[Building Sakai] LDAP authentication
Sam Ottenhoff
ottenhoff at longsight.com
Wed Dec 21 15:26:33 PST 2011
>
>
> It looks like I can't use basePath as what I need to check for is an
> attribute. Sam, is there something automatic to assign users with this
> attribute to the locked down role?
>
>
Yes, look for the property name=userTypeMapper in the jldap-beans.xml and
make sure the only ref bean
is edu.amc.sakai.user.EntryAttributeToUserTypeMapper.
Then edit the property name=attributeValueToSakaiUserTypeMap in
the edu.amc.sakai.user.EntryAttributeToUserTypeMapper bean.
Set the map entries to map to Sakai roles:
<entry key="goodLdapAttribute"><value>goodSakaiRoleType</value></entry>
<entry key="badLdapAttribute"><value>badSakaiRoleType</value></entry>
The LDAP attribute it is looking for is defined in logicalAttributeName....
and corresponds to the attributeMappings property.
Note that Dan's method is the correct method to deny the login fully. This
method will simply remove all ability within Sakai but will not deny the
login.
--Sam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20111221/0534ef0f/attachment.html
More information about the sakai-dev
mailing list