activemq-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dejan Bosanac (JIRA)" <>
Subject [jira] [Resolved] (AMQ-3770) Generalize LDAP group processing / LDAP group expansion
Date Thu, 07 Jun 2012 14:52:22 GMT


Dejan Bosanac resolved AMQ-3770.

       Resolution: Fixed
    Fix Version/s: 5.7.0

group expansion is committed with svn revision 1347649. I believe that String split problem
was addressed with [AMQ-3791]. Please test it out and reopen if I missed anything.
> Generalize LDAP group processing / LDAP group expansion
> -------------------------------------------------------
>                 Key: AMQ-3770
>                 URL:
>             Project: ActiveMQ
>          Issue Type: Improvement
>          Components: Broker
>    Affects Versions: 5.5.1
>            Reporter: Chris Robison
>            Assignee: Dejan Bosanac
>             Fix For: 5.7.0
>         Attachments:, LDAPUpdatesAndTest1.patch
> One of the issues with the way that LDAP integration is implemented in ActiveMQ is that
it is making some serious assumptions based on how the examples are for Apache Directory.
These assumptions prevent other LDAP implementations from functioning correctly (e.g., Active
Directory). I've gone in and replaced all of the String.split stuff with LdapName. LdapName
is Java's implementation of RFC 2253 for names in LDAP. All current test cases still work,
while allowing other LDAP implementations to work.
> I've also implemented group expansion for the LDAPLoginModule. For example, group A is
a member of groups B and C. User X is a member of group A, which should mean user X is also
a member of groups B and C by virtue of being in group A. This allows for a hierarchy of roles
making role management much easier in my opinion.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:!default.jspa
For more information on JIRA, see:


View raw message