search

Esri / geoportal-server-catalog

Esri Geoportal Server is a next generation open-source metadata catalog and editor, based on elasticsearch.
https://www.esri.com/en-us/arcgis/products/geoportal-server/overview
Apache License 2.0
96 stars 61 forks source link

Active Directory Security configuration #7

Closed mgg-eagle closed 5 years ago

mgg-eagle commented 8 years ago

Hi,

Can you please advise if it possible to configure this version of Geoportal with Windows Active Directory, and if so what are the required changes to make. If this could be added to the wiki that would be helpful.

Thanks,

Marc

MapZombie commented 8 years ago

This would be very helpful. As the previous version of Geoportal had a very useful wiki https://github.com/Esri/geoportal-server/wiki/Connecting-to-a-User-Directory#ldapAdapter_section_configuration_for_Windows_Active_Directory could something like this be added or atleast a document that details steps on upgrading from the 1.2.x line. Thanks.

vladymir30 commented 7 years ago

Hi,

I was starting a metadata project with this new version of Geoportal 2.0.1 and I have some question about the way to connect with my LDAP:

  1. I just install ElasticSearch 2.4, tomcat and geoportal.war (I assumed this new version doesn't need all things configured in v1.2.7 as SQL Server, JDBC, lucene, and gpt.xml because those features are not included in the installer.) so can I say this is a Band New way to deploy and configure Geoportal right?
  2. I found some problems connecting with my LDAP, MapZombie share the link to the LDAP Configuration in version 1.2.7 but is focused in explain concepts and configure the gpt.xml (that is not present in v2.01).

So i just used the 2.0.1 installation guide, In conf/app-security Just activate then in authentication-ldap.xml I Just update the the parameters to use my users in my LDAP and restarted tomcat, when I try to log with the admin user this is the response "Error" ---->

2016-11-12 06:09:49,189 INFO [org.springframework.security.oauth2.provider.endpo int.TokenEndpoint] - Handling error: InvalidGrantException, Bad credentials

This is my configuration>

image

/* In my Active directory */

image

SecurityPrincipal: gpt CatalogAdminDN: gptadmin GeoportalRoles: GPT_ADMINISTRATORS(members: gptadmin)

/The error/

image

2016-11-12 06:09:49,189 INFO [org.springframework.security.oauth2.provider.endpo int.TokenEndpoint] - Handling error: InvalidGrantException, Bad credentials

Any idea??? I think theres something more i need to configure... :(

Best regards,

Vladymir

zguo commented 7 years ago

Yes it should work with Active directory, we just created a wiki (https://github.com/Esri/geoportal-server-catalog/wiki/Security-configuration-LDAP) for configuring geoportal to use LDAP, add some example for Active directory. In the above screenshot, looks like the user-search-filter and group-search-filter need to be updated.

DamienB-ESRI commented 3 years ago

@Vladymir - were you able to configure active directory with Geoportal 2.6.x in the end, I have encountered the exact same issue as you, strugging with configuration and the recommendation in the documentations as suggest above.