Okay, I'm doing this a little backwards, but I think this should work. I'm trying to
figure out what roles a user has by querying the attribute list for groupMembership
for the authenticated user. I know that the demonstrated method is to query the names
of all the groups that a user is a member. But due to various limitations with that
scheme I have to query the groups from a user entry in our directory instead.
So my filter looks like this:
(&(objectClass=person)(mail={1}@akc.org))
This could work great, but I have to make a change to getRoles in JNDIRealm to get it
there. getRoles is coded to return only the first attribute, so currently I only get
the first role in the list and not the 14 or 15 roles that folks belong to. Is there
any reason we can't change it to walk the whole list of attributes (roles in this
case) when there is more than one?
so instead of this while loop, it would use the following proposed code.
/**** Current code ****/
while (results.hasMore()) {
SearchResult result = (SearchResult) results.next();
Attributes attrs = result.getAttributes();
if (attrs == null)
continue;
Attribute attr = attrs.get(roleName[0]);
if (attr != null) {
String role = (String) attr.get();
if (debug >= 3)
log(" Found role '" + role + "'");
list.add(role);
}
}
/**** Proposed Code ***/
while (results.hasMore()) {
SearchResult result = (SearchResult) results.next();
Attributes attrs = result.getAttributes();
if (attrs == null)
continue;
Attribute attr = attrs.get(roleName[0]);
if (attr != null) {
// MXT 2-13-2002 Add enumeration & while to loop through all roles.
NamingEnumeration rolesList = attr.getAll();
while (rolesList.hasMore())
{
// String role = (String) attr.get();
String role = (String) rolesList.next();
if (debug >= 3)
log(" Found role '" + role + "'");
list.add(role);
}
}
}
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>
