Hi Frederick, what ldap server do you use? Is it active directory or any other type?
How are the members stored in the group? Is it using 'member' attribute on the group object? Are the member entries the full DN of the members? Do you see errors in the logs? Regards Martin Am 17. Januar 2020 15:51:00 MEZ schrieb "Frederick Asselin (Jira)" <j...@apache.org>: > >[ >https://issues.apache.org/jira/browse/MRM-2009?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel >] > >Frederick Asselin updated MRM-2009: >----------------------------------- > Description: >We're trying to setup Archiva to use our LDAP server, but the >LDAP/Roles group mapping is not working. When LDAP users are logging >in, they don't get access to the functions they should have access to. > >The LDAP setup seems to be good, as we can use the LDAP/Roles mapping >tab to add roles to LDAP groups and we also give users access to roles >directly in the role editor page. > >So it looks like Archiva is not correctly seeing the user/group >membership from our LDAP server, even if I set up the properties for >LDAP user/group object class names, group membership and other >attributes. > >The issue also occurs when I run Archiva using the default Jetty server >running on my Windows 10 laptop connecting to the same LDAP server. > >Also, when I try to setup debug logging by modifiying the log4j2.xml >file, I still get nothing more in the different archiva log files. > > was: >We're trying to setup Archiva to use our LDAP server, but the >LDAP/Roles group mapping is not working. When LDAP users are logging >in, they don't get access to the functions they should have access to. > >The LDAP setup seems to be good, as we can use the LDAP/Roles mapping >tab to add roles to LDAP groups and we also give users access to roles >directly in the role editor page. > >So it looks like Archiva is not correctly seeing the user/group >membership from our LDAP server, even if I set up the properties for >LDAP user/group object class names, group membership and other >attributes. > >Also, when I try to setup debug logging by modifiying the log4j2.xml >file, I still get nothing more in the different archiva log files. > > >> LDAP/Roles Mapping not working >> ------------------------------ >> >> Key: MRM-2009 >> URL: https://issues.apache.org/jira/browse/MRM-2009 >> Project: Archiva >> Issue Type: Bug >> Components: redback >> Affects Versions: 2.2.4 >> Environment: war file deployed on WebSphere Liberty 19.0.0.9 >on AIX 7.1 with Security Directory Server 6.4 running on AIX 7.1 >> Reporter: Frederick Asselin >> Priority: Major >> >> We're trying to setup Archiva to use our LDAP server, but the >LDAP/Roles group mapping is not working. When LDAP users are logging >in, they don't get access to the functions they should have access to. >> The LDAP setup seems to be good, as we can use the LDAP/Roles mapping >tab to add roles to LDAP groups and we also give users access to roles >directly in the role editor page. >> So it looks like Archiva is not correctly seeing the user/group >membership from our LDAP server, even if I set up the properties for >LDAP user/group object class names, group membership and other >attributes. >> The issue also occurs when I run Archiva using the default Jetty >server running on my Windows 10 laptop connecting to the same LDAP >server. >> Also, when I try to setup debug logging by modifiying the log4j2.xml >file, I still get nothing more in the different archiva log files. > > > >-- >This message was sent by Atlassian Jira >(v8.3.4#803005) -- This message was sent from mobile phone.
