-
Type:
Improvement
-
Status: Open
-
Priority:
Minor
-
Resolution: Unresolved
-
Affects Version/s: None
-
Fix Version/s: None
-
Component/s: None
-
Labels:None
LDAP Servers can store group information in two locations. Either they will attach information to the user which lists the group membership.. and/or.. they will attach the information to the group which list the user membership.
When a user logs in, the user record is passed to Liferay and Liferay will check if there is group information attached to the user.. and will import accordingly. In this case, group membership membership is updated real-time. However, like i mentioned, sometimes the LDAP server will store group information on the group record.. listing the users that belong to the group. In this case, group membership will not be imported until there is a mass import (there is a configuration setting which controls the import intervals).
There is a delay before User-UserGroup membership is updated..
Add code in PortalLDAPUtil, at the bottom of the "importLDAPUser" method.. which will check to make sure that the user is still a member of its UserGroups.