karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ancoron Luciferis (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (KARAF-3382) Support configuration for custom LDAP group to JAAS role mapping
Date Wed, 26 Nov 2014 17:29:12 GMT

    [ https://issues.apache.org/jira/browse/KARAF-3382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14226499#comment-14226499
] 

Ancoron Luciferis commented on KARAF-3382:
------------------------------------------

The concept of the previous patches is the following:
* new configuration option "role.mapping"
* the mapping is specified as the following pattern: {{<ldap-group>=<jaas-role>(,<jaas-role>)\*(;<ldap-group>=<jaas-role>(,<jaas-role>)\*)\*}}

\\
Example:
{noformat}
role.mapping = Administrator=admin;DevOp=admin,user,operator;Tester=user;Administrator=operator
{noformat}

...will result in the following mapping at runtime:
||LDAP group||JAAS role||
|Administrator|admin|
|Administrator|operator|
|DevOp|admin|
|DevOp|user|
|DevOp|operator|
|Tester|user|

> Support configuration for custom LDAP group to JAAS role mapping
> ----------------------------------------------------------------
>
>                 Key: KARAF-3382
>                 URL: https://issues.apache.org/jira/browse/KARAF-3382
>             Project: Karaf
>          Issue Type: Improvement
>          Components: karaf-security
>    Affects Versions: 2.4.0, 3.0.2, 2.3.9, 4.0.0.M1
>            Reporter: Ancoron Luciferis
>            Priority: Minor
>              Labels: ldap
>             Fix For: 4.0.0, 3.0.3, 2.4.1, 2.3.10
>
>         Attachments: karaf-2.3.x-jaas-modules-Add-configuration-parameter-role.mappin.patch,
karaf-2.x-jaas-modules-Add-configuration-parameter-role.mappin.patch, karaf-3.0.x-jaas-modules-Add-configuration-parameter-role.mappin.patch,
karaf-master-jaas-modules-Add-configuration-parameter-role.mappin.patch
>
>
> Use-case: enable integration of an externally developed application running Karaf without
the need to define new groups in LDAP (map existing LDAP groups to roles defined by the application).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message