Uploaded image for project: 'appNG'
  1. appNG
  2. APPNG-2097

LDAP Implementation lacks support for other Directory Servers than MS ADS

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Done
    • Priority: Low
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 1.16.2
    • Component/s: None
    • Labels:
      None

      Description

      The LDAP implementation in appNG uses hardcoded SAMAccount namescheme when binding to the DS. (See https://technet.microsoft.com/en-us/library/cc783351(v=ws.10).aspx

      This makes it incompatible with other Nameservers like OpenLDAP.

               if (StringUtils.isNotBlank(ldapDomain)) {
            if (username.startsWith(ldapDomain)) {
                /* Only works if the user is already in SAMAccount format */
                principal = username;
                /* Futile because not referenced below this point */
                username = getUserName(username, ldapDomain);
            } else {
                /* Should also allow UPN format or native LDAP DN as principal */
                principal = ldapDomain + DOMAIN_SEPARATOR + username;
            }
        } else {
            /* Never reached because Site Properties cannot be bank */
            principal = CN_ATTRIBUTE + "=" + username + "," + baseDn; 
        }

        Attachments

          Issue Links

          causes

          Improvement - A (small) change to an existing functionality. MGR-22 Integrate changes from APPNG-2097 into manager documentation

          • Medium - Has the potential to affect progress.
          • Done

            Activity

              People

              • Assignee:
                heuvels.dirk Dirk Heuvels
                Reporter:
                heuvels.dirk Dirk Heuvels
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: