users@glassfish.java.net

[LDAP Realm] question about group-search-filter

From: <glassfish_at_javadesktop.org>
Date: Sun, 06 Jul 2008 11:27:19 PDT

Hi,

i want to use glassfish container managed authentication + authorization. I got this to work with another project, but with this project it's a little bit different.

In this project users aren't added to groups as uniqueMember. Thus, the property [b]group-search-filter: uniquemember=%d[/b] will not work. In this project it's like the following:

A student:
[b]
# blabla, studenten, people,school.nl
dn: uid=blabla,ou=studenten,ou=people,dc=school,dc=nl
uid: xxxxxxxxxxxxxx
cn: xxxxxxxxx
sn: xxxxxxxxxxx
givenName: xxxxxx
uidNumber: xxxxxxxxx
gidNumber: 500
objectClass: inetOrgPerson
objectClass: posixAccount
[/b]

Group:
[b]
# studenten, group, school.nl
dn: cn=studenten,ou=group,dc=school,dc=nl
cn: studenten
gidNumber: 500
objectClass: posixGroup
objectClass: top
[/b]

As you can see i have to use the gidNumber to see what group the logged in user belongs to. But I don't know what value to use in the group-search-filter.... [b]group-search-filter: gidNumber=%d[/b] obviously won't work.

I really would appreciate any help :)
[Message sent by forum member 'monomo' (monomo)]

http://forums.java.net/jive/thread.jspa?messageID=284586