Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
1.3.5
-
opensuse 11.4 (x86_64), sun jvm 1.6.0_22
Description
Redback (i guess) security system replace in a wrong way the key user id in ldap.config.mapper.attribute.user.filter property.
Using ldap.config.mapper.attribute.user.filter=ismemberof=cn=apps.archiva,ou=group,dc=example,dc=com
Cases ldap query be like this:
(&(objectClass=<SOME_STRUCTURAL_OC>)(ismemberof=cn=apps.archiva(uid=admin))
The correct query, IMO, should be like this:
(&(objectClass=<SOME_STRUCTURAL_OC>)(ismemberof=cn=apps.archiva,ou=group,dc=example,dc=com)(uid=admin))',
as I specified before.
<SOME_STRUCTURA_OC> may be something like this: (objectClass=posixAccount), assembled using ldap.config.mapper.attribute.user.object.class property.
To solve (workarounding) the problem I had to hardcode all my ldap user mapping settings, in application.xml, like this:
<component>
<role>org.codehaus.plexus.redback.common.ldap.UserMapper</role>
<role-hint>ldap</role-hint>
<implementation>org.codehaus.plexus.redback.common.ldap.LdapUserMapper</implementation>
<configuration>
<email-attribute>email</email-attribute>
<full-name-attribute>cn</full-name-attribute>
<password-attribute>userPassword</password-attribute>
<user-id-attribute>uid</user-id-attribute>
<user-base-dn>ou=people,dc=ampliato,dc=com,dc=br</user-base-dn>
<user-object-class>posixAccount</user-object-class>
<user-filter>(ismemberof=cn=apps.archiva,ou=group,dc=ampliato,dc=com,dc=br)</user-filter>
</configuration>
<requirements>
<requirement>
<role>org.codehaus.plexus.redback.configuration.UserConfiguration</role>
</requirement>
</requirements>
</component>
Thats another related link around the same problem:
http://jira.codehaus.org/browse/REDBACK-168
Solved, but It just doesn't fix the problem.