Details

    • Type: Bug Bug
    • Status: Open
    • Priority: Blocker Blocker
    • Resolution: Unresolved
    • Affects Version/s: 2.1.3
    • Fix Version/s: Wish List
    • Component/s: security
    • Security Level: public (Regular issues)
    • Labels:
      None

      Description

      I suggest several important improvements to the LDAP Realm, generally LDAP Realm should support the features of Tomcat's JNDIRealm (http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html#JNDIRealm)

      1. a plan should be deployable from the console

      2. LDAP Realm should allow anonymous bind (this is cause for "blocker")

      3. I guess "User Role Search String" means a user attribute the role names are taken from (same as Tomcat's userRoleName property). If this is set, all other role-related attributes should not be necessary. Generally, it should not be necessary to have role-related attributes at all, if you only want the users to log in, but have <role-name>*</role-name>

      4. if "Role User Search String" is empty, there is the wrong error message "option-roleSearchMatching must not be empty"
      There is no Role SearchMatching on the dialog

      5. On the Test Results page: if the test fails, there is only
      Login Failed: LDAP Error
      There should also be the error message and even stacktrace (right now it's in the server log)

        Issue Links

          Activity

          Hide
          David Jencks added a comment -

          great feature, need a patch or some time.

          Show
          David Jencks added a comment - great feature, need a patch or some time.
          Hide
          David Jencks added a comment -

          Any chance you could supply a patch, at least for the login module? Working on this would be 10X easier for someone who already has ldap set up.

          Show
          David Jencks added a comment - Any chance you could supply a patch, at least for the login module? Working on this would be 10X easier for someone who already has ldap set up.

            People

            • Assignee:
              Unassigned
              Reporter:
              Jürgen Weber
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:

                Development