1 Reply Latest reply on Feb 6, 2007 4:45 AM by David Roberts

    Portal With LDAP rquires Users in 2 places, LDAP and Portal

    Eric Gandt Newbie

      When using LDAP with JBoss Portal to authenicate users the user needs to exist in both the Portal DB (default authorization method), and also in the LDAP server. Why this is needed is my firect question and how can this be by-passed?
      The next issue is related and is that even when the admin user exists in both the LDAP and Portal DB and has group rights of admin, Authentcated in the LDAP (where Authenticated is required to login, and admin is the admin gruop in the Portal), I still can not get to the admin console interface, however I can login as admin?

      Basicly while I have modified the login-config.xml file to authenicate againist LDAP and it works, other parts of the portal seem to still be using the orginial Portal DB, how can this be resolved?


      PS: I am writing up an internal document on how to get OpenLDAP and JBoss Portal to work together and will post it once I have solved this last issue.

        • 1. Re: Portal With LDAP rquires Users in 2 places, LDAP and Por
          David Roberts Apprentice

          I am having a similair issue. Pity no one has replied to your post. Hopefully someone can help me.

          I have setup portal 2.4.1 to use LDAP authentication. However, it only authenticates with LDAP and allows access to portal. It doesn't pull in any user information. So I have to create a local user in portal. But now when I assign that local user security rights to certain pages, and then try and login with the ldap password, it authenticates against ldap, but the logged in user cannot see the pages I gave him rights to. However, If I login with the same user, but dont use my ldap password, but the local portal password I created the user with, I can then see the pages that I gave him security rights to.

          So basically it seems that if I use the local jboss password for user "bob", it uses the security rights setup for "bob". But if I use the ldap password for user "bob", it treats the login a a different user, and all security rights are missing and I cant see his pages.

          Any help please?