Uploaded image for project: 'PicketLink'
  1. PicketLink
  2. PLINK-625

Possibility that LDAPIdentityStore will return LDAP DN in some attribute

    XMLWordPrintable

Details

    • Enhancement
    • Resolution: Done
    • Major
    • PLINK_2.7.0.CR2
    • PLINK_2.6.0.CR5
    • IDM
    • None

    Description

      One of our users has usecase like this: "Our application was originally designed to use DN as unique identifier (not just UID) to locate User across multiple instance of Open LDAPs.
      But with keycloak how do I get the DN so that User attribute has the DN. So that after authentication I would be able to extract the DN from access token."

      So I wonder that it may be nice if LDAPIdentityStore has possibility to return also DN of user in some attribute. Maybe LDAPMappingConfigurationBuilder can have method like: dnAttribute(String)
      and if it's used, the attribute (either property if it's available on the particular IdentityType object or just attribute) will be filled with the DN of user after LDAP search?

      Attachments

        Activity

          People

            psilva@redhat.com Pedro Igor Craveiro
            mposolda@redhat.com Marek Posolda
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: