0 Replies Latest reply on Dec 3, 2012 6:01 AM by Anish Antony

    Setup Access permission to all LDAP Users

    Anish Antony Newbie

      Hi

      I integrate Active directory connection in my Gatein (3.2). In Idm-configuration.xml file i setup the Group type mapping just like follows

                 <entry>

                      <key><string>/Group1/*</string></key>

                      <value><string>msad_roles_type</string></value>

                  </entry>

      But after the successfull AD (Active Drectory) integration with Gatein i can find out that there is some sub Groups in inside Group1. like Group1, Group2, Group3.... etc. And the users of AD are arranged inside each groups.

       

      For example:

      Group1

         |

         |___________Group2

         |

         |___________Group3

         |

         |___________Group4

       

      Ok, Lets come to my problem....

       

      In pages.xml, portal.xml i need to configure the access permission to all users inside Group1 (Including users inside Group2, Group3....etc). How its possible?

       

      Is it possble to setup access-permission like this (I tried but failed):-

      <access-permissions>MyRole:/Group1/*</access-permissions>

       

      Also i need to set up GroupName parameter in  common-configuration.xml. I have tried the following format but it fails

       

      <collection type="java.util.ArrayList"

                                  item-type="org.exoplatform.web.login.redirect.MappingParam">

                                  <value>

                                      <object type="org.exoplatform.web.login.redirect.MappingParam">

                                          <field name="groupName">

                                              <string>MyRole:/Group1/*</string>

                                          </field>

                                          <field name="loginURL">

                                              <string>/portal/abcd/home</string>

                                          </field>

                                          <field name="logoutURL">

                                              <string>/portal/private/abcd</string>

                                          </field>

                                      </object>

                                  </value>

      </collection>

       

       

      Regards-

                     Anish Antony