[jboss-jira] [JBoss JIRA] (ELY-1675) Merge roles from entry and entry attributes
Darran Lofthouse (JIRA)
issues at jboss.org
Wed Sep 26 13:35:02 EDT 2018
[ https://issues.jboss.org/browse/ELY-1675?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Darran Lofthouse updated ELY-1675:
----------------------------------
Fix Version/s: 1.7.0.CR3
(was: 1.7.0.CR2)
> Merge roles from entry and entry attributes
> -------------------------------------------
>
> Key: ELY-1675
> URL: https://issues.jboss.org/browse/ELY-1675
> Project: WildFly Elytron
> Issue Type: Bug
> Components: Realms
> Affects Versions: 1.7.0.CR1
> Reporter: Martin Choma
> Priority: Critical
> Fix For: 1.7.0.CR3
>
>
> Double check Elytron ldap realm is capable doing this:
> Having ldap entries like this
> {code}
> dn: cn=jduke,ou=Roles,ou=example2,${dnSuffix}
> objectClass: top
> objectClass: organizationalRole
> description: cn=Echo,ou=Roles,ou=example2,${dnSuffix}
> description: cn=TheDuke,ou=Roles,ou=example2,${dnSuffix}
> cn: jduke
> {code}
> User will have roles jduke, Echo and TheDuke.
> This was possible with Picketbox with this configuration
> {code}
> EapSetupTask roleAttributesConfiguration =
> new LdapExtSecurityDomainBuilder(SECURITY_DOMAIN_NAME_PREFIX + DEP2)
> .prepareDefaultForLdapServer(ldapServer)
> .baseCtxDN("ou=People,ou=example2," + ldapServer.getDNSuffix())
> .rolesCtxDN("ou=Roles,ou=example2," + ldapServer.getDNSuffix())
> .referral("ignore")
> .roleFilter("(|(objectClass=referral)(cn={0}))")
> .roleAttributeID("description")
> .roleAttributeIsDN("true")
> .roleNameAttributeID("cn")
> .roleRecursion("0")
> .configure();
> {code}
--
This message was sent by Atlassian JIRA
(v7.5.0#75005)
More information about the jboss-jira
mailing list