BasicAuthentication and LDAP Authentication

45 views
Skip to first unread message

Zuzu Xiao

unread,
Jun 22, 2016, 11:27:55 PM6/22/16
to scmmanager
Hi,

I am using scm-auth-ldap-plugin (v.1.22) and scm (v.1.46)

I have also configured LDAP Authentication (Config > General > LDAP Authentication). The "Test Connection" for both connection and authentication went successful. 

However, even after checking on the "Enabled" for LDAP Authentication, I still find the SCM Manager is going through Basic Authentication through the scm-manager.log.

Is there something additional that I need to configure to ensure that SCM Manager goes through the LDAP authentication which I have set up?

Thanks!

Daniel Huchthausen

unread,
Jun 24, 2016, 2:32:05 AM6/24/16
to scmmanager
Hi Zuzu,

SCM-Manager always goes through basic authentication, that means that a username and password are required (https://en.wikipedia.org/wiki/Basic_access_authentication).
First SCM-Manager checks there is a xml (local) user with the corresponding username. If there is none it goes through the other possible sources, e.g. the LDAP that you configured.
So you will always see an entry in your log that says something like: 

start authentication chain for user JohnDoe 
check authenticator class sonia.scm.web.security.DefaultAuthenticationHandler for user JohnDoe --> This is basic authentication
JohnDoe is not a xml user
...
check authenticator class sonia.scm.auth.ldap.LDAPAuthenticationHandler for user JohnDoe --> LDAP authentication starts here

Do you have local (xml) users in SCM-Manager that have the same username in LDAP, but a different password? In that case SCM-Manager would recognize the (local) xml user with a false password. That would result in a failed authentication and the authentication chain would stop.

Cheers,
Daniel

-------------------------------------------------------------
SCM-Manager supported by Cloudogu 


Stay tuned to the latest news by using the following links 
google+ : http://www.scm-manager.com/+ 
facebook: http://www.facebook.com/scmmanager 

Zuzu Xiao

unread,
Jun 27, 2016, 5:32:04 AM6/27/16
to scmmanager
Hi Daniel,

Thanks for the tip! I have removed the user from the local user of SCM-Manager. It is working now. 

I did need to tidy up and use the Custom Profile of the LDAP plugin which having the codes of the plugin on hand proves to be very useful in troubleshooting and understanding what the plugin was looking for.

Thanks a million. :)

Cheers.
Reply all
Reply to author
Forward
0 new messages