[jira] [Closed] (GUACAMOLE-1456) Support configurable "seeAlso" attribute name

Wed, 03 Apr 2024 13:26:05 -0700 


     [ 
https://issues.apache.org/jira/browse/GUACAMOLE-1456?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Nick Couchman closed GUACAMOLE-1456.
------------------------------------
    Resolution: Won't Fix

> Support configurable "seeAlso" attribute name
> ---------------------------------------------
>
>                 Key: GUACAMOLE-1456
>                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-1456
>             Project: Guacamole
>          Issue Type: Improvement
>          Components: guacamole-auth-ldap
>    Affects Versions: 1.3.0
>            Reporter: Florian Best
>            Priority: Trivial
>
> The "seeAlso" LDAP attribute name at guacomole config objects seems to be 
> hardcoded and cannot be configured.
>  
> With a posix based schema we are storing LDAP group memberships in the 
> "uniqueMember" attribute, e.g.:
>  
> ```
> objectClass ( 1.3.6.1.4.1.38971.1.2.1 NAME 'guacConfigGroup'
>         DESC 'Guacamole configuration'
>         STRUCTURAL
>         MUST ( cn $ guacConfigProtocol )
>         MAY (
>                 description $
>                 uniqueMember $
>                 guacConfigParameter
>                 )
>         )
> ```
>  
> with
> ```
> dn: cn=SSH,cn=guacamole,dc=mole,dc=test
> guacConfigProtocol: ssh
> guacConfigParameter: hostname=10.200.72.16
> cn: SSH
> objectClass: top
> objectClass: guacConfigGroup
> uniqueMember: cn=Domain Admins,cn=groups,dc=mole,dc=test
> uniqueMember: cn=Domain Users,cn=groups,dc=mole,dc=test
> uniqueMember: uid=Administrator,cn=users,dc=mole,dc=test
> ```
>  
> Your code:
> ```
> extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java:
>     public static final String LDAP_ATTRIBUTE_NAME_GROUPS = "seeAlso";        
>                                                   
> extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java:
>                     LDAP_ATTRIBUTE_NAME_GROUPS                                
>                                                   
> extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/connection/ConnectionService.java:
>                 groupFilter.addNode(new 
> EqualityNode(LDAP_ATTRIBUTE_NAME_GROUPS,entry.getDn().toString())) 
> ```
>  
> All other LDAP attribute names seem to be configurable in 
> `~/.guacamole/guacamole.properties` except for `seeAlso`.
> Please make it configurable as well!



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to