Recursive LDAP Searching in 4.2 Compared to 4.0
44 views
Skip to first unread message
Melissa Floyd
Jan 25, 2017, 12:11:14 AM1/25/17
to CAS Community
We are attempting to migrate to 4.2 from 4.0. In 4.0, we were able to recursively retrieve one flat list of user's groups, including ancestor groups, with the following configuration. I was wondering how we may be able to achieve a similar result in 4.2 with the <ldaptive:authenticator> configuration. Any suggestions would be helpful. Thanks!
<bean id="authenticator" class="org.ldaptive.auth.Authenticator"
c:resolver-ref="dnResolver"
c:handler-ref="authHandler">
<!-- Add the RecursiveEntryHandler to flatten the group hierarchy and
include ancestor groups in the MemberOf response values. -->
<property name="entryResolver">
<bean class="org.ldaptive.auth.PooledSearchEntryResolver"
p:connectionFactory-ref="searchPooledLdapConnectionFactory">
<property name="searchEntryHandlers">
<bean class="org.ldaptive.handler.RecursiveEntryHandler"
p:searchAttribute="memberOf"
p:mergeAttributes="memberOf"/>
</property>
</bean>
</property>
</bean>
<bean id="authenticator" class="org.ldaptive.auth.Authenticator"
c:resolver-ref="dnResolver"
c:handler-ref="authHandler">
<!-- Add the RecursiveEntryHandler to flatten the group hierarchy and
include ancestor groups in the MemberOf response values. -->
<property name="entryResolver">
<bean class="org.ldaptive.auth.PooledSearchEntryResolver"
p:connectionFactory-ref="searchPooledLdapConnectionFactory">
<property name="searchEntryHandlers">
<bean class="org.ldaptive.handler.RecursiveEntryHandler"
p:searchAttribute="memberOf"
p:mergeAttributes="memberOf"/>
</property>
</bean>
</property>
</bean>
Misagh Moayyed
Jan 25, 2017, 3:49:50 PM1/25/17
to cas-...@apereo.org
Speaking from memory, I don’t think the ldaptive syntactic sugar supports configuration of pluggable entry resolvers; you may have to fall back to the same sort of config you had before.
--
Misagh
Misagh
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/9ef4ca07-14a7-451b-bac7-8277dd08156d%40apereo.org.
Melissa Floyd
Jan 25, 2017, 11:22:57 PM1/25/17
to CAS Community
Thank you Misagh. After much digging, that was the conclusion I was arriving at however I wanted to confirm that was indeed the case.
Appreciate the help,
Melissa
Appreciate the help,
Melissa
Reply all
Reply to author
Forward
0 new messages