Hi Trenton, It's a history problem. I contributed the LDAP module in 2008. Yes, you're right, it's not finished as the dns were not parsed.
You can add that part by: 1. add user's dns to cas attributes by person directory (change cas server). 2. parse the dn attributes and get the right user name/groups (ofbiz). 3. login the user (ofbiz). Good luck, Shi Jinghai On 2012-6-5, at 下午7:05, Trenton Perceval wrote: > Hi. > > I have configured my OFBiz instance to use CAS and LDAP during > authentication and it works. > The problem is, that every user, which is present in LDAP, is logged in with > full admin privileges. > Why is it so? > How to force OFBiz to import some groups from LDAP and behave appropriately, > namely: > - there are some groups in LDAP > - OFBiz treats different groups in different ways in terms of privileges > > I looked into the code and it seems that LDAP module is not too complex, > rather not finished. Am I wrong? > How to achieve this groups mapping? > > -- > View this message in context: > http://ofbiz.135035.n4.nabble.com/Logging-into-OFBiz-with-LDAP-tp4633243.html > Sent from the OFBiz - User mailing list archive at Nabble.com. >
