Skip to Content.
Sympa Menu

grouper-users - RE: [grouper-users] Grouper WS ldap authentication

Subject: Grouper Users - Open Discussion List

List archive

RE: [grouper-users] Grouper WS ldap authentication

Chronological Thread 
  • From: "Hyzer, Chris" <>
  • To: Stephen A Sazama <>, Nathan Baihly <>
  • Cc: "" <>
  • Subject: RE: [grouper-users] Grouper WS ldap authentication
  • Date: Fri, 28 Apr 2017 17:45:58 +0000
  • Accept-language: en-US
  • Authentication-results:; dkim=none (message not signed) header.d=none;; dmarc=none action=none;
  • Ironport-phdr: 9a23:DBtx6x/xW3Qje/9uRHKM819IXTAuvvDOBiVQ1KB22uIcTK2v8tzYMVDF4r011RmSDNudt6IP0rOJ+4nbGkU4qa6bt34DdJEeHzQksu4x2zIaPcieFEfgJ+TrZSFpVO5LVVti4m3peRMNQJW2aFLduGC94iAPERvjKwV1Ov71GonPhMiryuy+4ZPebgFJiTanbr5/Lxq6oRjMusQUnIBvNrs/xhzVr3VSZu9Y33loJVWdnxb94se/4ptu+DlOtvwi6sBNT7z0c7w3QrJEAjsmNXs15NDwuhnYUQSP/HocXX4InRdOHgPI8Qv1Xpb1siv9q+p9xCyXNtD4QLwoRTiv6bpgRQT2gykbKTE27GDXitRxjK1FphKhuwd/yJPQbI2MKfZyYr/RcdYcSGFcXMheSjZBD5u8YYUREuQBIehWoYrzp1QMrBuxGQajCfj1xTNUmnP7x7E23/gjHAzAwQcuH8gOsHPRrNjtOqscU+C0zajWwjXZd/9dxCnw6IjSchAguvGAU697fM3UyUYzFwPEjlSRppL/Pz6O1+QNqHSU4/B9VeK3lWEnrQdxriKxycgxl4nEn4QYwU3K+yV+xYY6P9y4SEhjbN6lFptQqz+VN5FwQsw8X2Fkpjw2xaMbtp6mZCQKx44nxxnCa/yfbYeI+AjvVeiKITtggHJlf72/hxms/ki60OHzSNS70EtMoyFYkdfMrmgA2wLO5sWGUPdw8Fmt1SyS2w3Q9u1IO0A5mKTDJ5I8zLM8ioAfvEDeEiPshkn6kaubel859uWq6unqZKjtqIWGOI9ukA7+N7wjmsyhDuQ8NQgDR3CV9Pi72rH/80D1WahHgf8onqXAt5DVPtoUqrS+Aw9IzoYs8BG/Dyqg0NsFh3UHNEhFeBWbj4f3J17OPPH4DfC5g1i2lzdr2uzGPrnmApXKLXjPiqvufbF460JEyQozy85Q545MB70fPf7+W1X9udLGAhMjLgC5wPrrBM99244QQW6PB7WWMKLWsV+G/OIvJOyMaZcQuDnhK/gk5//vgmEjmVIGfKmpxocYZGqlHvR+PUqZZ3zsjs0fHmgXowoyVPbqh0GaUT5Pe3ayWLox5j4hCIKhEIfDXp6igKaY0CemBZ1ZeHpGCkuXHHfsdoWEQOsMaDmMLsN7kzwEU6ShRJE71RGoqgD616RrIvDK9SIFqJKwnORystbPmAky+Do8Joym2nOESmg8yngTTi0/2alXvElxjFqPzP48y9pRCdxa4btjWwY6MY+Um+pxAdnzWgbQVtiMQVeiBN6hBGdiYMg2xopEQ1dvFs/mxjvDxSuxSfdBkreLFY456IrdxHO3Ot5wzXCA2aU82Qp1CvBTPHGr0/YsvzPYAJTExgDAz/6n
  • Spamdiagnosticmetadata: NSPM
  • Spamdiagnosticoutput: 1:99



Sorry you are having issues here.  Lets get this working.


Yes, it needs to be in  You will need the there too.


All LDAP connection configs are in one place which is in that file.


Please set the log4j setting mentioned on the wiki and look in the logs and see whats going on. = DEBUG


Also make sure any web.xml security settings toward bottom are removed.


Also make sure you aren’t expecting to be prompted for authn, and that you pre-emptively send that header in the WS call.








From: Stephen A Sazama [mailto:]
Sent: Thursday, April 27, 2017 12:12 PM
To: Nathan Baihly <>
Cc: Hyzer, Chris <>;
Subject: Re: [grouper-users] Grouper WS ldap authentication


Hi Chris,


We do have basic auth working in our deployed grouper environments (the local issue might be something with the Maven tomcat plugin). We mainly thought it was strange that the grouper-ws LDAP authn documentation suggested editing since grouper-ws isn't interacting with the loader in any way. Does grouper-ws read to get the LDAP host url?


When we tried making the change to LDAP with our basic HTTP authn in our development environment, it just said invalid login and didn't give any of the expected debug log messages. We may need to tweak our log4j setup some more to pick it up.





On Wed, Apr 26, 2017 at 11:23 AM, Nathan Baihly <> wrote:

I didn't try getting that to work because I was focused on getting LDAP basic working. I tried to get it working by going off of the Grouper WS Authentication page. I tried putting the tomcat-users.xml file in my tomcat conf dir, and it doesn't seem like I can log in as any of the users listed or ones I created. 

For the LDAP basic authentication I followed the Grouper WS Authentication page and made the changes to, I created a file based off of what was in that page, adding in the information for our ldap. 


my run config for grouper-ws is: clean tomcat7:run-war -Dgrouper.home=C:/Users/nbaihly/umd-grouper -Dedu.umd.tomcat.confdir=C:/Users/nbaihly/umd-grouper/conf 


On Wed, Apr 12, 2017 at 10:18 AM, Hyzer, Chris <> wrote:

Can you get basic auth without ldap working (user/pass).


Can you list your steps that you did in detail and let us know what exactly isn’t work or what error messages you get.





From: [mailto:] On Behalf Of Nathan Baihly
Sent: Monday, April 10, 2017 1:16 PM
Subject: [grouper-users] Grouper WS ldap authentication




I'm running Grouper 2.2.2 and I am trying to setup HTTP basic authentication with ldap following the instructions here:


I haven't had any success, and it doesn't seem like Grouper WS is using the file that is mentioned there. I was wondering if the documentation on this page is accurate for Grouper 2.2 or not. Also are there specific run parameters that I might be missing? I am trying this for my run config: clean tomcat7:run-war -Dgrouper.home=C:/Users/nbaihly/umd-grouper -Dedu.umd.tomcat.confdir=C:/Users/nbaihly/umd-grouper/conf 




Nathan Baihly
(240) 818-5250


Archive powered by MHonArc 2.6.19.

Top of Page