Uploaded image for project: 'ZZZ: PUBLIC - Old Liferay Portal (Use Liferay Portal Standard Edition)'
  1. ZZZ: PUBLIC - Old Liferay Portal (Use Liferay Portal Standard Edition)
  2. LEP-6159

Change to allow filtering a list of groups associated with the user from LDAP provider.

    Details

    • Type: Improvement
    • Status: Contributed Solution
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 5.0.1
    • Fix Version/s: 5.0.1
    • Component/s: None
    • Labels:
      None

      Description

      Currently, when user is logged in to Liferay, and Liferay is configured to use LDAP provider for authentication, all the groups associated with the user are imported into Liferay.

      Since users within enterprise LDAP structure could be members of different groups, unrelated to the purposes of the portal, this can lead to proliferation of the extraneous groups within portal, and hinder its administration.

      This change limits imported groups only to ones specifiied by the ldap.groups.include property in the portal-ext.properties file. Note that the user can either me a member of a group directly, or indirectly.

      For example, let's say the user is a member of the group ITUsers. The group ITUsers is a member of group EnterpriseUsers. The only group listed in the ldap.groups.include is EnterpriseUsers. In this case, the user's affiliation with EnterpriseUsers group will be pulled in, even though she is not directly listed as part of it.

        Attachments

          Activity

            People

            Assignee:
            support-lep@liferay.com SE Support
            Reporter:
            eskhisov Eduard Skhisov (Inactive)
            Participants of an Issue:
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Packages

                Version Package
                5.0.1