[ https://issues.apache.org/jira/browse/OAK-3115?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Konrad Windszus updated OAK-3115: --------------------------------- Description: Some LDAPs (e.g. OpenLDAP via http://www.openldap.org/doc/admin24/overlays.html or ActiveDirectory via https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-ada2/cc24555b-61c7-49a2-9748-167b8ce5a512), support a reverse lookup of group memberships (i.e. without an additional search the group membership can just be determined by looking at a specific attribute like "memberOf"). It would be good if the {{LdapIdentityProvider}} would support that directly (instead of executing an expensive search). was: Some LDAPs (e.g. OpenLDAP via http://www.openldap.org/doc/admin24/overlays.html), support a reverse lookup of group memberships (i.e. without an additional search the group membership can just be determined by looking at a specific attribute like "memberOf"). It would be good if the {{LdapIdentityProvider}} would support that directly (instead of executing an expensive search). > Support memberOf attribute within the user entity to lookup memberships in > the LdapIdentityProvider > --------------------------------------------------------------------------------------------------- > > Key: OAK-3115 > URL: https://issues.apache.org/jira/browse/OAK-3115 > Project: Jackrabbit Oak > Issue Type: Improvement > Components: auth-ldap > Affects Versions: 1.3.2 > Reporter: Konrad Windszus > Priority: Major > > Some LDAPs (e.g. OpenLDAP via > http://www.openldap.org/doc/admin24/overlays.html or ActiveDirectory via > https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-ada2/cc24555b-61c7-49a2-9748-167b8ce5a512), > support a reverse lookup of group memberships (i.e. without an additional > search the group membership can just be determined by looking at a specific > attribute like "memberOf"). > It would be good if the {{LdapIdentityProvider}} would support that directly > (instead of executing an expensive search). -- This message was sent by Atlassian Jira (v8.20.1#820001)