Hi,
I am trying to setup BASIC authentication on camel-jetty routes with a LDAP
user.
I defined the realm in my blueprint.xml to use Karaf's LDAPLoginModule (see
below) and I think there is a limitation with the "%u" placeholder. If
users are not hierarchically structured, I can configure twice the user
suffix ("ou=Users,dc=mycompany,dc=com" in my example), both in the
"user.base.dn", and in the "role.filter".
This works fine.
However, if users are hierarchically structured, the "%u" only contains the
login and not the sub-branch ("SUBBRANCH" in my example).
Is there any reason why the "%u" is not containing the full DN instead of
the login name ?
Thanks in advance,
metatech
<jaas:config name="LDAPRealm">
<jaas:module
className="org.apache.karaf.jaas.modules.ldap.LDAPLoginModule"
flags="required">
connection.url = ldap://ldap-acc.mycompany.com:389
user.base.dn = ou=Users,dc=mycompany,dc=com
user.filter = (uid=%u)
user.search.subtree = true
role.base.dn = ou=UsersGroups,dc=mycompany,dc=com
role.filter =
(uniqueMember=uid=%u,ou=SUBBRANCH,ou=Users,dc=mycompany,dc=com)
role.name.attribute = cn
role.search.subtree = true
authentication = simple
</jaas:module>
</jaas:config>
--
View this message in context:
http://karaf.922171.n3.nabble.com/Does-Karaf-support-hierarchical-LDAP-roles-tp3477321p3477321.html
Sent from the Karaf - User mailing list archive at Nabble.com.
