[
https://issues.apache.org/jira/browse/KARAF-3382?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14226499#comment-14226499
]
Ancoron Luciferis commented on KARAF-3382:
------------------------------------------
The concept of the previous patches is the following:
* new configuration option "role.mapping"
* the mapping is specified as the following pattern:
{{<ldap-group>=<jaas-role>(,<jaas-role>)\*(;<ldap-group>=<jaas-role>(,<jaas-role>)\*)\*}}
\\
Example:
{noformat}
role.mapping =
Administrator=admin;DevOp=admin,user,operator;Tester=user;Administrator=operator
{noformat}
...will result in the following mapping at runtime:
||LDAP group||JAAS role||
|Administrator|admin|
|Administrator|operator|
|DevOp|admin|
|DevOp|user|
|DevOp|operator|
|Tester|user|
> Support configuration for custom LDAP group to JAAS role mapping
> ----------------------------------------------------------------
>
> Key: KARAF-3382
> URL: https://issues.apache.org/jira/browse/KARAF-3382
> Project: Karaf
> Issue Type: Improvement
> Components: karaf-security
> Affects Versions: 2.4.0, 3.0.2, 2.3.9, 4.0.0.M1
> Reporter: Ancoron Luciferis
> Priority: Minor
> Labels: ldap
> Fix For: 4.0.0, 3.0.3, 2.4.1, 2.3.10
>
> Attachments:
> karaf-2.3.x-jaas-modules-Add-configuration-parameter-role.mappin.patch,
> karaf-2.x-jaas-modules-Add-configuration-parameter-role.mappin.patch,
> karaf-3.0.x-jaas-modules-Add-configuration-parameter-role.mappin.patch,
> karaf-master-jaas-modules-Add-configuration-parameter-role.mappin.patch
>
>
> Use-case: enable integration of an externally developed application running
> Karaf without the need to define new groups in LDAP (map existing LDAP groups
> to roles defined by the application).
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
