karaf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrea Tarocchi (JIRA)" <j...@apache.org>
Subject [jira] [Created] (KARAF-4989) Make LDAPLoginModule role.mapping option understand also fqdn
Date Thu, 16 Feb 2017 14:42:41 GMT
Andrea Tarocchi created KARAF-4989:
--------------------------------------

             Summary: Make LDAPLoginModule role.mapping option understand also fqdn
                 Key: KARAF-4989
                 URL: https://issues.apache.org/jira/browse/KARAF-4989
             Project: Karaf
          Issue Type: Improvement
          Components: karaf-security
            Reporter: Andrea Tarocchi
            Priority: Minor


With the current way of parsing {{*role.mapping*}} option in {{*LDAPLoginModule*}} is not
possible to specify a fqdn; a possible use case is to achieve a mapping like this:
{code:xml}
    <jaas:module className="org.apache.karaf.jaas.modules.ldap.LDAPLoginModule">
      [...]
      role.base.dn=ou=groups,dc=example,dc=org
      role.name.attribute=someAttributeResultingInFqdn
      role.filter=(member=%fqdn)
      role.search.subtree=true
      role.mapping=cn=admin,ou=groups,dc=example,dc=org=karafRole;cn=admin,ou=otherGroups,dc=example,dc=org=otherKarafRole
</jaas:module>
{code}
i.e. mapping based on a fqdn string instead of a cn.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message