[
https://issues.apache.org/jira/browse/OFBIZ-811?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12513299
]
Si Chen commented on OFBIZ-811:
-------------------------------
I don't think it should be all-or-none like this. If a user doesn't have an
LDAP entry we should still look him up against the ofbiz user logins.
Also, if a user is defined only in ldap but not in ofbiz, how do we define what
ofbiz application permissions he has?
> Authentication using LDAP
> -------------------------
>
> Key: OFBIZ-811
> URL: https://issues.apache.org/jira/browse/OFBIZ-811
> Project: OFBiz
> Issue Type: New Feature
> Components: framework
> Environment: all
> Reporter: Mohamed Amine AZZI
> Assignee: Si Chen
> Priority: Trivial
> Attachments: ldap_authentication.patch, ldap_properties.patch,
> LoginServices.java, LoginServices.java.diff, security.properties.diff
>
>
> this feature, would enable Ofbiz users to authenticate their users using an
> LDAP. I developed that change in response to a customer request who wanted
> his employees to use the same passwords they use when openning a windows
> session.
> the solution was to recreate the same usernames in the Party manager with an
> unused password. and redirect the authentication to the LDAP when needed. The
> choice is made in the security.properties file. all parameters needed to
> connect to the LDAP are there also.
> After authentication all authorizations are taken out from the Party manager.
> This would give the same feature used by SharePoint, which is called cross
> privileges
> the change is minor as you would see, but very helpfull for people needing
> the same feature.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
