Can't login user returned from LdapIdentityProviderPlugin query

Hello,

i’m currently trying to integrate the LdapIdentityProviderPlugin in our Process-Engine and can’t figure out what is missing to login the User after a successfull authentication against LDAP.

When i start up the Application, i see that the AdministratorAuthorizationPlugin Plugin is granting access to the User i have configured:

2019-10-08 09:57:46.590  INFO 18332 --- [           main] org.camunda.bpm.engine.plugin.admin      : ENGINE-19002 GRANT user hv16911 ALL permissions on resource Application.
2019-10-08 09:57:46.595  INFO 18332 --- [           main] org.camunda.bpm.engine.plugin.admin      : ENGINE-19002 GRANT user hv16911 ALL permissions on resource User.
2019-10-08 09:57:46.598  INFO 18332 --- [           main] org.camunda.bpm.engine.plugin.admin      : ENGINE-19002 GRANT user hv16911 ALL permissions on resource Group.

When i login into the Webapplication with that configured User, i see that LDAP is returning its Data (i have removed the Details out of the Response):

2019-10-08 09:58:57.846 DEBUG 18332 --- [nio-8080-exec-7] org.camunda.bpm.identity.impl.ldap       : LDAP-00006 LDAP user query results: [LdapUserEntity[id=hv16911, revision=0, firstName=hv16911, lastName=Testuser02, email=null, password=null, salt=null, lockExpirationTime=null, attempts=0] based on cn=hv16911: null:null:{givenname=givenName: Projekt-KLuB, d sn=sn: Testuser02, personaltitle=personalTitle: Frau, uid=uid: hv16911, objectclass=objectClass: top, person, devkperson, inetOrgPerson, organizationalPerson, devkfaxtk, account, ........ ]

But the login fails, with the error message: Login Failed : Unauthorized.

I’m not sure what exactly to look for, any help would be highly appriciated.

Here is the Code im using (Spring Boot, embedded Database for testing):

@Configuration
public class LDAPIntegrationConfig {

@Bean
public static ProcessEnginePlugin strongUUIDGenerator() {
    return new ProcessEnginePlugin() {
        @Override
        public void preInit(ProcessEngineConfigurationImpl processEngineConfiguration) {
            processEngineConfiguration.setIdGenerator(new StrongUuidGenerator());
        }
        @Override
        public void postInit(ProcessEngineConfigurationImpl processEngineConfiguration) {
        }
        @Override
        public void postProcessEngineBuild(ProcessEngine processEngine) {
        }
    };
}


@Bean
@Order(Ordering.DEFAULT_ORDER + 2)
public static LdapIdentityProviderPlugin ldapIdentityProviderPlugin(){
    LdapIdentityProviderPlugin plugin = new LdapIdentityProviderPlugin();
    plugin.setServerUrl("ldap://xxxxxxxx:389");
    plugin.setAcceptUntrustedCertificates(false);
    plugin.setAllowAnonymousLogin(true);
    plugin.setUseSsl(false);
    plugin.setSecurityAuthentication("simple");

    // user-spezifische Einstellungen
    plugin.setUserSearchBase("ou=people,dc=xxxx,dc=de");
    plugin.setUserSearchFilter("(objectClass=person)");
    plugin.setUserIdAttribute("uid"); //cn?uid?
    plugin.setUserFirstnameAttribute("cn");

    // gruppen-spezifische Einstellungen
    plugin.setGroupSearchBase("ou=wasgruppen,ou=rechte,dc=xxxxxx,dc=de");
    plugin.setGroupSearchFilter("(objectclass=*)");
    plugin.setGroupNameAttribute("cn");
    plugin.setGroupMemberAttribute("uniqueMember"); //cn?? //uniqueMember??

    return plugin;
}

@Bean
@Order(Ordering.DEFAULT_ORDER + 1)
public static AdministratorAuthorizationPlugin administratorAuthorizationPlugin(){
    AdministratorAuthorizationPlugin plugin = new AdministratorAuthorizationPlugin();
    plugin.setAdministratorUserName("hv16911"); //User-id available in the ldap server
    return plugin;
}

}