asRdn meaning in LDAP realm --------------------------- Key: ELY-767 URL: https://issues.jboss.org/browse/ELY-767 Project: WildFly Elytron Issue Type: Enhancement Components: Realms Reporter: Jan Kalina Assignee: Jan Kalina Meaning of asRdn in AttributeMaping of LdapSecurityRealm is illogicaly different for filtered and simple attributes: Currently: * meaning of asRdn is different for mappings without filter (obtaining attribute from identity entry) and with filter (different entry) * simple: attribute value is parsed as DN * filtered: DN of the whole entry is parsed (and ldapName, which is required, is ignored) I suggest: * when asRdn is defined: * if ldapName will be defined, LDAP attribute will be parsed (for filtered mappings too) * if ldapName will not be defined, DN of entry will be parsed (DN of identity entry for simple mapping)