Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Critical
    • Resolution: Unresolved
    • Affects Version/s: 1.7.0.CR1
    • Fix Version/s: None
    • Component/s: Realms
    • Labels:
      None

      Description

      Double check Elytron ldap realm is capable doing this:

      Having ldap entries like this

      dn: cn=jduke,ou=Roles,ou=example2,${dnSuffix}
      objectClass: top
      objectClass: organizationalRole
      description: cn=Echo,ou=Roles,ou=example2,${dnSuffix}
      description: cn=TheDuke,ou=Roles,ou=example2,${dnSuffix}
      cn: jduke
      

      User will have roles jduke, Echo and TheDuke.

      This was possible with Picketbox with this configuration

              EapSetupTask roleAttributesConfiguration =
                      new LdapExtSecurityDomainBuilder(SECURITY_DOMAIN_NAME_PREFIX + DEP2)
                      .prepareDefaultForLdapServer(ldapServer)
                      .baseCtxDN("ou=People,ou=example2," + ldapServer.getDNSuffix())
                      .rolesCtxDN("ou=Roles,ou=example2," + ldapServer.getDNSuffix())
                      .referral("ignore")
                      .roleFilter("(|(objectClass=referral)(cn={0}))")
                      .roleAttributeID("description")
                      .roleAttributeIsDN("true")
                      .roleNameAttributeID("cn")
                      .roleRecursion("0")
                      .configure();
      

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                mchoma Martin Choma
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: