ApacheDS, user groups membership and WebLogic


In ApacheDS, the ldap search for getting the group names a user (for instance cn=juan,ou=usuarios,0=acmecorp) belongs to is as follows:

(&
(objectClass=groupofuniquenames)
(uniqueMember=2.5.4.3=juan,2.5.4.11=usuarios,2.5.4.10=acmecorp)
)

In weblogic, for the supported ldap auth providers, the user membership configuration pattern setting is:

(&(<someattribute>=%M)(objectclass=<someobjectclass>))

Therefore a custom authenticator provider is needed in order to get it working.

Enjoy 😉

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.