Hey, On Tue, Sep 4, 2012 at 10:41 AM, Merve Temizer <[email protected]> wrote: > Hello, > > I can succesfully authenticate my application with ApacheDS > > But know i use only one domain. > > I want to add subdomains or sub organizations under root domain. > > For example a root organization as > > dc=example,dc=com > > and sub organizations dc=x > > another sub organization dc=y > > Now i can authenticate users using uid attribute > > like: > > user-search-filter="(uid={0})" > > i use login name like user1, without a @ postfix > > But i want to have suborganizations and i want to use [email protected] > > Is it possible and how? > > My application is a spring application but i think subject is independent > from my application side.
In general, the most flexible solution would be to rebuild the domain structure within your DIT and place the user/account objects within their domain. This would require your application to either (a) build the search base DN (baseObject) from the users domain/realm or (b) search for the domain name (subsequent searches for each label) within your DIT to get the search base to find the corresponding user/account object. A solution that would be less complex for the application(s) to handle is to build aliases using "$user@$domain" to find the corresponding user/account object. Regards, Linus
