >> -- > >> Sign up to our mailing list for updates on news, products, conferences, > >> events and training > >> > >> Astun Technology Ltd, t:+44 1372 744 009 contact us > >> online <https://www.astuntechnology.com/contact-us/> > >> web: > >> astuntechnology.com <https://www.astuntechnology.com/> > twitter:@astuntech > >> <https://twitter.com/astuntech> > >> > >> > >> iShare - enterprise geographic > >> intelligence platform > >> <https://www.astuntechnology.com/cloud-products/ishare/> > >> > >> GeoServer, > >> PostGIS and QGIS training <https://www.astuntechnology.com/training/> > >> Support <https://www.astuntechnology.com/support/> > >> > >> > >> > >> Company registration > >> no. 5410695. Registered in England and Wales. Registered office: 120 > Manor > >> Green Road, Epsom, Surrey, KT19 8LN VAT no. 864201149. > >> > >> > >> > >> _______________________________________________ > >> Geoserver-users mailing list > >> > >> Please make sure you read the following two resources before posting to > this list: > >> - Earning your support instead of buying it, but Ian Turton: > http://www.ianturton.com/talks/foss4g.html#/ > >> - The GeoServer user list posting guidelines: > http://geoserver.org/comm/userlist-guidelines.html > >> > >> If you want to request a feature or an improvement, also see this: > https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer > >> > >> > >> Geoserver-users@lists.sourceforge.net > >> https://lists.sourceforge.net/lists/listinfo/geoserver-users > > > > > > > > -- > > Alexandre Gacon > > -- > -- > Sign up to our mailing list for updates on news, products, conferences, > events and training > > Astun Technology Ltd, t:+44 1372 744 009 contact us > online <https://www.astuntechnology.com/contact-us/> > web: > astuntechnology.com <https://www.astuntechnology.com/> twitter:@astuntech > <https://twitter.com/astuntech> > > > iShare - enterprise geographic > intelligence platform > <https://www.astuntechnology.com/cloud-products/ishare/> > > GeoServer, > PostGIS and QGIS training <https://www.astuntechnology.com/training/> > Support <https://www.astuntechnology.com/support/> > > > > Company registration > no. 5410695. Registered in England and Wales. Registered office: 120 Manor > Green Road, Epsom, Surrey, KT19 8LN VAT no. 864201149. > > -- Alexandre Gacon
_______________________________________________ Geoserver-users mailing list Please make sure you read the following two resources before posting to this list: - Earning your support instead of buying it, but Ian Turton: http://www.ianturton.com/talks/foss4g.html#/ - The GeoServer user list posting guidelines: http://geoserver.org/comm/userlist-guidelines.html If you want to request a feature or an improvement, also see this: https://github.com/geoserver/geoserver/wiki/Successfully-requesting-and-integrating-new-features-and-improvements-in-GeoServer Geoserver-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-users
