[
https://issues.apache.org/jira/browse/SHIRO-640?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16240631#comment-16240631
]
Brian Demers commented on SHIRO-640:
------------------------------------
Using the ActiveDirectoryRealm, you should be able to set the {{searchFilter}}
It defaults to: {code}(&(objectClass=*)(userPrincipalName={0})){code}
> Support user search LDAP expressions
> ------------------------------------
>
> Key: SHIRO-640
> URL: https://issues.apache.org/jira/browse/SHIRO-640
> Project: Shiro
> Issue Type: Improvement
> Components: Realms
> Affects Versions: 1.2.3
> Reporter: mephi42
> Priority: Trivial
>
> I'm trying to deploy Apache Zeppelin (https://zeppelin.apache.org/), which
> uses Shiro for security. In our organization LDAP is set up in a way that
> everybody authenticates using email address (which is not part of DN), rather
> than UID (which is part of DN, but looks extremely ugly).
> Other solutions integrate with this scheme by letting me configure LDAP
> search expression to resolve user DN, for example:
> (&(mail=%s)(objectclass=Person)). The resolved DN is then used in a regular
> way for authentication.
> I wonder if it would be possible to add such functionality to Shiro?
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
