Assign users in LDAP group to DSpace group on login
---------------------------------------------------
Key: DS-1078
URL: https://jira.duraspace.org/browse/DS-1078
Project: DSpace
Issue Type: Improvement
Components: DSpace API
Affects Versions: 1.8.0, 1.7.2
Reporter: Samuel Ottenhoff
Priority: Major
Attachments: DS-1078.patch
Use case: academic institution has their LDAP users nicely separated with an
OU=Students, OU=Employees, and OU=Faculty. The institution wants a simple way
to say: "any employees can submit to this collection, any faculty can submit to
this collection."
Proposed new DSpace property (similar to search.index config):
Form is DN search string then DSpace group.
ldap.login.groupmap.1 = ou=Students:ALL_STUDENTS
ldap.login.groupmap.2 = ou=Employees:ALL_EMPLOYEES
ldap.login.groupmap.3 = ou=Faculty:ALL_FACULTY
So, if a user has a dn like:
cn=jdoe,OU=Students,OU=Users,dc=example,dc=edu that user would get assigned to
the ALL_STUDENTS group on login
I thought about implementing this as part of getSpecialGroups, but the DN is
not stored in the EPerson object, so it needs to be fetched from LDAP to be
inspected. This proposed patch checks every time a user logs in to see if they
need to be placed into any groups based on the mapping.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://jira.duraspace.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure
contains a definitive record of customers, application performance,
security threats, fraudulent activity, and more. Splunk takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
Dspace-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/dspace-devel
