David Lacy wrote > Hi, > > Is it possible to access LDAP attributes from within FESLPOLICY's? I see > many examples using xacml1.0, but the "ou" attribute doesn't seem to be > supported under fesl. I found reference to the LDAPAttributeFinder in > config-attribute-finder.xml, but its configuration hasn't been updated.
Hi David, What I did on version 3.42 and then 3.5 was look into the implementation of existing attribute finders and tune them to my needs. In my case I wanted to have groups from LDAP be checked on the FESL PDP. I ended up looking up the LDAPAttributeFinder class for inspiration and making a new one and recompiled the PDP jar, then added a new configuration in the config-attribute-finder.xml and added it to the config-pdp.xml. I'm not sure if the old LDAPAttributeFinder class still works but I believe so, you should only have to change the config to match your server and add the attribute finder also on the the config-pdp.xml if its not there yet. Not sure if this also works in 3.6 as I haven't worked yet with the new version. -- View this message in context: http://fedora-commons.1317035.n2.nabble.com/Re-fcrepo-user-FESLPOLICY-s-and-LDAP-attributes-tp7578520p7578524.html Sent from the Fedora Commons Users mailing list archive at Nabble.com. ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_sfd2d_oct _______________________________________________ Fedora-commons-users mailing list Fedora-commons-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
