Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-2256

Hudson Does not Check uniqueMember within LDAP Groups

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Major Major
    • _unsorted
    • None
    • Platform: All, OS: Linux

      Currently Hudson only checks for attribute member in LDAP groups. However, it is
      also quite common to use attribtute uniqueMember to store member list.

      In WEB-INF/security/LDAPBindSecurityRealm.groovy, an one-line change that makes
      Hudson search for both member=

      {0} and uniqueMember={0}

      can be done as follows:

      authoritiesPopulator(DeferredCreationLdapAuthoritiesPopulator,initialDirContextFactory,"ou=groups")
      {
      // groupRoleAttribute = "ou";
      groupSearchFilter = "(|(member=

      {0}) (uniqueMember={0}

      ))"
      }

      Thanks to Kohsuke.Kawaguchi@sun.com for the above code.

            mindless Alan Harder
            alvin_chang alvin_chang
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: