Uploaded image for project: 'Opencast'
  1. MH-11730

Make the automatic role prefix in LDAPUserProvider configurable

    Details

    • Type: Task
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed and reviewed
    • Affects versions: 1.6.4, 2.2.1
    • Fix versions: 1.6.4, 2.2.1
    • Components: Backend Software

      Description

      Currently, the roles read by the LDAPUserProvider always carry the prefix "ROLE_". E.g. for a role "EXAMPLE" in a configured LDAP instance, the effective role in Mattehorn/Opencast will be "ROLE_EXAMPLE".

      This may be problematic in situations where, for instance, an institution has been using the database as the main user provider, has defined roles that do not start with the prefix "ROLE_" and decides to "migrate" their database users to an LDAP provider. Because of the mandatory "ROLE_" prefix applied by the LDAPUserProvider, the (new) users coming from LDAP can not use any roles that do not start with that prefix.

      The idea behind this task is to make the prefix addition configurable. Ideally, the prefix should still be "ROLE_" by default, to keep backwards compatibility.

        TestRail: Results

          Attachments

            Activity

              People

              • Assignee:
                ruben.perez Rubén Pérez
                Reporter:
                ruben.perez Rubén Pérez
              • Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  TestRail: Cases