[
https://issues.apache.org/jira/browse/SHIRO-640?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16247700#comment-16247700
]
mephi42 commented on SHIRO-640:
-------------------------------
This looks promising, but does not seem to work for me (it again tries to use
my mail as a DN).
I checked the code, and it seems to make use of searchFilter only in
getRoleNamesForUser(), but not in queryForAuthenticationInfo().
> Support user search LDAP expressions
> ------------------------------------
>
> Key: SHIRO-640
> URL: https://issues.apache.org/jira/browse/SHIRO-640
> Project: Shiro
> Issue Type: Improvement
> Components: Realms
> Affects Versions: 1.2.3
> Reporter: mephi42
> Priority: Trivial
>
> I'm trying to deploy Apache Zeppelin (https://zeppelin.apache.org/), which
> uses Shiro for security. In our organization LDAP is set up in a way that
> everybody authenticates using email address (which is not part of DN), rather
> than UID (which is part of DN, but looks extremely ugly).
> Other solutions integrate with this scheme by letting me configure LDAP
> search expression to resolve user DN, for example:
> (&(mail=%s)(objectclass=Person)). The resolved DN is then used in a regular
> way for authentication.
> I wonder if it would be possible to add such functionality to Shiro?
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
