How can I get users group list (as attribute) that user belongs too. I want to use LDAP server as SAML auth source and then I want to map LDAP attributes to SAML attributes and use them in spring-saml authentication for J2EE application group based role management. What I did at this moment it is LDAP->SAML->Spring-security (SAML module) authentication. But I can't get groups after login because LDAP didn't return them together with other information (cn, email, gidNumber and etc)
Asked
Active
Viewed 1,192 times
1 Answers
0
Unless you are using the OpenLDAP memberOf overlay you have to do a search for groups with the DN of the user as a value of the group membership attribute, which might be uniqueMember or roleOccupant, depending on how you have set up your LDAP server.
If you're using the memberOf overlay, just request the value of the memberOf attribute when you lookup the user.
user207421
- 305,947
- 44
- 307
- 483