Details
-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
9.2.5, 9.3.7
-
None
-
docker PostGreSQL OpenLDAP
-
Unknown
-
Description
After having updated the extension "LDAP Authenticator" from version 9.2.5 to 9.3.7 authentication failed for some of the users.
It's probably related to cache management.
Following a sample of xwiki.cfg that concern authentication and LDAP :
xwiki.authentication.validationKey=<Key 1...> xwiki.authentication.encryptionKey=<Key 2...> xwiki.authentication.cookiedomains= xwiki.authentication.logoutpage=(/|/[^/]+/|/wiki/[^/]+/)logout/* xwiki.authentication.unauthorized_code=200 xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl xwiki.authentication.ldap=0 xwiki.authentication.ldap.server=<Our server OPEN LDAP> xwiki.authentication.ldap.port=389 xwiki.authentication.ldap.bind_DN=cn=Manager,dc=tyforge,dc=fr xwiki.authentication.ldap.bind_pass=<Password of LDAP> xwiki.authentication.ldap.base_DN=ou=users,dc=tyforge,dc=fr xwiki.authentication.ldap.UID_attr=uid xwiki.authentication.ldap.user_group=ou=users,dc=tyforge,dc=fr xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=cn=admin,ou=users,dc=tyforge,dc=fr|\ XWiki.LDAPUsers=ou=users,dc=tyforge,dc=fr xwiki.authentication.ldap.group_sync_resolve_subgroups=0 xwiki.authentication.ldap.groupcache_expiration=900 xwiki.authentication.ldap.maxresults=3000 xwiki.authentication.ldap.searchPageSize=3000
We get back on the version 9.2.5 of the extension for solving the problem.
The problem is not always reproductable as group_cache_expiration setting avoid the issue.