Code setting searchSubtree for ldapAuthoritiesPopulator is missing, so it is not possible to get groups for LDAP user.
The file is AcegiGrailsPlugin.groovy.
—
if (conf.ldapRetrieveGroupRoles) {
ldapAuthoritiesPopulator(DefaultLdapAuthoritiesPopulator, ref('contextSource'), conf.ldapGroupSearchBase) {
groupRoleAttribute = conf.ldapGroupRoleAttribute
groupSearchFilter = conf.ldapGroupSearchFilter
+ searchSubtree = conf.ldapSearchSubtree
}
ldapAuthProvider(LdapAuthenticationProvider, ref('ldapAuthenticator'), ref('ldapAuthoritiesPopulator')) {
userDetailsContextMapper = ref('ldapUserDetailsMapper')
}
}
—
Bug
Resolved
Major
[grails-acegi] Missing 'searchSubtree = conf.ldapSearchSubtree' inside ldapAuthoritiesPopulator
GRAILSPLUGINS-372in Grails-Plugins -> Grails Acegi