archiva-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Polte, Oliver" <>
Subject Issues in LDAP Role Mapping & Filter
Date Tue, 19 Aug 2014 10:11:13 GMT

I am having 2 Issues with Archiva 2.1.0 Standalone and LDAP Authentification.

After adding <filter> in the Archiva.xml, the property ldap.config.mapper.attribute.user.filter
will show up in the Redback Runtime Configuration
I can then add an ldap filter to the properties -> save -> Web Interface will show "LDAP
Role-Group mapping updated" and the filter works!

The Archiva.xml is modified by the Web Interface, adding a <filter> tag for every comma
separated Part.


On Restart of the Service, the Configuration XML is modified and only 1 <filter> tag


Users are no longer seen and unable to login.

Group-Role Mapping fails in Active Directory with comma separated Objects.

Users in AD created with a comma -> "Smith, John" are not mapped to their Roles in Redback.

AD will create a Backslash in front of the comma for the Object Name, but not in the cn attribute.

Object name in ldap is "Smith\, John"
distinguishedName "cn=Smith\, John,ou=department,dc=domain,dc=com"

The cn attribute inside the object is "Smith, John"
The member attribute in a group will show the distinguishedName

When the comma is removed from the object name, mapping immediately works.
(AD will not show the backslash, Softerra LDAP Browser was used to see them)

Mit besten Grüßen
Oliver Polte | Systemtechnik

IVI Informationsverarbeitungs GmbH
Itzehoer Platz, 25524 Itzehoe
Telefon: +49 4821 8040-428

IVI Informationsverarbeitungs GmbH
Itzehoer Platz, 25524 Itzehoe
Geschäftsführer: Uwe Müller, Stefan Schwalbach
Sitz: Itzehoe, Registergericht: Amtsgericht Pinneberg
HRB 2073 IZ, USt.-ID-Nr. DE 134 777 598

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message