Re: [thredds] LDAP authentication drives to a non existing page

To: Remy Decoupes <remy.decoupes@xxxxxxxxxxxxxxx>
Subject: Re: [thredds] LDAP authentication drives to a non existing page
From: Sean Arms <sarms@xxxxxxxx>
Date: Tue, 30 Aug 2016 15:05:39 -0600

Greetings Remy,

Did you ever get a response to your question about LDAP? It's possible that
things changed between the version of tomcat that was used in the original
message and the version of tomcat you are using now. Have you followed
along with the LDAP / tomcat instructions for your specific version of
tomcat as found in the tomcat docs?

Cheers,

Sean


On Mon, Aug 8, 2016 at 7:54 AM, Remy Decoupes <remy.decoupes@xxxxxxxxxxxxxxx
> wrote:

> Dear TDS users,
>
> I would like to authenticate my TDS users using a LDAP server but I
> encouter a problem :
> After a successful authentication, TDS drives me to an non existing page
> as I mentioned it on the title. However, if I keep my web-browser open, I
> can go back to an existing page and then I can access to my restricted data.
>
> To set up LDAP authentication for TDS, I mainly followed instructions from
> this link :
> http://www.unidata.ucar.edu/mailing_lists/archives/
> thredds/2014/msg00122.html
> But authentication drives me to an url like [my_TDS_IP]/thredds/
> restrictedAccess/[name_of_my_ldap_group]
>
> Here are my settings :
> tomcat's server.xml :
>       <Realm className="org.apache.catalina.realm.JNDIRealm"
>                 connectionURL="ldap://my_ldap";
>                 userBase="ou=people,dc=example,dc=com"
>                 userSearch="(uid={0})"
>                 userRoleName="memberOf"
>                 roleBase="ou=groups,dc=example,dc=com"
>                 roleName="cn"
>                 roleSearch="(member={0})"
>       />
>
> TDS's catalog.xml :
>   <datasetScan name="restricted access" ID="something"
> path="Restricted-Access" location="my-path-to-data" harvest="true"
> restrictAccess="my_ldap_group">
>
> Thank you very much for any help
>
> Best regards,
> Remy
>
> _______________________________________________
> NOTE: All exchanges posted to Unidata maintained email lists are
> recorded in the Unidata inquiry tracking system and made publicly
> available through the web.  Users who post to any of the lists we
> maintain are reminded to remove any personal information that they
> do not want to be made public.
>
>
> thredds mailing list
> thredds@xxxxxxxxxxxxxxxx
> For list information or to unsubscribe,  visit:
> http://www.unidata.ucar.edu/mailing_lists/
>

Follow-Ups:
- Re: [thredds] LDAP authentication drives to a non existing page
  - From: Rémy Decoupes

References:
- [thredds] LDAP authentication drives to a non existing page
  - From: Remy Decoupes

2016 messages navigation, sorted by:
1. Thread
2. Subject
3. Author
4. Date
5. ↑ Table Of Contents
Search the thredds archives: