LDAP auth broken in 5.4 release ? #5861
Comments
rmylb
changed the title
|
The problem seems to be old variables (5.3.11) aren't compatible with the new LDAP implementation in 5.4. Variables need to be adjusted according to this file : https://github.com/axelor/axelor-open-platform/blob/master/axelor-core/src/main/java/com/axelor/app/AvailableAppSettings.java String AUTH_LDAP_SERVER_URL = "auth.ldap.server.url";
String AUTH_LDAP_USER_BASE = "auth.ldap.user.base";
String AUTH_LDAP_USER_FILTER = "auth.ldap.user.filter";
String AUTH_LDAP_USER_ID_ATTRIBUTE = "auth.ldap.user.id.attribute";
String AUTH_LDAP_GROUP_BASE = "auth.ldap.group.base";
String AUTH_LDAP_GROUP_FILTER = "auth.ldap.group.filter";
String AUTH_LDAP_SYSTEM_USER = "auth.ldap.system.user";
String AUTH_LDAP_SYSTEM_PASSWORD = "auth.ldap.system.password";
String AUTH_LDAP_AUTH_TYPE = "auth.ldap.auth.type";
String AUTH_LDAP_USE_SSL = "auth.ldap.use.ssl";
String AUTH_LDAP_USE_STARTTLS = "auth.ldap.use.starttls";
String AUTH_LDAP_CREDENTIAL_TRUST_STORE = "auth.ldap.credential.trust.store";
String AUTH_LDAP_CREDENTIAL_KEY_STORE = "auth.ldap.credential.key.store";
String AUTH_LDAP_CREDENTIAL_STORE_PASSWORD = "auth.ldap.credential.store.password";
String AUTH_LDAP_CREDENTIAL_STORE_TYPE = "auth.ldap.credential.store.type";
String AUTH_LDAP_CREDENTIAL_STORE_ALIASES = "auth.ldap.credential.store.aliases";
String AUTH_LDAP_CREDENTIAL_TRUST_CERTIFICATES = "auth.ldap.credential.trust.certificates";
String AUTH_LDAP_CREDENTIAL_AUTHENTICATION_CERTIFICATE = "auth.ldap.credential.authentication.certificate";
String AUTH_LDAP_CREDENTIAL_AUTHENTICATION_KEY = "auth.ldap.credential.authentication.key";
String AUTH_LDAP_CONNECT_TIMEOUT = "auth.ldap.connect.timeout";
String AUTH_LDAP_RESPONSE_TIMEOUT = "auth.ldap.response.timeout";Waiting for docs update, you can check this file to understand variables : https://github.com/axelor/axelor-open-platform/blob/master/axelor-core/src/main/java/com/axelor/auth/pac4j/AxelorLdapProfileService.java A minimal working example (without any guaranties, but working for me) in Please, describe the behavior of the new LDAP implementation and the linked variables, thanks! |
|
New LDAP implementation was introduced in v5.3.0 and hasn't changed further as for v5.4.1: axelor/axelor-open-platform@589b008 As for the documentation with the new LDAP: https://docs.axelor.com/adk/5.4/dev-guide/modules/security.html#ldap |
|
I've just realized you might have been talking about Open Suite versions. In the comment above, I'm talking about Open Platform versions. |
|
Thanks for your reply. |
|
Axelor Open Platform is an ERP framework, while Axelor Open Suite is a baseline ERP application based on the Axelor Open Platform framework. For a demo ERP based on Axelor Open Platform without using Axelor Open Suite, you can have a look at Open Platform Demo. |
Hi,
First at all, very good job !
I'm trying to switch from 5.3.11 to 5.4.0. With 5.3.11, everything works fine but it seems LDAP authentification does'nt work in the 5.4.0 release.
I deploy the .WAR archive and juste replace database and LDAP parameters. Only the local account
adminworks.If I try to auth a LDAP account (example :
test.user, I get :2020-09-18 19:07:12.367 ERROR 12618 --- [nio-8080-exec-2] .p.AuthPac4jModuleLocal$AxelorFormClient : Password authentication failed for user: test.userThanks,
The text was updated successfully, but these errors were encountered: