activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Robison (Created) (JIRA)" <j...@apache.org>
Subject [jira] [Created] (AMQ-3770) Generalize LDAP group processing / LDAP group expansion
Date Wed, 14 Mar 2012 22:24:40 GMT
Generalize LDAP group processing / LDAP group expansion
-------------------------------------------------------

                 Key: AMQ-3770
                 URL: https://issues.apache.org/jira/browse/AMQ-3770
             Project: ActiveMQ
          Issue Type: Improvement
          Components: Broker
    Affects Versions: 5.5.1
            Reporter: Chris Robison


One of the issues with the way that LDAP integration is implemented in ActiveMQ is that it
is making some serious assumptions based on how the examples are for Apache Directory. These
assumptions prevent other LDAP implementations from functioning correctly (e.g., Active Directory).
I've gone in and replaced all of the String.split stuff with LdapName. LdapName is Java's
implementation of RFC 2253 for names in LDAP. All current test cases still work, while allowing
other LDAP implementations to work.

I've also implemented group expansion for the LDAPLoginModule. For example, group A is a member
of groups B and C. User X is a member of group A, which should mean user X is also a member
of groups B and C by virtue of being in group A. This allows for a hierarchy of roles making
role management much easier in my opinion.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message