[
https://issues.apache.org/jira/browse/KNOX-3340?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18089079#comment-18089079
]
ASF subversion and git services commented on KNOX-3340:
-------------------------------------------------------
Commit 644246b12564e40915dbc44d6eeddfb4c92ade3a in knox's branch
refs/heads/master from David Han
[ https://gitbox.apache.org/repos/asf?p=knox.git;h=644246b12 ]
KNOX-3340: Add Control for LDAPRolesLookupInterceptor (#1258)
This commit adds a RolesLookupBypassControl for use with the
LDAPRolesLookupInterceptor.
The LDAPRolesLookupInterceptor will skip role mapping if this control is
present and true
in the request.
> Enable KnoxLdapService Role Lookup to return either Roles or Groups
> -------------------------------------------------------------------
>
> Key: KNOX-3340
> URL: https://issues.apache.org/jira/browse/KNOX-3340
> Project: Apache Knox
> Issue Type: Improvement
> Components: Server
> Reporter: David Han
> Assignee: David Han
> Priority: Major
> Fix For: 3.0.0
>
> Time Spent: 4h 20m
> Remaining Estimate: 0h
>
> The KnoxLdapService, when configured with role lookup will replace all groups
> in the resulting entries with roles. This Jira provides a mechanism for
> clients to request the underlying groups instead of the roles. E.g., groups
> would be needed for some service to admin/manage the mapping between groups
> and roles.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
