handavid commented on code in PR #1177:
URL: https://github.com/apache/knox/pull/1177#discussion_r2954835031
##########
gateway-server/src/main/java/org/apache/knox/gateway/services/ldap/backend/LdapProxyBackend.java:
##########
@@ -63,6 +64,14 @@ public class LdapProxyBackend implements LdapBackend {
private String groupMemberAttribute = "memberUid"; // member for AD,
memberUid for POSIX
private boolean useMemberOf; // Use memberOf attribute for group lookup
(efficient for AD)
+ private List<String> proxyEntityAttributeTypes = List.of(
+ // "uid" will always be filled
+ "cn",
+ "dn",
Review Comment:
there are two schemas in play. The `ldap-proxy-backend-test.ldif` schema is
for the backend ldap server (i.e., the real server). The
`proxyEntityAttributeTypes` are those entities that will be copied and returned
by the proxy ldap server. These two lists do not need to match exactly.
In this PR, the list is factored up from the `createProxyEntry` method for
easier inspection and future modification. This is not a change from the
existing behavior of the ldap proxy. We'll probably extend this list or pull it
out to configuration in the future to allow users to define schema for proxy
entities.
I just noticed the name mismatch between `Entity` and `Entry`. I'll fix the
name of this list to `proxyEntryAttributeTypes`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
