Warning: Can't synchronize with repository "(default)" (/home/git/ome.git does not appear to be a Git repository.). Look in the Trac log for more information.
- Timestamp:
-
01/07/14 10:26:55 (10 years ago)
- Author:
-
atarkowska
- Comment:
-
Legend:
- Unmodified
- Added
- Removed
- Modified
-
initial
|
v1
|
|
1 | 1 | While setting up LDAP authentication limiting users to members of only one group it turned out that group filter is not taken to the account at all. |
2 | 2 | |
| 3 | |
| 4 | {{{ |
3 | 5 | omero.ldap.urls=ldap://ldap.lifesci.dundee.ac.uk:389 |
4 | 6 | omero.ldap.base=ou=lifesci,o=dundee |
… |
… |
|
6 | 8 | omero.ldap.new_user_group=MY GROUP |
7 | 9 | omero.ldap.user_filter=(objectClass=inetorgperson) |
| 10 | }}} |
8 | 11 | |
9 | 12 | Setting group filter to the following still let everyone log in: |
| 13 | |
| 14 | |
| 15 | {{{ |
10 | 16 | omero.ldap.group_filter=(objectClass=groupOfNames) |
11 | 17 | |
12 | 18 | omero.ldap.group_filter=(&(objectClass=groupOfUniqueNames)(cn=omero-cls-gallery,ou=groups,ou=lifesci,o=dundee)) |
| 19 | }}} |
13 | 20 | |
14 | 21 | LSC ldap has no group mapping in user entry thats why we are unable to filter that directly. But as tested 2 years ago [https://trac.openmicroscopy.org.uk/ome/ticket/6248#comment:11] ticket 6248] I am sure it was possible and working well. |
1.3.13-PRO © 2008-2011
Agilo Software all
rights reserved
(this page was served in: 0.12806 sec.)