Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
ldap login not working with graylog-2.0.0-3.beta.2 #2069
I've been successfully using graylog-1.3.4 with LDAP, but when I tried to set it up with this new v2 system, it doesn't work (BTW the standalone accounts work)
Steps to reproduce the problem
So according to tcpdump, there is no failed login event , but there is also no attempt to run the LDAP group filter (ours is "(&(objectClass=group)(cn=cis-graylog*))"). And logon fails
2016-04-13T03:06:09.774Z WARN [SessionsResource] Unable to log in user firstname.lastname@example.org
FWIW you can also try the most recent snapshot at http://packages.graylog2.org/_/snapshots?q=2.0.0-beta.3 to check if it's gone.
Whoops! Massive security hole!
I can now login with ANY PASSWORD. The logs show the following error, but I end up logged in. I just tried it from a browser I've never used with graylog before (no chance of cookies) and with a password of "xxx" I am logged in. So that beta3 version has a problem
2016-04-13T10:44:13.891Z ERROR [LdapUserAuthenticator] Error during LDAP user account sync. Cannot log in user email@example.com