archiva-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin <marti...@apache.org>
Subject Re: Need help configuring Archiva LDAP configuration with anonymous snapshot deploy
Date Mon, 28 Aug 2017 19:42:01 GMT
Hi,

it would be helpful, if you could provide some logs. 
The removal of the roles from the guest user seems a bit strange. You are running a
single instance only, not in a clustered environment?

By the way, the CSRF prevention that has been introduced with version 2.2.3 can be deactivated,
if
you think the security risk is acceptable. Please look at the release notes.

Greetings

Martin

Am Dienstag, 22. August 2017, 11:50:48 CEST schrieb Stefaan Dutry:
> In our current setup we only use the LDAP configuration to
> authenticate and not for authorisation.
> 
> We would like to switch to using LDAP group membership to configure
> group membership.
> 
> Reasons:
>   -) Archiva is not able to find all LDAP users in the Users -> Manage section.
>   -) The dirty workaround we used to configure user - role management
> for those we couldn't find, no longer works with version 2.2.3
> (abusing the REST-API)
> 
> What we managed to do so far:
>   -) We managed to connect to LDAP successfully
>   -) We managed to set up the groups in LDAP and configure the
> LDAP/Roles Mappings
>   -) We switched to only LDAP User Manager and only LDAP RBac Manager
> (Users -> Users Runtime Configuration)
> 
> Problems we are having:
>   -) We are no longer able to upload an artifact to the snapshot
> repository. We need this because we are using jenkins to start builds
> and create snapshots automatically
>   -) We tried adding the roles to the Guest user, but they seem to be
> automatically removed after a certain amount of time (15 min or so)
>   -) Archiva tends to log me out randomly, even when i'm active.
> 
> Version: 2.2.3
> 
> Can someone help me find what settings are incorrect.
> 
> 



Mime
View raw message