I built the war files and deployed them. I have no problems using admin/test to access idm/admin/modeler/task with no addition configuration.
I tried to connect to AD with LDAP but that failed completely so I tested LDAP with Apache Directory Server.
I can access idm without any problem. The idm shows that all users are members of all groups which is curious. My admin user should have access to all apps but when I try to access admin, modeler or task I am redirected to the idm login.
In catalina.out is says:
2019-06-24 15:22:38.324 WARN 2393 — [nio-8080-exec-2] o.f.l.LDAPConnectionUtil : Could not create InitialDirContext for LDAP connection: [LDAP: error code 49 - INVALID_CREDENTIALS: Bind failed: ERR_229 Cannot authenticate user uid=myuser,dc=example,dc=com]
My application.properties:
flowable.idm.ldap.enabled=true
flowable.idm.ldap.server=ldap://localhost
flowable.idm.ldap.port=10389
flowable.idm.ldap.user=uid=admin,ou=system
flowable.idm.ldap.password=secret
flowable.idm.ldap.base-dn=dc=example,dc=com
#flowable.idm.ldap.user-base-dn=ou=users,dc=example,dc=com
#flowable.idm.ldap.group-base-dn=ou=groups,dc=example,dc=com
flowable.idm.ldap.query.user-by-id=(&(objectClass=inetOrgPerson)(uid={0}))
flowable.idm.ldap.query.user-by-full-name-like=(&(objectClass=inetOrgPerson)(|({0}={1})({2}={3})))
flowable.idm.ldap.query.all-users=(objectClass=inetOrgPerson)
flowable.idm.ldap.query.groups-for-user=(&(objectClass=groupOfUniqueNames)(uniqueMember={0}))
flowable.idm.ldap.query.all-groups=(objectClass=groupOfUniqueNames)
flowable.idm.ldap.query.group-by-id=(&(objectClass=groupOfUniqueNames)(cn={0}))
flowable.idm.ldap.attribute.user-id=uid
flowable.idm.ldap.attribute.first-name=cn
flowable.idm.ldap.attribute.last-name=sn
flowable.idm.ldap.attribute.email=mail
flowable.idm.ldap.attribute.group-id=cn
flowable.idm.ldap.attribute.group-name=cn
flowable.idm.ldap.cache.group-size=10000
flowable.idm.ldap.cache.group-expiration=180000
DEFAULT ADMINISTRATOR ACCOUNT
flowable.idm.app.admin.user-id=myuser
flowable.common.app.idm-admin.user=myuser
Help would be greatly appreciated.