[ https://issues.jboss.org/browse/ELY-767?page=com.atlassian.jira.plugin.sy... ] Jan Kalina updated ELY-767: --------------------------- Description: Meaning of asRdn in AttributeMaping of LdapSecurityRealm is illogicaly different for filtered and simple attributes: Currently: * meaning of asRdn is different for mappings without filter (obtaining attribute from identity entry) and with filter (different entry) * simple: attribute value is parsed as DN * filtered: DN of the whole entry is parsed (and ldapName, which is required, is ignored) I suggest: * when asRdn is defined: * if ldapName will be defined, LDAP attribute will be parsed (for filtered mappings too) * if ldapName will not be defined, DN of entry will be parsed (DN of identity entry for simple mapping) was: Structure of AttributeMaping of LdapSecurityRealm is illogical: Currently: * meaning of asRdn is different for mappings without filter (obtaining attribute from identity entry) and with filter (different entry) * simple: attribute value is parsed as DN * filtered: DN of the whole entry is parsed (and ldapName, which is required, is ignored) I suggest: * when asRdn is defined: * if ldapName will be defined, LDAP attribute will be parsed (for filtered mappings too) * if ldapName will not be defined, DN of entry will be parsed (DN of identity entry for simple mapping) -- This message was sent by Atlassian JIRA (v7.2.3#72005)