[GUACAMOLE-1456] Support configurable "seeAlso" attribute name - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Trivial
Resolution: Won't Fix
Affects Version/s: 1.3.0
Fix Version/s: None
Component/s: guacamole-auth-ldap
Labels:
None

Description

The "seeAlso" LDAP attribute name at guacomole config objects seems to be hardcoded and cannot be configured.

With a posix based schema we are storing LDAP group memberships in the "uniqueMember" attribute, e.g.:

```

objectClass ( 1.3.6.1.4.1.38971.1.2.1 NAME 'guacConfigGroup'
DESC 'Guacamole configuration'
STRUCTURAL
MUST ( cn $ guacConfigProtocol )
MAY (
description $
uniqueMember $
guacConfigParameter
)
)

```

with

```

dn: cn=SSH,cn=guacamole,dc=mole,dc=test
guacConfigProtocol: ssh
guacConfigParameter: hostname=10.200.72.16
cn: SSH
objectClass: top
objectClass: guacConfigGroup
uniqueMember: cn=Domain Admins,cn=groups,dc=mole,dc=test
uniqueMember: cn=Domain Users,cn=groups,dc=mole,dc=test
uniqueMember: uid=Administrator,cn=users,dc=mole,dc=test

```

Your code:

```

extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java: public static final String LDAP_ATTRIBUTE_NAME_GROUPS = "seeAlso";
extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java: LDAP_ATTRIBUTE_NAME_GROUPS
extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java: groupFilter.addNode(new EqualityNode(LDAP_ATTRIBUTE_NAME_GROUPS,entry.getDn().toString()))

```

All other LDAP attribute names seem to be configurable in `~/.guacamole/guacamole.properties` except for `seeAlso`.

Please make it configurable as well!

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Florian Best

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 09/Nov/21 13:08

Updated:: 03/Apr/24 20:25

Resolved:: 03/Apr/24 20:25