Uploaded image for project: 'James Server'
  1. James Server
  2. JAMES-1569

LDAP group authentication filter to authenticate users by LDAP group

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • 3.0.0-beta5
    • 3.0.0-beta5
    • None
    • None
    • issue is not platform dependent.

    Description

      I created a small filter in the LDAP authentication system to allow user authentication to be filtered by additional criteria in a filter attribute of the repository in the xml config.

      <repository name="LocalUsers" class="org.apache.james.user.ldap.ReadOnlyUsersLDAPRepository" ldapHost="<host>" principal="<authuser>" credentials="<password>" userBase="<ou>" userObjectClass="<object class, e.g. inetOrgPerson>" userIdAttribute="<userid attribute name, e.g. cn>" filter="(<filter>)">

      example:

      <repository name="LocalUsers" class="org.apache.james.user.ldap.ReadOnlyUsersLDAPRepository" ldapHost="ldaps://mail.domain.com:636" principal="cn=admin,dc=domain,dc=com" credentials="password" userBase="ou=people,dc=domain,dc=com" userObjectClass="inetOrgPerson" userIdAttribute="cn" filter="(memberOf=CN=EmailUsers,ou=groups,DC=domain,DC=com)">

      Attachments

        1. james-ldap-patch.txt
          2 kB
          Robert Munn

        Activity

          People

            eric@apache.org Eric Charles
            robertdmunn Robert Munn
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: