We are upgrading some very old qpid servers in the enterprise (6.0.8) and we use LDAP authentication. Where I might have a current ACL entry like this:
ACL ALLOW danlangford ALL im finding in QPID 6.1-9.0 i am needing the rule to look like this ACL ALLOW "cn=danlangford,ou=000,ou=People,o=MyEnterprise" ALL now in the above example i can still authenticate over HTTP or AMQP with the user "danlangford" and i see a log message Found 'danlangford' DN 'cn=danlangford,ou=000,ou=People,o=MyEnterprise' but my ACLs are now going to be much more verbose, and problematic (see below), if they have to contain the full DN. This is particularly problematic in my enterprise because our identity team has partitioned out all the users. see the "ou=000" (i happen to be in the first partition). so as it stands we will need to update our ACLs and go look up the full DN for each user manually to put into the ACL. And my identity team said that there is no guarantee that the partition won't change for some reason in the future and they encourage all system to search for a user. (cn=username) with search context of ou=People,o=MyEnterprise Is there a way to configure to prior behavior that allowed just the username in the ACL?
