Hudson Does not Check uniqueMember within LDAP Groups

This issue is archived. You can view it, but you can't modify it. Learn more

XMLWordPrintable

      Currently Hudson only checks for attribute member in LDAP groups. However, it is
      also quite common to use attribtute uniqueMember to store member list.

      In WEB-INF/security/LDAPBindSecurityRealm.groovy, an one-line change that makes
      Hudson search for both member=

      {0} and uniqueMember={0}

      can be done as follows:

      authoritiesPopulator(DeferredCreationLdapAuthoritiesPopulator,initialDirContextFactory,"ou=groups")
      {
      // groupRoleAttribute = "ou";
      groupSearchFilter = "(|(member=

      {0}) (uniqueMember={0}

      ))"
      }

      Thanks to Kohsuke.Kawaguchi@sun.com for the above code.

            Assignee:
            Alan Harder
            Reporter:
            alvin_chang
            Archiver:
            Jenkins Service Account

              Created:
              Updated:
              Resolved:
              Archived: