archiva-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brent Atkinson <batkin...@apache.org>
Subject Re: redback/ldap
Date Sat, 02 Apr 2011 09:24:57 GMT
Kurt,

>From your description, I'm not sure I completely understand your LDAP
configuration. What I can say is that I have run Continuum and Archiva in a
number of LDAP configurations on different LDAP implementations such as
Active Directory, OpenLDAP, Novel eDirectory, Apache DS.

As I understand it, you need to have the ability to do two major things:

* Search for users
* Bind as a user (for non-guest and admin users)

There are two ways this is typically done:

* Search is privileged and only allowed to a privileged account
* Search is open, but ACLs protect any privileged information

In the first case, you need an administrative account to satisfy the search
for users functionality. In the second case, you don't need an
administrative LDAP user. If you can describe a little more about how your
configuration differs from one of these, I am happy to help you get it
setup. If it doesn't currently work, I'm willing to help make the changes
necessary to make it work, provided it is relatively conventional and
doesn't invalidate the more conventional setups.

Brent

On Sat, Apr 2, 2011 at 1:47 AM, Kurt Yoder <kyoder@gmail.com> wrote:

> Hello All,
>
> I'm trying to get authentication for my existing LDAP users to work in
> Archiva. However my setup does not use an administrative user and bind
> password; instead my defined LDAP users have a SHA1-hashed password that
> should be used for authentication. The redback documentation seems to hint
> it *might* be possible, but frankly I don't understand it, and it seems out
> of date. Is my kind of LDAP setup supported?
>
> Incidentally, the redback site I looked up for configuration help (
> http://redback.codehaus.org/integration/ldap.html) was last updated over
> two years ago, and the mailing lists seem similarly dead. Did the project
> get renamed and move elsewhere? Or worse, did it die out completely?
>
> Thanks in advance,
>
> -Kurt

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message