Comments (3)
Does your LDAP server have any logs you can check to see if it's attempting to authenticate? Your configuration looks fine to me. Unfortunately, Spring's LDAP framework is notoriously hard to debug, as the actual authentication is all handled inside the library and it logs very little information regardless of whether it succeeds or fails...
I suspect that it is trying to connect to your LDAP server but either failing to authenticate as the BINDDN or it is authenticating but failing to find a user that matches the given user name; then it tries to look up the user in its internal users table, which only has the admin user in it, and it prints out that exception when it fails.
The first thing I would do is check to make sure that you can connect to your LDAP server from the machine that is running the BagDB and test that your search criteria are correct. If you are trying to log in as test_user
, then install the ldap-utils
package and try running ldapsearch
with these parameters, based on what you provided in your example config:
ldapsearch -D 'cn=binddn,dc=example,dc=com' -w '${LDAP_BIND_PASSWORD}' -h ldap.example.com:389 -b 'cn=user,dc=example,dc=com' uid=test_user
If it works, you'll see the LDAP entry for that user; otherwise, it will probably print ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
.
For reference, if you want to experiment with the source code, the configuration is all handled inside the com.github.swrirobotics.config.SecurityConfig
class; it gets all of the configuration values and uses them to create an instance of Spring's BindAuthenticator
, which handles all of the actual communication with the LDAP server.
from bag-database.
I tested the server accessibility with ldapsearch before and it worked fine. But based on your suggestion, I further tried some traffic analysis and the BagDB really unsuccessfully tries to authenticate with the ldap server and fails only after the fallback to the local user table. So there is something wrong with the settings I'm using.. I have no idea what, given that it works in other applications, but the problem seems to be elsewhere, so I'm closing this. Thank you for your time!
from bag-database.
Ok, no problem. Let me know if you have any other issues!
from bag-database.
Related Issues (20)
- Add filesystem storage option for periodic checks
- Video Streaming framerate infinity HOT 2
- Is bag database or one of its dependencies affected by log4j vulnerability? HOT 3
- ROS2 HOT 1
- scanning very slow HOT 18
- getting error 401 when uploading HOT 3
- LDAP authentication only looks for user by email
- easier upload of bags with metadata HOT 4
- bag-database not reading from AWS S3 HOT 7
- issues when updating tags
- Spring4Shell vulnerability HOT 1
- [Feature request] metadata and add tagging via topics HOT 2
- Working on extending the db - need help with Sencha HOT 5
- when open with webviz, sometimes the bag during severe reduction HOT 1
- uploaded bags are not shown
- [Feature Request] Parse bags from archives (zip/tar) HOT 1
- Bad File Permissions Make Scanning Slow
- Can't upload bagfiles to s3
- Unauthorized error using docker compose HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bag-database.