You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@karaf.apache.org by "Jean-Baptiste Onofré (JIRA)" <ji...@apache.org> on 2017/02/28 14:19:45 UTC
[jira] [Resolved] (KARAF-4989) Make LDAPLoginModule role.mapping
option understand also fqdn
[ https://issues.apache.org/jira/browse/KARAF-4989?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jean-Baptiste Onofré resolved KARAF-4989.
-----------------------------------------
Resolution: Fixed
> Make LDAPLoginModule role.mapping option understand also fqdn
> -------------------------------------------------------------
>
> Key: KARAF-4989
> URL: https://issues.apache.org/jira/browse/KARAF-4989
> Project: Karaf
> Issue Type: Improvement
> Components: karaf-security
> Reporter: Andrea Tarocchi
> Assignee: Jean-Baptiste Onofré
> Priority: Minor
> Fix For: 4.0.9, 4.1.1
>
>
> With the current way of parsing {{*role.mapping*}} option in {{*LDAPLoginModule*}} is not possible to specify a fqdn; a possible use case is to achieve a mapping like this:
> {code:xml}
> <jaas:module className="org.apache.karaf.jaas.modules.ldap.LDAPLoginModule">
> [...]
> role.base.dn=ou=groups,dc=example,dc=org
> role.name.attribute=someAttributeResultingInFqdn
> role.filter=(member=%fqdn)
> role.search.subtree=true
> role.mapping=cn=admin,ou=groups,dc=example,dc=org=karafRole;cn=admin,ou=otherGroups,dc=example,dc=org=otherKarafRole
> </jaas:module>
> {code}
> i.e. mapping based on a fqdn string instead of a cn.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)