This page provide you with steps in order to validate the Authorization
Release | Yes/No |
|---|---|
| 8.3.x |  |
| 8.2.x | |
| 8.1.x | |
| 8.0.x | |
RDBMS | Yes/No |
|---|---|
| Oracle Server | N/A |
| Microsoft SQL Server | N/A |
| CSS3 | N/A |
| CSS2 | N/A |
Get the DN of the user by referring to Health Dashboard - Information - LDAP connection - How to get the Distinguished name (Till 8.2 this is the way of authorizing, but CN (common Name) will be used in 8.3.x.)
Compare the security.ldap.groupsearch.base retrieved from the file security.properties with the Distinguished name of the group that was selected in step 1:
Search for the string "security.ldap.groupsearch.base" under security.properties > Observe the value attached to the string parameter "security.ldap.groupsearch.base"
Observe the Distinguished name of the user selected in step 1
Figure 1If the string value attached to the string value "security.ldap.groupsearch.base" is a right sub string of the Distinguished name then go to the next step, else its normal that the group retrieval failed.
- Search for the string "security.ldap.groupsearch.filter" under security.properties > Observe the value attached to the string parameter "security.ldap.groupsearch.filter"
- Observe the DN name of the user selected in step 1
- If the string value attached to the string value "security.ldap.groupsearch.filter" is a right sub string for member, then go to the next step, else its normal that the group retrieval failed.
- Information on the CAST objects each group are authorized to access is controlled by the ldap_roles.xml and user.properties files in 8.2.x and in roles.xml in 8.3.x
