boesr

Caddy shows no matched groups error. I am not able to sign in.

@greenpau Thanks for the quick adaption. Just tested it. I built caddy with the latest release (fallback directive gets accepted), but I still get the error ``` {"level":"warn","ts":1655099192.076458,"logger":"security","msg":"Bad Request","session_id":"XXX","request_id":"XXX","error":"LDAP authentication...

@greenpau just tried it, but I still get the same error message as before.

@greenpau That works. The user gets assigned the second role (in your case user). I can now login.

@greenpau exactly. Here is my config: ``` { # debug order authenticate before respond order authorize before basicauth security { ldap identity store my.ldap { realm my.ldap servers { ldaps://LDAP_HOST:636...

> Also, you could use “bypass” directive to avoid authentication for docker registry endpoint. The reason I am using the plugin is trying to secure the docker registry. So bypassing...

@greenpau I just enabled the caddy-trace plugin. The logs of caddy now contain the following: ```log {"level":"debug","ts":1654063710.033493,"logger":"security","msg":"token validation error","session_id":"","request_id":"34f45517-c1c0-42e3-b3fa-ea137b792025","error":"no token found"} {"level":"debug","ts":1654063710.033529,"logger":"security","msg":"redirecting unauthorized user","session_id":"","request_id":"34f45517-c1c0-42e3-b3fa-ea137b792025","method":"location"} {"level":"error","ts":1654063710.0336215,"logger":"http.handlers.authentication","msg":"auth provider returned error","provider":"authorizer","error":"user authorization failed:...

Just an information for everyone facing the same problem, it is possible to reimplement push and pull via the registry htttp api. With that you can attach the cookie to...

The container not being created seems to be connected to LDAP sync. As soon as I deactivate the LDAP source sync (close to 100k users, 10 workers active), the container...

> Hi, > > I've the same behavior. I'm trying authentik and have following the same guide for ldap in the docs. I use and add a custom ldap-client+nc service...