Tagged LDAP

ApacheDS, user groups membership and WebLogic


In ApacheDS, the ldap search for getting the group names a user (for instance cn=juan,ou=usuarios,0=acmecorp) belongs to is as follows:

(&
(objectClass=groupofuniquenames)
(uniqueMember=2.5.4.3=juan,2.5.4.11=usuarios,2.5.4.10=acmecorp)
)

In weblogic, for the supported ldap auth providers, the user membership configuration pattern setting is:

(&(<someattribute>=%M)(objectclass=<someobjectclass>))

Therefore a custom authenticator provider is needed in order to get it working.

Enjoy 😉