LDAP auth problem

[dhireng]

I have installed opengrok OpenGrok v1.1.0 rev 0d4f4d3 on tomcat apache-tomcat-9.0.12 with java "1.8.0_172"
I use <auth-method>FROM</auth-method> and added the required lines from the documentation to support authentication via LDAP (https://github.com/oracle/opengrok/wiki/Authorization#application-deployment-descriptor)
however, I noticed that js files throw an error in the browser when this is done. To come around this, I added more lines in the web.xml as follows

   <security-constraint>
         <web-resource-collection>
         <web-resource-name>Exclude</web-resource-name>
         <url-pattern>/public/*</url-pattern>
         <url-pattern>/api/*</url-pattern>
<url-pattern>/js/*</url-pattern>
<url-pattern>/default/*</url-pattern>
         </web-resource-collection>
  </security-constraint>

note:- public is the folder where my login form resides
The page now opens okay but now the first attempt to search after the first login on a fresh browser window sends it back to the login page. Subsequent requests work fine.
localhost_access_log file from tomcat shows that after the first login, the js files requests don't hold the user id.
Everything works okay of <auth-method>BASIC</auth-method> is used?
How do i fix this?

[vladak]

Could you describe your setup in detail ? How exactly does the login form work ?

[dhireng]

within the webapp, I created a folder called public and within which login2.html with contents

<html>
<head>
    <title>Login Page</title>
</head>

<h2>Hello, please log in:</h2>
<br><br>
<form action="j_security_check" method=post>
    <p><strong>Please Enter Your User Name: </strong>
    <input type="text" name="j_username" size="25">
    <p><p><strong>Please Enter Your Password: </strong>
    <input type="password" size="15" name="j_password">
    <p><p>
    <input type="submit" value="Submit">
    <input type="reset" value="Reset">
</form>
</html>

web.xml has the following lines

 <login-config>
        <auth-method>FORM</auth-method>
        <form-login-config>
                <form-login-page>/public/login2.html</form-login-page>
                <form-error-page>/public/Error_Login_Failed_Final.html</form-error-page>
        </form-login-config>
  </login-config>

let me know if you need any further information

[vladak]

I use <auth-method>FROM</auth-method> and added the required lines from the documentation to support authentication via LDAP (https://github.com/oracle/opengrok/wiki/Authorization#application-deployment-descriptor)

OpenGrok itself does not support authentication. It relies on external mechanism to authenticate the users. It then performs authorization based on the information about the authenticated users in the request.

[vladak]

closing due to inactivity.