You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by ja...@apache.org on 2015/03/05 17:24:40 UTC
[2/3] karaf git commit: KARAF-3105 - consolidate fqdn and nsdn as
they are equivalent
KARAF-3105 - consolidate fqdn and nsdn as they are equivalent
Project: http://git-wip-us.apache.org/repos/asf/karaf/repo
Commit: http://git-wip-us.apache.org/repos/asf/karaf/commit/c806614f
Tree: http://git-wip-us.apache.org/repos/asf/karaf/tree/c806614f
Diff: http://git-wip-us.apache.org/repos/asf/karaf/diff/c806614f
Branch: refs/heads/karaf-3.0.x
Commit: c806614f5bbe69983138ffa17c77a4422fa9441a
Parents: 517ac13
Author: Jonathan Anstey <ja...@gmail.com>
Authored: Thu Mar 5 12:51:44 2015 -0330
Committer: Jonathan Anstey <ja...@gmail.com>
Committed: Thu Mar 5 12:51:44 2015 -0330
----------------------------------------------------------------------
.../java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java | 3 +--
manual/src/main/webapp/developers-guide/security-framework.conf | 3 +--
2 files changed, 2 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/karaf/blob/c806614f/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
----------------------------------------------------------------------
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
index c5ea937..11158bb 100644
--- a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPLoginModule.java
@@ -325,8 +325,7 @@ public class LDAPLoginModule extends AbstractKarafLoginModule {
logger.debug(" base DN: " + roleBaseDN);
roleFilter = roleFilter.replaceAll(Pattern.quote("%u"), Matcher.quoteReplacement(user));
roleFilter = roleFilter.replaceAll(Pattern.quote("%dn"), Matcher.quoteReplacement(userDN));
- roleFilter = roleFilter.replaceAll(Pattern.quote("%fqdn"), Matcher.quoteReplacement(userDN + "," + userBaseDN));
- roleFilter = roleFilter.replaceAll(Pattern.quote("%nsdn"), Matcher.quoteReplacement(userDNNamespace));
+ roleFilter = roleFilter.replaceAll(Pattern.quote("%fqdn"), Matcher.quoteReplacement(userDNNamespace));
roleFilter = roleFilter.replace("\\", "\\\\");
logger.debug(" filter: " + roleFilter);
NamingEnumeration namingEnumeration = context.search(roleBaseDN, roleFilter, controls);
http://git-wip-us.apache.org/repos/asf/karaf/blob/c806614f/manual/src/main/webapp/developers-guide/security-framework.conf
----------------------------------------------------------------------
diff --git a/manual/src/main/webapp/developers-guide/security-framework.conf b/manual/src/main/webapp/developers-guide/security-framework.conf
index 82c9b68..ca3bf9f 100644
--- a/manual/src/main/webapp/developers-guide/security-framework.conf
+++ b/manual/src/main/webapp/developers-guide/security-framework.conf
@@ -381,8 +381,7 @@ The LDAPLoginModule supports the following patterns that you can use in the filt
* {{%u}} is replaced by the user
* {{%dn}} is replaced by the user DN
-* {{%fqdn}} is replaced by the user full qualified DN ({{userDN,userBaseDN}}).
-* {{%nsdn}} is replaced by the userDNNamespace (interesting especially for ActiveDirectory).
+* {{%fqdn}} is replaced by the user full qualified DN ({{userDNNamespace}}).
For instance, the following configuration will work properly with ActiveDirectory (adding the ActiveDirectory to the
default {{karaf}} realm):