You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by ja...@apache.org on 2015/03/05 17:25:08 UTC
karaf git commit: KARAF-3105 - consolidate fqdn and nsdn as they are
equivalent
Repository: karaf
Updated Branches:
refs/heads/karaf-2.x 65ae5082c -> 0e226914c
KARAF-3105 - consolidate fqdn and nsdn as they are equivalent
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/0e226914
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/0e226914
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/0e226914
Branch: refs/heads/karaf-2.x
Commit: 0e226914c6605e39139db2903bd4ab5040bf35fe
Parents: 65ae508
Author: Jonathan Anstey <ja...@gmail.com>
Authored: Thu Mar 5 12:47:15 2015 -0330
Committer: Jonathan Anstey <ja...@gmail.com>
Committed: Thu Mar 5 12:54:49 2015 -0330
----------------------------------------------------------------------
.../java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java | 3 +--
manual/src/main/webapp/developers-guide/security-framework.conf | 3 +--
2 files changed, 2 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/karaf/blob/0e226914/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
----------------------------------------------------------------------
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
index 4d774c8..07313bb 100644
--- a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
@@ -355,8 +355,7 @@ public class LDAPLoginModule extends AbstractKarafLoginModule {
logger.debug(" base DN: " + roleBaseDN);
roleFilter = roleFilter.replaceAll(Pattern.quote("%u"), Matcher.quoteReplacement(user));
roleFilter = roleFilter.replaceAll(Pattern.quote("%dn"), Matcher.quoteReplacement(userDN));
- roleFilter = roleFilter.replaceAll(Pattern.quote("%fqdn"), Matcher.quoteReplacement(userDN + "," + userBaseDN));
- roleFilter = roleFilter.replaceAll(Pattern.quote("%nsdn"), Matcher.quoteReplacement(userDNNamespace));
+ roleFilter = roleFilter.replaceAll(Pattern.quote("%fqdn"), Matcher.quoteReplacement(userDNNamespace));
roleFilter = roleFilter.replace("\\", "\\\\");
logger.debug(" filter: " + roleFilter);
List<String> rolesList = new ArrayList<String>();
http://git-wip-us.apache.org/repos/asf/karaf/blob/0e226914/manual/src/main/webapp/developers-guide/security-framework.conf
----------------------------------------------------------------------
diff --git a/manual/src/main/webapp/developers-guide/security-framework.conf b/manual/src/main/webapp/developers-guide/security-framework.conf
index 6e15be5..e0305ed 100644
--- a/manual/src/main/webapp/developers-guide/security-framework.conf
+++ b/manual/src/main/webapp/developers-guide/security-framework.conf
@@ -372,8 +372,7 @@ The LDAPLoginModule supports the following patterns that you can use in the filt
* {{%u}} is replaced by the user
* {{%dn}} is replaced by the user DN
-* {{%fqdn}} is replaced by the user full qualified DN ({{userDN,userBaseDN}}).
-* {{%nsdn}} is replaced by the userDNNamespace (interesting especially for ActiveDirectory).
+* {{%fqdn}} is replaced by the user full qualified DN ({{userDNNamespace}}).
NB: the LDAPLoginModule doesn't provide backend engine. It means that the administration of the users and roles should be
performed directly on the LDAP backend.