4 Replies Latest reply on Aug 3, 2017 9:51 AM by a.niemeyer

    AD Security realm authentication and filter with objectGUID instead of sAMAccountName

    a.niemeyer
    a.niemeyer Aug 3, 2017 9:25 AM

      Hi,

       

      Within the EAP 7.0 servers' standalone.xml config for a security realm with AD auth, I would like to change that from

       

      <advanced-filter filter="(&amp;(sAMAccountName={0}))"/>

      to

      <advanced-filter filter="(&amp;(objectGUID={0}))"/>

      .

      The actual works fine, but I don't know how to change to the desired objectGUID..

      Probably the login method with passed username has to change to the encoded objectGUID?!

       

      The login itself goes like this:

       

      @POST
      @Path("/login")

      public Response login(@FormParam("username") String username, @FormParam("password") String password, @Context HttpServletRequest request) {

       

         try {

         if (request.getUserPrincipal() != null) {

         logger.info(String.format("user %s is already logged in", request.getUserPrincipal().getName()));

        } else {

        request.login(username, password);

         logger.info("Login Success for: " + username);

        }

        } catch (ServletException e) {

         logger.error("Login Exception: " + e.getMessage());

         return LoginFormServiceUtil.seeOther("../fail_login.html");

        }

       

      Thank you in advance!

       

      Kind regards,

      Andreas