LDAP 1.3.0 vs LDAP 1.1.0
34 views
Skip to first unread message
Jose Villamizar
Jun 12, 2026, 4:33:18 PM (11 days ago) Jun 12
to xnat_discussion
Hello,
name=LDAP
provider.id=ldap1
auth.method=ldap
address=ldaps://ldaps.contoso.com:636
userdn=CN=my_acct,DC=contoso,DC=com
password=my_password
search.base=DC=contoso,DC=com
search.filter=(&(samaccountname={0})(memberof=CN=MY_OU,DC=contoso,DC=com))
visible=true
We are encountering a critical regression issue with user registration functionality after upgrading the authentication plugin from LDAP v1.1.0 to LDAP v1.3.0.
The core problem prevents new users from accessing the account creation workflow, resulting in a blank page display during the initial login attempt.
Observed Behavior:
The core problem prevents new users from accessing the account creation workflow, resulting in a blank page display during the initial login attempt.
Observed Behavior:
- The XNAT portal loads successfully.
- A new user attempts registration by inputting valid credentials (username/password) and submitting the login form.
- Instead of being redirected to the "New XNAT Account" selection screen and subsequent required fields, the XNAT GUI displays a persistent blank page.
Validation Steps:
Here is a sanitized version of our ldap properties file:
- Replication Test: When the LDAP plugin is reverted to v1.1.0, new user registrations proceed without issue.
- Scope: This failure is reproducible on all test accounts using the current environment configuration.
Here is a sanitized version of our ldap properties file:
name=LDAP
provider.id=ldap1
auth.method=ldap
address=ldaps://ldaps.contoso.com:636
userdn=CN=my_acct,DC=contoso,DC=com
password=my_password
search.base=DC=contoso,DC=com
search.filter=(&(samaccountname={0})(memberof=CN=MY_OU,DC=contoso,DC=com))
visible=true
Thank you for your prompt attention to this matter.
Timothy Olsen
Jun 12, 2026, 4:52:01 PM (11 days ago) Jun 12
to xnat_di...@googlegroups.com
Is there anything in your XNAT_HOME/logs folder at the time of the failed login?
Tim
Tim
Timothy R Olsen
Founder, President
--
You received this message because you are subscribed to the Google Groups "xnat_discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to xnat_discussi...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/xnat_discussion/5a9eba73-f887-4d40-8420-e79ef0df0bf0n%40googlegroups.com.
Jose Villamizar
Jun 12, 2026, 5:08:46 PM (11 days ago) Jun 12
to xnat_discussion
I've found messages like this one:
2026-06-11 14:32:11,062 [ajp-nio-127.0.0.1-8009-exec-9] WARN org.nrg.xnatx.plugins.auth.ldap.XnatLdapUserDetailsMapper - Didn't find user details by name and auth for auth method LDAP, auth method ID ldap1, AD username UID: null, form entry: user_name, email: user...@contoso.com, first name: user_name, last name: last_name.
Ryan Seaman
Jun 15, 2026, 10:45:06 AM (8 days ago) Jun 15
to xnat_discussion
Hi Jose,
Could it be related to the below issue? It's been a bit since I last messed around with the LDAP plugin config, but I do remember this biting me while setting up a lab environment.
-Ryan
Jose Villamizar
Jun 15, 2026, 11:37:17 AM (8 days ago) Jun 15
to xnat_discussion
Hello Ryan,
I will add this to our LDAP config and test. Thank you for providing this information.
Jose Villamizar
Jun 15, 2026, 1:51:32 PM (8 days ago) Jun 15
to xnat_discussion
Hello Ryan,
Confirmed!
Adding these attribute mappings to the LDAP config fixed the issue for us running ldap-auth-plugin-1.3.0.jar
# Attribute mapping
attributes.uid=sAMAccountName
attributes.email=userPrincipalName
attributes.firstname=givenName
attributes.lastname=sn
attributes.cn=cn
attributes.uid=sAMAccountName
attributes.email=userPrincipalName
attributes.firstname=givenName
attributes.lastname=sn
attributes.cn=cn
... rest of config.
Many thanks for your suggestion.
Cheers!
Reply all
Reply to author
Forward
0 new messages