Subject: Grouper Users - Open Discussion List
- From: Jeffrey Crawford <>
- To: "Hyzer, Chris" <>
- Cc: Scott Koranda <>, Gouper Users List <>
- Subject: Re: [grouper-users] Setting Web Services
- Date: Wed, 4 May 2016 10:03:22 -0700
Username cant contain a colon in basic auth:
From: [mailto:] On Behalf Of Jeffrey Crawford
Sent: Tuesday, May 03, 2016 7:44 PM
To: Scott Koranda <>
Cc: Gouper Users List <>
Subject: Re: [grouper-users] Setting Web Services
I did do that and I just got it working, basically it was a combination of needing to add -XX:MaxPermSize=150m to the tomcat java line to prevent out of memory errors. Understanding the relationship between Apache REMOTE_USER and grouper-ws.properties. (Hint there is none). and adding a new ldap source entry in sources.xml so that the system understands where the web service accounts are.
I was hoping to use a Grouper local entity be the account base for service accounts but I couldn't figure out how to make it match what was in REMOTE_USER. If I added an ldap account like ucsc:service-accts:svc1 the apache mod_authz_ldap sets REMOTE_USER to "ucsc" only, for some reason it's cutting off at the first ":". I'll have to figure out why another day.
Both pilots and IT professionals require training and currency before charging into clouds!
On Tue, May 3, 2016 at 3:42 PM, Scott Koranda <> wrote:
> I'm having a hard time trying to get external auth working for Grouper Web
> Services. I have Apache set up to perform Basic Auth against our LDAP server.
> The configuration seem to be working since I can see the authenticated user in
> the logs. However it looks like all the requests are getting a 500 error and I
> get the message "SEVERE: Web service did not even respond!" from the grouper
Did you review web.xml and in particular the
<security-constraint>, <login-config>, and <security-role>
You probably want to just remove them.
Note that in the web.xml deployed by default for WS there
is a <security-constraint> element that is already commented
out as part of an optional ESB listener servlet. Be careful if
you delete it because the closing element
</security-constraint> is on a line that contains the "close
comment" XML syntax "-->".
- [grouper-users] Setting Web Services, Jeffrey Crawford, 05/03/2016
- Re: [grouper-users] Setting Web Services, Scott Koranda, 05/03/2016
- RE: [grouper-users] Setting Web Services, Hyzer, Chris, 05/04/2016
Archive powered by MHonArc 2.6.16.