Hey guys, I have to meet a second distinguishion among users. I just pasted out the example given for JNDIRealm
dn: uid=jjones,ou=people,dc=mycompany,dc=com
<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionName="cn=Manager,dc=mycompany,dc=com"
connectionPassword="secret"
connectionURL="ldap://localhost:389"
userPassword="userPassword"
userPattern="uid={0},ou=people,dc=mycompany,dc=com"
roleBase="ou=groups,dc=mycompany,dc=com"
roleName="cn"
roleSearch="(uniqueMember={0})"
/>
altered
dn: uid=jjones,ou=people,dc=mycompany,dc=com
dn: uid=jjones,ou=robots,dc=mycompany,dc=com
<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionName="cn=Manager,dc=mycompany,dc=com"
connectionPassword="secret"
connectionURL="ldap://localhost:389"
userPassword="userPassword"
userPattern="uid={0},ou={0},dc=mycompany,dc=com"
roleBase="ou=groups,dc=mycompany,dc=com"
roleName="cn"
roleSearch="(uniqueMember={0})"
/>
Would this adjustment meet my requirement to enable a second distinguishion? I don not know if "{0}" works or if I have to change it to "{1}".
And is it really true, that I don't need the "userBase" attribute, when I have a "userPattern" attribute defined?
the solution is a userPatternArray
as follows:
Sometimes it is necessary for users from different organizational units to have access to Code Collaborator. If you are using direct-bind configuration using the userPattern attribute, you can change the configuration to use userPatternArray instead where the value is a colon-separated list of user patterns. For example, if there are users in ou=foo,dc=mycompany,dc=com and ou=bar,dc=mycompany,dc=com identified by their uid attribute, you can set theuserPatternArray attribute as follows:as follows:
userPatternArray="(uid={0},ou=foo,dc=mycompany,dc=com):(uid={0},ou=bar,dc=mycompany,dc=com)as follows: