I am facing some hurdle with activeDirectoryRealm.groupRolesMapthe following is
the content of my shiro.ini...activeDirectoryRealm.groupRolesMap =
"CN=Zeppelin-Admin,OU=Zeppelin,OU=Applications,OU=Groups,DC=directory,DC=[domain_here],DC=com":"admin","CN=ZeppelinZepZeppelinpelin-Devs,OU=Zepplin,OU=Applications,OU=Groups,DC=directory,DC=[domain_here],DC=com":"developer","CN=Zeppelin-Analyst,OU=Zeppelin,OU=Applications,OU=Groups,DC=directory,DC=DC=[domain_here],DC=com":"datascientist"
activeDirectoryRealm.authorizationCachingEnabled =
falseactiveDirectoryRealm.principalSuffix = @directory.mydomain.com...
[roles]
admin = *
datascientist = *developer = *
[urls]uncomment the below urls that you want to hide./api/version = anon
/api/interpreter/** = authc, roles[admin]/** = authc
My AD account is member of
"CN=Zeppelin-Admin,OU=Zeppelin,OU=Applications,OU=Groups,DC=directory,DC=[domain_here],DC=com",
but when I login, I saw followings in the log:
WARN [2017-07-26 00:14:10,981] (
{qtp1287712235-15} LoginRestApi.java[postLogin]:119) -
{"status":"OK","message":"","body":{"principal":"richard.xin","ticket":"b681cbbb-8a10-40c8-9ba8-c46ee59efd42","roles":"[]"}}
please note roles node is empty, I was expecting "admin" in the role list, does
anyone have similar issue? is my config activeDirectoryRealm.groupRolesMap
correct?
Thanks,Richard Xin
