Working with LDAP

[MasterAwesome]

Hello,

I was able to set up OpenGrok with everything working using the docker container. Although as soon as I add LDAP authentication Realm to server.xml and contents of https://github.com/oracle/opengrok/wiki/Authorization-based-on-HTTP-Basic-Authentication#application-deployment-descriptor the following to web.xml, /scripts/start.py loops forever since get('localhost:8080') forever returns 401.

I'm assuming this is because the indexer is trying to reach REST endpoints but tomcat requires an LDAP auth for it now. How can I work around this?

I saw a few discussions:

• OpenGrok integration with LDAP issue #4129
• LDAP authentication and Indexing #4127

I also saw a few articles about Authorization plugins which seem to be more promising.

EDIT:
Tried the AuthorizationPlugins way and could connect to LDAP and authorize although same issue exists where /scripts/start.py loops indefinitely on 401 at localhost:8080, now I don't have any changes at server.xml only web.xml.

[MasterAwesome]

Ok I ended up figuring it out, tomcat needs to host the authentication part to ensure valid users are let in, opengrok then deals with the authorization for viewing projects.

This means tomcat needs to have Realm setup to let people in but not filter auth-roles so the web application can deal with that hence the * as suggested by the documentation.