Return-Path: 
 <openmeetings-user-return-753-apmail-incubator-openmeetings-user-archive=incubator.apache.org@incubator.apache.org>
X-Original-To: apmail-incubator-openmeetings-user-archive@minotaur.apache.org
Delivered-To: apmail-incubator-openmeetings-user-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 35E0F9114
	for <apmail-incubator-openmeetings-user-archive@minotaur.apache.org>;
 Wed,  4 Apr 2012 19:30:50 +0000 (UTC)
Received: (qmail 29376 invoked by uid 500); 4 Apr 2012 19:30:50 -0000
Delivered-To: apmail-incubator-openmeetings-user-archive@incubator.apache.org
Received: (qmail 29356 invoked by uid 500); 4 Apr 2012 19:30:50 -0000
Mailing-List: contact openmeetings-user-help@incubator.apache.org;
 run by ezmlm
Precedence: bulk
List-Help: <mailto:openmeetings-user-help@incubator.apache.org>
List-Unsubscribe: <mailto:openmeetings-user-unsubscribe@incubator.apache.org>
List-Post: <mailto:openmeetings-user@incubator.apache.org>
List-Id: <openmeetings-user.incubator.apache.org>
Reply-To: openmeetings-user@incubator.apache.org
Delivered-To: mailing list openmeetings-user@incubator.apache.org
Received: (qmail 29348 invoked by uid 99); 4 Apr 2012 19:30:50 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Apr 2012 19:30:50 +0000
X-ASF-Spam-Status: No, hits=2.8 required=5.0
	tests=FREEMAIL_REPLY,HTML_FONT_FACE_BAD,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of rubens.queiroz@gmail.com
 designates 209.85.215.47 as permitted sender)
Received: from [209.85.215.47] (HELO mail-lpp01m010-f47.google.com)
 (209.85.215.47)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 04 Apr 2012 19:30:43 +0000
Received: by lagw12 with SMTP id w12so707037lag.6
        for <openmeetings-user@incubator.apache.org>;
 Wed, 04 Apr 2012 12:30:22 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :content-type;
        bh=CefqZRYi9R5p1PglUYWIYQAv17JeVRIWHrvbI8xGywU=;
        b=abljXuIqxAm7nbeTiSBB5dZiU4q7BvCdaKGqb/LMkLL4bgGqKPTuYu4MZKxJ+C8TjL
         ChA9lHAof59MX7IJiAS7ECCenNPaGvF+0c8DoEBAjVyza4KZDjGfzANDio1WnaTEGQyH
         zbJPvFVpm1iPYF3tt8wPNYen36REBhTWwhQ6diyn2APOaqDSFRyOpv5krGwavKULis5H
         5yfi/Cv07Qq5HdfozM1JQhxU5M4D4ulF6gaNC7/m9gayKeK7oNdmQR0QSNSuJN24Wz5E
         K84tLTYJJgMAabGsOitzT5YC6BM1krHq7dXwfkyMXhMTzBEWLaTuSgkec4E5e+6BQGxR
         Of2Q==
MIME-Version: 1.0
Received: by 10.152.102.228 with SMTP id fr4mr20147960lab.23.1333567822175;
 Wed, 04 Apr 2012 12:30:22 -0700 (PDT)
Received: by 10.112.85.67 with HTTP; Wed, 4 Apr 2012 12:30:22 -0700 (PDT)
In-Reply-To: 
 <CACeMiA_DCPGXmwjTB3zDoa-idk5VQLzwAt1e8Ph=9_sKYhWgaw@mail.gmail.com>
References: 
 <CAG1T8DSLtNtvYJu-=umTfZGPmMZXBd99E=0Z90OpgmRWjoxLkg@mail.gmail.com>
	<CACeMiA_DCPGXmwjTB3zDoa-idk5VQLzwAt1e8Ph=9_sKYhWgaw@mail.gmail.com>
Date: Wed, 4 Apr 2012 16:30:22 -0300
Message-ID: 
 <CAG1T8DTRzfFi+VTbUeTwuMax6d+F3pqP6XRw2FothZ6Y9PYK5w@mail.gmail.com>
Subject: Re: LDAP filter
From: Rubens Queiroz de Almeida <rubens.queiroz@gmail.com>
To: openmeetings-user@incubator.apache.org
Content-Type: multipart/alternative; boundary=f46d040710ab531cc704bcdf74da
X-Virus-Checked: Checked by ClamAV on apache.org

--f46d040710ab531cc704bcdf74da
Content-Type: text/plain; charset=ISO-8859-1

Dear Sebastian,

In our university, we have three classes of records: staff, faculty and
students. We would like to allow people belonging to the staff and faculty
classes to be allowed access initially. So, we would like to fetch a name
and associated information from our LDAP base, and upon arriving in
Openmeetings we would check the field *EduPersonAffiliation*, which is an
attribute with multiple values. Should it belong to either the faculty of
staff class, access will be allowed.

Thanks a lot,

Rubens



On Wed, Apr 4, 2012 at 4:23 PM, seba.wagner@gmail.com <seba.wagner@gmail.com
> wrote:

> How would you expect such a filter would look like?
> Can't you add that to your ldap search base for the ou?
>
> Sebastian
> Am 04.04.2012 20:43 schrieb "Rubens Queiroz de Almeida" <
> rubens.queiroz@gmail.com>:
>
> Hi,
>>
>> I am using LDAP to authenticate user, but not all users are allowed to
>> access the service. Is there a way to filter the information I get from
>> LDAP so as to allow only authorized users?
>>
>> Thanks in advance,
>>
>> Rubens
>>
>

--f46d040710ab531cc704bcdf74da
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<font face=3D"trebuchet ms,sans-serif">Dear Sebastian,</font><div><font fac=
e=3D"trebuchet ms,sans-serif"><br></font></div><div><font face=3D"trebuchet=
 ms,sans-serif">In our university, we have three classes of records: staff,=
 faculty and students. We would like to allow people belonging to the staff=
 and faculty classes to be allowed access initially. So, we would like to f=
etch a name and associated information from our LDAP base, and upon arrivin=
g in Openmeetings we would check the field=A0<b>EduPersonAffiliation</b>, w=
hich is an attribute with multiple values. Should it belong to either the f=
aculty of staff class, access will be allowed.</font></div>
<div><font face=3D"trebuchet ms,sans-serif"><br></font></div><div><font cla=
ss=3D"Apple-style-span" face=3D"&#39;trebuchet ms&#39;, sans-serif">Thanks =
a lot,</font></div><div><font class=3D"Apple-style-span" face=3D"&#39;trebu=
chet ms&#39;, sans-serif"><br>
</font></div><div><font class=3D"Apple-style-span" face=3D"&#39;trebuchet m=
s&#39;, sans-serif">Rubens</font></div><div><font face=3D"trebuchet ms,sans=
-serif"><br></font></div><div><font face=3D"trebuchet ms,sans-serif"><br></=
font><br>
<div class=3D"gmail_quote">On Wed, Apr 4, 2012 at 4:23 PM, <a href=3D"mailt=
o:seba.wagner@gmail.com">seba.wagner@gmail.com</a> <span dir=3D"ltr">&lt;<a=
 href=3D"mailto:seba.wagner@gmail.com">seba.wagner@gmail.com</a>&gt;</span>=
 wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><p>How would you expect such a filter would =
look like?<br>
Can&#39;t you add that to your ldap search base for the ou?</p>
<p>Sebastian</p>
<div class=3D"gmail_quote">Am 04.04.2012 20:43 schrieb &quot;Rubens Queiroz=
 de Almeida&quot; &lt;<a href=3D"mailto:rubens.queiroz@gmail.com" target=3D=
"_blank">rubens.queiroz@gmail.com</a>&gt;:<div><div class=3D"h5"><br type=
=3D"attribution">
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">
<font face=3D"&#39;trebuchet ms&#39;, sans-serif">Hi,</font><div><font face=
=3D"&#39;trebuchet ms&#39;, sans-serif"><br></font></div><div><font face=3D=
"&#39;trebuchet ms&#39;, sans-serif">I am using LDAP to authenticate user, =
but not all users are allowed to access the service. Is there a way to filt=
er the information I get from LDAP so as to allow only authorized users?</f=
ont></div>


<div><font face=3D"&#39;trebuchet ms&#39;, sans-serif"><br></font></div><di=
v><font face=3D"&#39;trebuchet ms&#39;, sans-serif">Thanks in advance,</fon=
t></div><div><font face=3D"&#39;trebuchet ms&#39;, sans-serif"><br>
</font></div><div><font face=3D"&#39;trebuchet ms&#39;, sans-serif">Rubens<=
/font></div>
</blockquote></div></div></div>
</blockquote></div><br></div>

--f46d040710ab531cc704bcdf74da--