APOLLO & ECW/JP2 Discussions

Wondering how others have configured their ERDAS APOLLO server or what data they are crawling? The ERDAS APOLLO Discussion board is a place to find information, share ideas and more. Join the community, connect, contribute and share.
Showing results for 
Search instead for 
Do you mean 
Reply
Highlighted
Contributor
Posts: 82
Registered: ‎11-02-2015
Accepted Solution

APOLLO 2018 LDAP configuration

[ Edited ]

Hi there,

 

I am trying to enable the LDAP login module of APOLLO 2018. Up to now it is not working. The bad thing: I do not get any entries in the tomcat.log.

 

So this is my first question: how to enable logging? The debug-level of the LdapLoginModule is set to 9 already.

 

I trie to use the configurationwizard to setup the LDAP connection as well as manual steps. But still I do not have success.

 

Here are the manual steps:

  1. Add comment (#) for the line tomcat.security.util.class=com.erdas.apollo.jaas.security.DBJaasUserCredentialsReader in <APOLLO HOME>\webapps\erdas-apollo\WEB-INF\lib\config-core.jar\staticconfig.properties
  2. ensure that loginContextName in file <APOLLO HOME>\webapps\erdas-apollo\WEB-INF\config\spring-jaas-auth.conf is pointing to the correct login module. Which is apollo in my case
  3. Then I modified the <APOLLO HOME>\webapps\erdas-apollo\WEB-INF\spring-jaas-auth.conf and I think I have tried all more or less valid combinations:

    apollo {
      org.ldaptive.jaas.LdapLoginModule required
        storePass="true"
        ldapUrl="ldap://dc1.geosystems.local:389"
        baseDn="OU=User,OU=ORG,DC=geosystems,DC=local"
        useStartTLS="false"
        bindDn="CN=Apollo nutzer,OU=User,OU=ORG,DC=geosystems,DC=local"
        bindCredential="mypassword"
        userFilter="(sAMAccountName={0})"
        debug="9";
      org.ldaptive.jaas.LdapRoleAuthorizationModule required
        useFirstPass="true"
        ldapUrl="ldap://dc3.geosystems.local:389"
        bindDn="CN=Apollo nutzer,OU=User,OU=ORG,DC=geosystems,DC=local"
        bindCredential="mypassword"
        baseDn="OU=User,OU=ORG,DC=geosystems,DC=local"
        roleFilter="(sAMAccountName={0})"
        roleAttribute="memberOf";
    };

I have tried userFilter="(sAMAccountName={user})" as well as specify the baseDn="OU=Groups,OU=ORG,DC=geosystems,DC=local",     roleFilter="(member={dn})" and roleAttribute="sAMAccountName"; But no scuccess. I am able to bind to the LDAP using the defined user.

 

Because of the missing log entries I do not get any clue what's going wrong and thus I have no idea what to try next.

 

Any help is more than welcome.

Fritz

Geography is what geographers do...
Highlighted
Contributor
Posts: 82
Registered: ‎11-02-2015

Re: APOLLO 2018 LDAP configuration

Sorry for double posting. But this thread has been blocked as spam and has been unlocked by the admin afer I have posted the solution which can be found here:

https://community.hexagongeospatial.com/t5/Support-ERDAS-APOLLO/Some-help-and-hits-for-APOLLO-2018-L...

 

Cheers

Fritz

 

Geography is what geographers do...