[
https://issues.apache.org/jira/browse/AMQ-3770?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Chris Robison updated AMQ-3770:
-------------------------------
Attachment: LDAPAuthorizationMap.java
LDAPUpdatesAndTest1.patch
* Patching including updates to LDAP integration everywhere except
LDAPAuthorizationMap. Also includes group expansion with test case.
* Updated LDAPAuthorizationMap to generalize LDAP name processing
> Generalize LDAP group processing / LDAP group expansion
> -------------------------------------------------------
>
> Key: AMQ-3770
> URL: https://issues.apache.org/jira/browse/AMQ-3770
> Project: ActiveMQ
> Issue Type: Improvement
> Components: Broker
> Affects Versions: 5.5.1
> Reporter: Chris Robison
> Attachments: LDAPAuthorizationMap.java, LDAPUpdatesAndTest1.patch
>
>
> One of the issues with the way that LDAP integration is implemented in
> ActiveMQ is that it is making some serious assumptions based on how the
> examples are for Apache Directory. These assumptions prevent other LDAP
> implementations from functioning correctly (e.g., Active Directory). I've
> gone in and replaced all of the String.split stuff with LdapName. LdapName is
> Java's implementation of RFC 2253 for names in LDAP. All current test cases
> still work, while allowing other LDAP implementations to work.
> I've also implemented group expansion for the LDAPLoginModule. For example,
> group A is a member of groups B and C. User X is a member of group A, which
> should mean user X is also a member of groups B and C by virtue of being in
> group A. This allows for a hierarchy of roles making role management much
> easier in my opinion.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
