Closed pandaadb closed 7 years ago
chrisgray
commented
7 years ago Hi Artur,
I just merged in a PR that someone created a while back. They're intent was to allow for full userDN searching when using groups types of groupOfNames instead of posixGroups. You can enable this by doing:
You can set groupClassName to groupOfNames and the groupMembershipAttribute to member to search for group membership using the full userDN.
This will be available in version 1.0.1 of the library
chrisgray
commented
7 years ago I had a small typo in the 1.0.1 release, please use 1.0.2. Let me know if this fixes your issue!
pandaadb
commented
7 years ago Hi Chris,
thanks for acting so quickly. I tried out the change just now and it looks good. I am getting my groups now, thanks!
Sadly, I am only on V 1.0.0 of DW, so I currently can't use the fix. I am using dw-guicey in addition to DW, and guicey has not yet upgraded to 1.0.2. Once that is done (the guy is really quick as well :)) i'll be sure to include this.
Thanks,
Artur
chrisgray
commented
7 years ago That's great news Artur! Even though you are still on dropwizard 1.0.2 you should be still able to use this fix as it only leverages at most what is available in dropwizard 1.0.0. There is nothing that is only available in 1.0.2 that it depends on.
I'll close out this issue now.
Hi,
I am not sure if this is my issue or if this is a bug. I can authenticate my user correctly by using:
user/password.
This is because in authenticat you create the username like:
final String userDN = String.format("%s=%s,%s", configuration.getUserNameAttribute(), sanitizedUsername, configuration.getUserFilter());However, in
authenticateAndReturnPermittedGroupsthis code does not apply, so it actually adds the username (not the entire usernameAttributes) at which point no groups are returned and therefore authentication fails.Thanks,
Artur