[jboss-jira] [JBoss JIRA] (ELY-767) asRdn meaning in LDAP realm

Jan Kalina (JIRA) issues at jboss.org
Thu Nov 17 13:12:00 EST 2016 

     [ https://issues.jboss.org/browse/ELY-767?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jan Kalina updated ELY-767:
---------------------------
    Description: 
Meaning of asRdn in AttributeMaping of LdapSecurityRealm is illogicaly different for filtered and simple attributes:

Currently:
* meaning of asRdn is different for mappings without filter (obtaining attribute from identity entry) and with filter (different entry)
** simple: value of attribute (defined by ldapName) is parsed as DN
** filtered: DN of the filtered entry is parsed (and ldapName is ignored - even through it is defined)

I suggest:
* when asRdn is defined:
** if ldapName will be defined, LDAP attribute will be parsed (for filtered mappings too)
** if ldapName will not be defined, DN of entry will be parsed (DN of identity entry for simple mapping)


  was:
Meaning of asRdn in AttributeMaping of LdapSecurityRealm is illogicaly different for filtered and simple attributes:

Currently:
* meaning of asRdn is different for mappings without filter (obtaining attribute from identity entry) and with filter (different entry)
 * simple: attribute value is parsed as DN
 * filtered: DN of the whole entry is parsed (and ldapName, which is required, is ignored)

I suggest:
* when asRdn is defined:
 * if ldapName will be defined, LDAP attribute will be parsed (for filtered mappings too)
 * if ldapName will not be defined, DN of entry will be parsed (DN of identity entry for simple mapping)




> asRdn meaning in LDAP realm
> ---------------------------
>
>                 Key: ELY-767
>                 URL: https://issues.jboss.org/browse/ELY-767
>             Project: WildFly Elytron
>          Issue Type: Enhancement
>          Components: Realms
>            Reporter: Jan Kalina
>            Assignee: Jan Kalina
>
> Meaning of asRdn in AttributeMaping of LdapSecurityRealm is illogicaly different for filtered and simple attributes:
> Currently:
> * meaning of asRdn is different for mappings without filter (obtaining attribute from identity entry) and with filter (different entry)
> ** simple: value of attribute (defined by ldapName) is parsed as DN
> ** filtered: DN of the filtered entry is parsed (and ldapName is ignored - even through it is defined)
> I suggest:
> * when asRdn is defined:
> ** if ldapName will be defined, LDAP attribute will be parsed (for filtered mappings too)
> ** if ldapName will not be defined, DN of entry will be parsed (DN of identity entry for simple mapping)



--
This message was sent by Atlassian JIRA
(v7.2.3#72005)

More information about the jboss-jira mailing list