Re: Extending LDAP support to include authorization

Thread: Re: Extending LDAP support to include authorization

Search this list only Search all lists
Re: Extending LDAP support to include authorization
	2007-09-14 00:49:33

On 9/13/07, Manos Batsis < manos_listsgeekologue.com">manos_listsgeekologue.com> wrote: Hi Dennis, Many thanks for your reply. Dennis Hopp wrote: >; One way to do it would just do a simple mapping.  So in the JTrac > application give an administrator a way to say what LDAP groups map to > what JTrac Roles.  When a user logs in, get the groups he/she is a > member of, do the mapping to any roles as necessary and assign >; authorization that way. I'm not sure how that would work for my or other complex cases as roles in my app are not global (i.e. do not apply to all spaces). I'm working on a deployment for a 2 or digit number of spaces and thousands of users. I was just thinking about space specific pseudo-entries like: cn: Space1 member: username1 member: username2 member: usernameN spaceLead: usernameX WDYT? Manos From what little I've seen of LDAP so far, it looks like people have widely different conventions and requirements for auto-mapping. I was thinking that for now we could make this pluggable - so end users can implement an interface, add the class to the classpath and have this work the way they want. ; Do let me know what you think. Thanks, Peter.

[1]