Issue #462 resolved

Login with LDAP user fails

florian_neuhaus
created an issue

Hi!

I have problems with the LDAP-authentication. The LDAP plugin was working properly for a long time. Since version 1.33 (or 1.32, I don't remember exactly), we have the problem, that LDAP-users cannot login to the webinterface anymore. There is no error message that the password is wrong, just the login-popup reappears.

When I log in with the scmadmin user and provide the Administrator-role to an LDAP-user, the user can login again. But this workaround cannot be the solution...

I've attached the trace from a LDAP-user login (florian.neuhaus), but I see no errors. Also the "Test Connection" in the configuration works well (all green). I've cleared the browser cache and used different browsers...

Any clues?

Thank you very much, Florian

Comments (12)

  1. Sebastian Sdorra repo owner
    • changed status to open

    It looks like your LDAP has a referral to a host which is unknown by the scm-manager server. If you do not need informations from this referral in scm-manager, then you could try to set "Referral Strategy" to "IGNORE". You can find these settings at Config->General->Ldap Authentication.

  2. Sebastian Sdorra repo owner

    There is a strange line in the log:

    TRACE sonia.scm.security.AuthorizationCollector - add permission null for user xxx
    

    This should never happen. Could you try another login and check the output of a javascript console (Chorme or Firefox)? Are there any errors? Could you please post the content of conf/security.xml?

  3. Sebastian Sdorra repo owner

    Ok, the file is wrong. There has to be a permission element, which defines the permission for the group. Could you please stop scm-manager, remove the security file, start scm-manager and try to login?

  4. Sebastian Sdorra repo owner

    The question is how could you create an empty permission? I've tried to reproduce it, without success. I can create an empty permission in the ui, but it is not stored. Are you able to reproduce it?

  5. florian_neuhaus reporter

    Hm... you are right. I cannot reproduce the issue either. I guess the entry was made in an earlier version of scm-manager, as I never edited the xml manually.

    Thanks for helping me find the error! Keep up the great work!

  6. Log in to comment