Details
-
Bug
-
Resolution: Invalid
-
Major
-
None
-
9.4.4
-
None
-
Unknown
-
Description
Hello!
I am using XWiki 11.10.5 (in Docker), LDAP Authenticator 9.4.4, FreeIPA 4.6.6
I ran into a problem - it often happens that a user who has an account in FreeIPA enters XWiki for the first time, login is successful, but he doesn't have rights to view any pages. He doesn't belong to any of the groups and if you add him manually - the next time he log in, he will be removed from all groups again. The only thing that helps in this situation is restarting XWiki. After that, everything works for a while, then breaks down again for new users.
Here is my LDAP configuration:
xwiki.authentication.authclass=org.xwiki.contrib.ldap.XWikiLDAPAuthServiceImpl
xwiki.authentication.ldap=1
xwiki.authentication.ldap.trylocal=1
xwiki.authentication.ldap.server=ipa.domain.com
xwiki.authentication.ldap.port=636
xwiki.authentication.ldap.bind_DN=uid=login,cn=users,cn=accounts,dc=domain,dc=com
xwiki.authentication.ldap.bind_pass=password
xwiki.authentication.ldap.base_DN=cn=users,cn=accounts,dc=domain,dc=com
xwiki.authentication.ldap.user_search_fmt=({0}={1})
xwiki.authentication.ldap.UID_attr=uid
xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,email=mail
xwiki.authentication.ldap.update_user=1
xwiki.authentication.ldap.group_mapping=XWiki.XWikiAdminGroup=cn=xwiki-admins,cn=groups,cn=accounts,dc=domain,dc=com|\
XWiki.XWikiAllGroup=cn=groups,cn=accounts,dc=domain,dc=com
xwiki.authentication.ldap.ssl=1
xwiki.authentication.ldap.ssl.secure_provider=com.sun.net.ssl.internal.ssl.Provider