Hitachi Vantara Pentaho Community Wiki
Child pages
  • LDAP Troubleshooting

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migration of unmigrated content due to installation of a new plugin

...

Note: The search base for FilterBasedLdapUserSearch is specified via its constructor argument index 0. The search base for DefaultLdapAuthoritiesPopulator is specified via its constructor argument index 1.

Code Block
xml
xml
titleapplicationContext-spring-security-ldap.xmlxml
<bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
  <!-- omitted -->
  <property name="searchSubtree" value="false" />
</bean>

<bean id="populator" class="org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator">
  <!-- omitted -->
  <property name="searchSubtree" value="false" />
</bean>

...

You must be very careful when formatting the applicationContext-*.xml files. In particular, whitespace is not always stripped from string properties before they are used. While well-formed, the following FilterBasedLdapUserSearch example contains whitespace the will negatively impact its functioning.

Code Block
xml
xml
titleWhitespace in value (Incorrect)xml
<bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
  <!-- omitted -->
  <constructor-arg index="1">
    <value>
      <![CDATA[(&(objectClass=organizationalPerson)(sAMAccountName={0}))]]>
    </value>
  </constructor-arg>
  <!-- omitted -->
</bean>
Code Block
xml
xml
titleNo whitespace in value (Correct)xml
<bean id="userSearch" class="org.springframework.security.ldap.search.FilterBasedLdapUserSearch">
  <!-- omitted -->
  <constructor-arg index="1"><value><![CDATA[(&(objectClass=organizationalPerson)(sAMAccountName={0}))]]></value></constructor-arg>
  <!-- omitted -->
</bean>

...