[ https://issues.apache.org/jira/browse/OAK-3144?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14730516#comment-14730516 ]
Konrad Windszus commented on OAK-3144: -------------------------------------- The test is failing with the following message {code} FAILED: org.apache.jackrabbit.oak.security.authentication.ldap.LdapProviderTest.testGetUserProperties Error Message: Expected: <{uid=hhornblo, mail=hhorn...@royalnavy.mod.uk, givenname=Horatio, description=Capt. Horatio Hornblower, R.N, sn=Hornblower, cn=Horatio Hornblower, objectclass=[top, person, organizationalPerson, inetOrgPerson]}> got: <{uid=hhornblo, mail=hhorn...@royalnavy.mod.uk, sn=Hornblower, cn=Horatio Hornblower, description=Capt. Horatio Hornblower, R.N, givenname=Horatio, objectclass=[organizationalPerson, person, inetOrgPerson, top]}> {code} This is due to the fact that the object classes don't have the expected order. > Support multivalue user properties for Ldap users > ------------------------------------------------- > > Key: OAK-3144 > URL: https://issues.apache.org/jira/browse/OAK-3144 > Project: Jackrabbit Oak > Issue Type: Improvement > Components: auth-ldap > Affects Versions: 1.3.3 > Reporter: Konrad Windszus > Assignee: Manfred Baedke > Fix For: 1.3.6, 1.2.5 > > > Currently the {{ExternalUser.getProperties}} only exposes single value > properties (or in case of multiple values in the LDAP only the first value). > The problem is the code {{LdapIdentityProvider.createUser()}} > (https://github.com/apache/jackrabbit-oak/blob/trunk/oak-auth-ldap/src/main/java/org/apache/jackrabbit/oak/security/authentication/ldap/impl/LdapIdentityProvider.java#L711). > This only uses > http://directory.apache.org/api/gen-docs/latest/apidocs/org/apache/directory/api/ldap/model/entry/Attribute.html#getString%28%29 > which returns the first value only. One has to leverage the iterator > implemented by each attribute object to get all values! -- This message was sent by Atlassian JIRA (v6.3.4#6332)