Currently trying to make my PicketLink configuration work with Redhat DS(389-ds) and seems like there is no support for RFC 4530 entryUUID. Is it so? At least from 389 I can't find such attribute. Is there some plugin for the server available witch can do the trick? Or is there known workaround? I think there was some bug about this, but It's not clear where is it no? At least entryUUID is missed from schema on 389-server. How one can make Redhat DS (389-server) working with PicketLink's entryUUID? #137 (No support for RFC 4530 entryUUID attribute) – 389 Project
This was a bug. entryUUID attribute is missing from 389-ds, so PicketLink couldn't use this missed attribute and 389-ds can use :
nsuniqueid
for the same purpose. This is actually corrected in PLINK_2.7.0.Beta1 for working with system props, and in Beta2 and 2.7.0.Final to work with Configuration API, like so:
builder
.named("default")
.stores()
.ldap()
.uniqueIdentifierAttributeName("nsuniqueid")
With this configuration and 2.7.0.Final my 389-server(1.3.3.1) seems to work just fine.