Larry McCay created KNOX-3036:
---------------------------------
Summary: Add a Primary Group Function to Virtual Groups
Key: KNOX-3036
URL: https://issues.apache.org/jira/browse/KNOX-3036
Project: Apache Knox
Issue Type: Improvement
Components: Server
Reporter: Larry McCay
Fix For: 2.1.0
The virtual groups through predicate evaluations should include a means to
dynamically add a group principal with the same name as the username.
This will require intercepting the configured mapping key name which usually
ends with the literal virtual group name that will be added upon matching of
the predicate logic.
For this, we will add an optional Logical Virtual Group which will need to be
resolved rather than used as a literal. For this specific usecase, we can use
syntax such as:
{code}
<param>
<name>group.mapping.$PRIMARY_GROUP</name>
<value>(not (member username))</value>
</param>
{code}
This will add a primary group for all authenticated users that don't already
have one in the current groups list.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
