Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
This is a cloned issue from NiFi (NIFI-4567) that is also relevant in NiFi Registry as it uses the same LDAP configuration functionality.
Currently, group membership is defined using a fully qualified DN between user and group or between group and user. When membership is defined through a user, the group DN is required. When membership is defined through a group, the user DN is required.
We should add another property to configure which attribute in the referenced group or user should be used as the value of the user's group attribute or the group's user attribute. For instance, if the user's member attribute contains the value 'group1' this new property would be the group attribute that returns the value 'group1'. When these new properties are blank a full DN is assumed.
Attachments
Issue Links
- relates to
-
NIFI-4567 LdapUserGroupProvider: Allow admin to configure group membership attribute
- Resolved
- links to