Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] ldap authentication

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] ldap authentication


Chronological Thread 
  • From: "Waldbieser, Carl" <>
  • To: Niva Agmon <>
  • Cc:
  • Subject: Re: [grouper-users] ldap authentication
  • Date: Sun, 25 Jan 2015 21:26:39 -0500 (EST)


I have some basic instructions for LDAP authN I put together below. We ended
up using Apache+mod_auth_cas for Grouper authN, but I started out my
experiments with Tomcat+JDNI connector.

--------------------------------------------------
= Form Authentication and LDAP Realm =
To configure the realm for LDAP authentication, edit
$CATALINA_HOME/conf/server.xml. Add the following realm definition:

<Realm className="org.apache.catalina.realm.JNDIRealm"
connectionName="$BROWSE_DN"
connectionPassword="$BROWSE_DN_PASSWD"
connectionURL="$LDAP_URL"
userBase="$BASE_DN"
userSubtree="true"
userSearch="$LDAP_FILTER"
/>
The LDAP_FILTER above can include a {0} placeholder that represents the
username entered.

To set up form-based authentication, edit
$GROUPER_UI/webapp/WEB-INF/web.core.xml. Change the basic-authentication
stanza to a form-based stanza:

<!--
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Grouper Application</realm-name>
</login-config>
-->
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
The file login.html should be added to $GROUPER_UI/webapp/login.html. The
form must submit fields j_username and j_password to j_security_check. An
example form is included below:

<form method="POST" action="j_security_check">
<table>
<tr>
<td colspan="2">Login to the Tomcat-Demo application:</td>
</tr>
<tr>
<td>Name:</td>
<td><input type="text" name="j_username" /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="j_password"/ ></td>
</tr>
<tr>
<td colspan="2"><input type="submit" value="Go" /></td>
</tr>
</table>
</form>
--------------------------------------------------

Thanks,
Carl Waldbieser
ITS System Programmer
Lafayette College

----- Original Message -----
From: "Niva Agmon"
<>
To:

Sent: Sunday, January 25, 2015 12:45:25 PM
Subject: [grouper-users] ldap authentication

Hello,


I recently installed Grouper v2.2.1 for a proof of technology demo here at
Temple. Was able to setup sources.xml to grab users from our ldap
environment, but am still logging in to the UI as GrouperSystem and not
finding the way to allow authentication through our ldap.
How do I configure that - Do I need to update a web.xml with the
filter/mapping to connect to ldap? Which one (under what folder?)
Sorry for the newbie question!

Niva Agmon
Temple University



Archive powered by MHonArc 2.6.16.

Top of Page