I've got my matterhorn server configured with CAS and LDAP. CAS authentication
works fine....LDAP seems to be the issue.
This is configured...
org.opencastproject.userdirectory.ldap.roleattributes.1=objectClass
One of my objectClasses is "employee" so I'm assuming I can use ROLE_EMPLOYEE
in security/mh_defualt_org.xml like this...
<!-- Secure the management URLs for admins only -->
<sec:intercept-url pattern='/services/*' access='ROLE_ADMIN, ROLE_EMPLOYEE'
/>
<sec:intercept-url pattern='/system/**' access='ROLE_ADMIN, ROLE_EMPLOYEE'
/>
But when I login to matterhorn I'm not allowed to view those pages. I get an
"Access is denied" error.
I see in my LDAP logs that the bind is coming through, searching for the
correct user, and returning attributes.... I don't know though what matterhorn
is doing once it gets that query back, or why it's telling me "Access is
denied" when my user account has objectClass=employee in LDAP. I can't even
get to the /info/me.json page.
Matt
_______________________________________________
Matterhorn-users mailing list
[email protected]
http://lists.opencastproject.org/mailman/listinfo/matterhorn-users
