Details
-
Bug
-
Resolution: Fixed
-
Minor
-
2.3.0.patch
-
None
Description
LDAP configuration within grouper-loader.properties has changed for the ldap pools used by PSPNG which uses ldaptive instead of vtldap. Theoretically, everything grouper will use ldaptive someday, but that is not going to be soon. This will probably lead to confusion and configuration duplication.
There are at least 3 ways to move forward:
- Move pspng to vtldap until everything can migrate to ldaptive
- Stay with native ldaptive configuration properties for pspng, preventing sharing of configuration paragraphs between different ldap uses, and adding friction to deploying pspng as well as future upgrades as the loader or other components move to ldaptive
- Make basic vtldap ldap configuration properties work in ldaptive (eg, copy 'url' into 'ldapUrl'). This is probably hard to do for all the properties available within vtldap, but is probably doable for the most popular 10-20 properties.
This Jira is suggesting that the property-compatibility be implemented.
Example vtldap configuration:
{{ldap.groupOfNames.url = ldaps://hostname/dc=top,dc=edu
ldap.groupOfNames.tls = false
ldap.groupOfNames.user = cn=ssssss
ldap.groupOfNames.bindCredential = xxxxxxxxxxxxxxxxxxxxx
}}
Equivalent ldaptive configuration:
{quote{{}ldap.groupOfNames.ldapUrl = ldaps://hostname/dc=top,dc=edu
ldap.groupOfNames.useStartTLS = false
ldap.groupOfNames.bindDn = cn=sssss
ldap.groupOfNames.pass = xxxxxxxxxxxxxxxxxxxxx}}