[ https://issues.apache.org/jira/browse/AMQ-3064?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16158459#comment-16158459 ]
Gary Tully commented on AMQ-3064: --------------------------------- This has been resolved in ARTEMIS-1373 which has a clone of this login module. https://git-wip-us.apache.org/repos/asf?p=activemq-artemis.git;h=99b2e4c > Security: LDAPLoginModule: Specifying userRoleName as 'memberOf' fetches the > full DN of the group, and initializes a GroupPrincipal with full DN > ------------------------------------------------------------------------------------------------------------------------------------------------ > > Key: AMQ-3064 > URL: https://issues.apache.org/jira/browse/AMQ-3064 > Project: ActiveMQ > Issue Type: Wish > Affects Versions: 5.3.0 > Reporter: Amit Kumar > Priority: Minor > > In the sample below, when I specify the userRoleName as 'memberOf', it > initializes a GroupPrincipal with the name as full DN. e.g. > 'CN=somegroupIAMMemberOf,OU=Groups,O=domain'... > This may not work if the expected role is 'somegroupIAMMemberOf'. > TestLogin { > org.apache.activemq.jaas.LDAPLoginModule required > debug=false > initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory > connectionURL="ldap://something:389" > connectionUsername="uid=generic.gen,OU=Generics,O=something" > connectionPassword="generic123" > connectionProtocol="" > authentication=simple > userBase="OU=Users,O=something" > userSearchMatching="(uid={0})" > userSearchSubtree=true > userRoleName="memberOf" > roleName="CN" > roleBase="OU=Groups,O=something" > roleSearchMatching="member={0}" > roleSearchSubtree=true > ; > }; -- This message was sent by Atlassian JIRA (v6.4.14#64029)