[jira] [Commented] (KARAF-4989) Make LDAPLoginModule role.mapping option understand also fqdn

Thu, 16 Feb 2017 06:46:54 -0800 

    [ 
https://issues.apache.org/jira/browse/KARAF-4989?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15870066#comment-15870066
 ] 

ASF GitHub Bot commented on KARAF-4989:
---------------------------------------

GitHub user valdar opened a pull request:

    https://github.com/apache/karaf/pull/283

    [KARAF-4989] Changed parsing of jaas ldap login module role.mapping option

    to support fqdn (i.e. strings with more than 1 equal char). The changes are 
compatible with previous logic.
    An example usage is in: 
jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/LdapLoginModuleTest.java

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/valdar/karaf ldapMappingFqdn

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/karaf/pull/283.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #283
    
----
commit f4d24808686e83c8ba57755928e6b0845f4d5a3c
Author: Andrea Tarocchi <[email protected]>
Date:   2017-02-16T13:53:06Z

    Changed parsing of jaas ldap login module role.mapping option
    to support fqdn (i.e. strings with more than 1 equal char). The changes are 
compatible with previous logic.
    An example usage is in: 
jaas/modules/src/test/java/org/apache/karaf/jaas/modules/ldap/LdapLoginModuleTest.java

----


> Make LDAPLoginModule role.mapping option understand also fqdn
> -------------------------------------------------------------
>
>                 Key: KARAF-4989
>                 URL: https://issues.apache.org/jira/browse/KARAF-4989
>             Project: Karaf
>          Issue Type: Improvement
>          Components: karaf-security
>            Reporter: Andrea Tarocchi
>            Assignee: Jean-Baptiste Onofré
>            Priority: Minor
>
> With the current way of parsing {{*role.mapping*}} option in 
> {{*LDAPLoginModule*}} is not possible to specify a fqdn; a possible use case 
> is to achieve a mapping like this:
> {code:xml}
>     <jaas:module 
> className="org.apache.karaf.jaas.modules.ldap.LDAPLoginModule">
>       [...]
>       role.base.dn=ou=groups,dc=example,dc=org
>       role.name.attribute=someAttributeResultingInFqdn
>       role.filter=(member=%fqdn)
>       role.search.subtree=true
>       
> role.mapping=cn=admin,ou=groups,dc=example,dc=org=karafRole;cn=admin,ou=otherGroups,dc=example,dc=org=otherKarafRole
> </jaas:module>
> {code}
> i.e. mapping based on a fqdn string instead of a cn.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to