Jump to content
JasperReports Library 7.0 is now available ×

Can't get LDAP working no matter what (6.3.0 community edition)


Recommended Posts


I've been trying for 2 days to get LDAP authentication working but I am getting nowhere. I've edited the sample file provided and put it into place, but I just can't get a single successful login.

I've enabled debugging level logging on "org.springframework.security"  and this is the only reference to ldap in my jasperserver.log


2016-11-17 15:12:48,840 DEBUG ProviderManager,http-bio-8443-exec-5:152 - Authentication attempt using com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSLdapAuthenticationProvider
2016-11-17 15:12:48,841 DEBUG FilterBasedLdapUserSearch,http-bio-8443-exec-5:107 - Searching for user 'stewie', with user search [ searchFilter: '(sAMAccountName={0})', searchBase: 'cn=jasperusers,OU=Security Groups,OU=MyBusiness', scope: subtree, searchTimeLimit: 0, derefLinkFlag: false ]
2016-11-17 15:12:48,937 DEBUG SpringSecurityLdapTemplate,http-bio-8443-exec-5:211 - Searching for entry under DN 'dc=CBMR,dc=local', base = 'cn=jasperusers,ou=Security Groups,ou=MyBusiness', filter = '(sAMAccountName={0})'
2016-11-17 15:12:48,950 DEBUG ProviderManager,http-bio-8443-exec-5:152 - Authentication attempt using com.jaspersoft.jasperserver.api.security.internalAuth.InternalDaoAuthenticationProvider
The user "stewie" exists and is a member of the "Jasperusers" group that definitely exists in the following LDAP context (copied and pasted below from adsi edit):
The group: CN=jasperusers,OU=Security Groups,OU=MyBusiness,DC=CBMR,DC=local

The user: CN=Stewie,CN=Users,DC=CBMR,DC=local


This is my relevant config:


 <bean id="ldapAuthenticationProvider" class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSLdapAuthenticationProvider">
            <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSBindAuthenticator">
                <constructor-arg><ref local="ldapContextSource"/></constructor-arg>
                <property name="userSearch" ref="userSearch"/>
            <bean class="com.jaspersoft.jasperserver.api.security.externalAuth.wrappers.spring.ldap.JSDefaultLdapAuthoritiesPopulator">
                <constructor-arg index="0"><ref local="ldapContextSource"/></constructor-arg>
                <constructor-arg index="1"><value></value></constructor-arg>
                <property name="groupRoleAttribute" value="title"/>
                <property name="groupSearchFilter" value="(&(member={0})(objectclass=group)(cn=jasper*))"/>
                <property name="searchSubtree" value="true"/>
                <!-- Can setup additional external default roles here  <property name="defaultRole" value="LDAP"/> -->
    <bean id="userSearch"
        <constructor-arg index="0">
            <value>cn=jasperusers,OU=Security Groups,OU=MyBusiness</value>
        <constructor-arg index="1">
        <constructor-arg index="2">
            <ref local="ldapContextSource" />
        <property name="searchSubtree">
    <bean id="ldapContextSource" class="com.jaspersoft.jasperserver.api.security.externalAuth.ldap.JSLdapContextSource">
        <constructor-arg value="ldap://luna.cbmr.local:389/DC=CBMR,DC=local"/>
        <!-- manager user name and password (may not be needed)  -->
        <property name="userDn" value="CN=Script Runner,OU=Domain Service Accounts,DC=CBMR,DC=local"/>
        <property name="password" value="mypassword"/>

I don't really know where to go from here. The Jasper docs are pretty thin in this regard and I've enabled debugging but am not getting any error messages, just the single instance of an auth attempt using LDAP. 

I've tested changing the LDAP binding details to an invalid username and was able to produce an ldap binding error in the logs so I know that part is working. I just don't know the exact syntax to get it to correctly look for members of the jasperusers group.

Any information greatly appreciated, we've wasted days on trying to get this to work :( Thanks



Link to comment
Share on other sites

  • Replies 1
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...