0

We want to use Azure AD as a way of authenticating access to GeoServer being used by our company. We already have AAD and therefore don't want to have multiple log ins for the users to and admin to manage. We have tried using the LDAP and OAuth2 (google) plugins to try to connect to Azure, however we couldn't get these to work.

Has anyone else managed to get GeoServer to work with Azure AD? Any help of the settings/plugins to be used would be helpful.

Improve this question
1
  • Take a look at this R script. It's part of an open source project made by someone in my company who also needed to get around the annoying Azure AD identification to access data on ArcGIS Online. Commented Feb 15, 2022 at 1:04

1 Answer 1

Reset to default
0

Yes and no. I have authenticated against AAD, but not using LDAP or OAuth plugin. Never really tried the Oauth-plugin as I figured it wouldn't suit our needs anyway.

I wrote a proxy that authenticates against AAD using OIDC and sets the authenticated user in a http header and configure GeoServer to use header authentication.

If you only need AAD for authentication you configure Geoserver to use the built-in role service.

If you want to use AD groups as roles in GeoServer you can make AAD put AD groups as role claims in the token and in the proxy you add those role claims in another header and configure GeoServer to accept those roles.

Authenticate against AAD using LDAP seems to require Azure AD Domain Service (AD DS): https://docs.microsoft.com/en-gb/azure/active-directory/fundamentals/auth-ldap

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.