[LEP-6159] Change to allow filtering a list of groups associated with the user from LDAP provider. - Liferay Issues

XML

Word

Printable

Details

Type: Improvement
Status: Contributed Solution
Priority: Major
Resolution: Unresolved
Affects Version/s: 5.0.1
Fix Version/s: 5.0.1
Component/s: None
Labels:
None

Description

Currently, when user is logged in to Liferay, and Liferay is configured to use LDAP provider for authentication, all the groups associated with the user are imported into Liferay.

Since users within enterprise LDAP structure could be members of different groups, unrelated to the purposes of the portal, this can lead to proliferation of the extraneous groups within portal, and hinder its administration.

This change limits imported groups only to ones specifiied by the ldap.groups.include property in the portal-ext.properties file. Note that the user can either me a member of a group directly, or indirectly.

For example, let's say the user is a member of the group ITUsers. The group ITUsers is a member of group EnterpriseUsers. The only group listed in the ldap.groups.include is EnterpriseUsers. In this case, the user's affiliation with EnterpriseUsers group will be pulled in, even though she is not directly listed as part of it.

Attachments

Options
- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

ldap-allowed-groups-patch-trunk-rev-23472.diff
3 kB
04/Dec/08 1:15 PM
PortalLDAPUtil.java
27 kB
17/Jul/08 8:41 PM
PortalLDAPUtil.java
27 kB
02/Jun/08 1:01 PM
PropsUtil.java
4 kB
17/Jul/08 8:42 PM

Activity

People

Assignee:: SE Support

Reporter:: Eduard Skhisov (Inactive)

Participants of an Issue:: Eduard Skhisov, Eugene Rachitskiy, Jason Shao, Jason Shao, Scott Lee, SE Support

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 02/Jun/08 12:56 PM

Updated:: 10/Jun/09 2:28 PM

Resolved:: 10/Jun/09 2:28 PM

Packages

Version	Package
5.0.1