You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shiro.apache.org by "Ilya (JIRA)" <ji...@apache.org> on 2017/11/04 00:35:00 UTC

[jira] [Created] (SHIRO-640) Support user search LDAP expressions

Ilya created SHIRO-640:
--------------------------

             Summary: Support user search LDAP expressions
                 Key: SHIRO-640
                 URL: https://issues.apache.org/jira/browse/SHIRO-640
             Project: Shiro
          Issue Type: Improvement
          Components: Realms 
    Affects Versions: 1.2.3
            Reporter: Ilya


I'm trying to deploy Apache Zeppelin (https://zeppelin.apache.org/), which uses Shiro for security. In our organization LDAP is set up in a way that everybody authenticates using email address (which is not part of DN), rather than UID (which is part of DN, but looks extremely ugly).

Other solutions integrate with this scheme by letting me configure LDAP search expression to resolve user DN, for example: (&(mail=%s)(objectclass=Person)). The resolved DN is then used in a regular way for authentication.

I wonder if it would be possible to add such functionality to Shiro?



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)