This content has been marked as final.
Show 2 replies
-
1. Re: LDAP authentication, multiple groups
jyothi.a_jyothisree.yahoo.co.in Dec 15, 2009 11:42 AM (in response to rowin)Hi
Can u give the LDAP authentication configuration u made in u r server in detail .....
Regards
-
2. Re: LDAP authentication, multiple groups
joepwro.joepwro.gmail.com May 7, 2010 9:36 PM (in response to rowin)My LDAP configuration in components.xml is:
<security:ldap-identity-store name="ldapIdentityStore"
server-address="***Redacted***"
server-port="389"
bind-DN="CN=***Redacted***,OU=Services,DC=domain_name,DC=corp"
bind-credentials="***Redacted***"
user-name-attribute="sAMAccountName"
user-DN-prefix="DOMAIN_NAME\"
user-DN-suffix=""
role-name-attribute="name"
role-attribute-is-DN="true"
user-context-DN="OU=deptX,DC=domain_name,DC=corp"
role-context-DN="OU=deptX,DC=domain_name,DC=corp"
user-role-attribute="memberOf"
user-object-classes="user"
role-object-classes="group"
/>
I am able to authenticate users in different locations of LDAP directory, but I cannot get the roles of users in different locations of the LDAP directory.
Calling identityManager.getGrantedRole() uses the "user-context-DN" value. But I am only able to specify one context. I tried using wildcards like: user-context-DN="OU=*, ....", but that generates an error.
Is there a way to do this configuration to get the roles of users in different parts of the LDAP directory?