Products | Versions |
---|---|
Spotfire Server | 7.0.1 HF-004 and lower |
LDAP users are able to temporarily login until the next LDAP synchronization task is completed, even though the "Filter users by groups" option is enabled and they are not members of any synchronized LDAP groups.
From the server log, you will see the following output:
DEBUG 2016-02-02T07:45:40,757-0500 [unknown, #128] jaas.ldap.LDAPLoginModule: Authenticating user 'new_spotfire_user' in LDAPLoginModule ... DEBUG 2016-02-02T07:45:41,180-0500 [unknown, #128] jaas.ldap.LDAPLoginModule: Using searchFilter '(&(sAMAccountName=new_spotfire_user)(objectClass=user))' DEBUG 2016-02-02T07:45:41,255-0500 [unknown, #128] jaas.ldap.LDAPLoginModule: Found LDAP user 'CN=new_spotfire_user,OU=Standard,OU=Users,OU=Enterprise,DC=logon,DC=ds,DC=company,DC=com', using DN as principal id DEBUG 2016-02-02T07:45:41,342-0500 [unknown, #128] jaas.ldap.LDAPLoginModule: Could not find any user 'new_spotfire_user' in LDAP context 'OU=Groups,OU=Enterprise,DC=logon,DC=ds,DC=company,DC=com' DEBUG 2016-02-02T07:45:41,342-0500 [unknown, #128] server.ldap.LdapContextFactory: Closing LdapContext for ldaps://company.com:389 DEBUG 2016-02-02T07:45:41,343-0500 [unknown, #128] jaas.ldap.LDAPLoginModule: Authenticating user with principal id 'CN=new_spotfire_user,OU=Standard,OU=Users,OU=Enterprise,DC=logon,DC=ds,DC=company,DC=com' DEBUG 2016-02-02T07:45:41,343-0500 [unknown, #128] server.ldap.LdapContextFactory: Creating an LDAP connection for principal 'CN=new_spotfire_user,OU=Standard,OU=Users,OU=Enterprise,DC=logon,DC=ds,DC=company,DC=com' to LDAP server(s) ldaps://company.com:389 DEBUG 2016-02-02T07:45:41,760-0500 [unknown, #128] server.ldap.LdapContextFactory: Successfully created an LDAP connection for principal 'CN=new_spotfire_user,OU=Standard,OU=Users,OU=Enterprise,DC=logon,DC=ds,DC=company,DC=com' to LDAP server ldaps://company.com:389 DEBUG 2016-02-02T07:45:41,761-0500 [unknown, #128] server.ldap.LdapContextFactory: Closing LdapContext for ldaps://company.com:389 DEBUG 2016-02-02T07:45:41,762-0500 [unknown, #128] jaas.ldap.LDAPLoginModule: Successfully authenticated user 'new_spotfire_user' with DN 'CN=new_spotfire_user,OU=Standard,OU=Users,OU=Enterprise,DC=logon,DC=ds,DC=company,DC=com' DEBUG 2016-02-02T07:45:41,762-0500 [unknown, #128] server.security.JaasAuthenticator: Successfully authenticated user 'new_spotfire_user' in domain 'company.com' DEBUG 2016-02-02T07:45:41,762-0500 [unknown, #128] server.security.PostAuthenticationFilterImpl: Post-authentication filtering security context for principal 'new_spotfire_user@company.com' DEBUG 2016-02-02T07:45:41,762-0500 [unknown, #128] server.security.PostAuthenticationFilterImpl: Post-authentication filtering in block mode DEBUG 2016-02-02T07:45:41,762-0500 [unknown, #128] server.security.PostAuthenticationFilterImpl: Looking up the authenticated user principal 'new_spotfire_user@company.com' in the User Directory DEBUG 2016-02-02T07:45:41,764-0500 [unknown, #128] server.userdir.UserDirectoryImpl: Checking if the user principal new_spotfire_user@company.com has been recently added to the external provider ... DEBUG 2016-02-02T07:45:42,356-0500 [unknown, #128] server.userdir.UserDirectoryImpl: Importing user principal new_spotfire_user@company.com that was recently added to the external provider DEBUG 2016-02-02T07:45:42,401-0500 [new_spotfire_user@company.com, #128] server.security.SecurityFilter: The client is successfully authenticated DEBUG 2016-02-02T07:45:42,402-0500 [new_spotfire_user@company.com, #128] server.security.SecurityFilter: Passing on the request for URL /ws/LoginService to the next item in the filter chain