Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

mapping multiple ldap groups to one jazz group

Questions
Tags
Users
Badges
jeff oestreich
(1061148) Dec 09 '08, 2:16 p.m.
reading in ldap4dummies and infocenter:
One Jazz group can be mapped to multiple LDAP groups. The LDAP groups must be separated by a semicolon.

I currently have a one-to-one mapping of ldap group to Jazz group, but would like to extend to multiple ldap groups per Jazz group.

I haven't found any docs that describe what this means to my tomcat config. Can I add additional corresponding role-name and role-link tags to my web.xml for the Jazz group names that will have multiple LDAP groups associated? Seems to make sense where role-name is already overloaded, but not sure about role-link.

0 votes

4 answers
6,277 views
0 votes

4 answers

Permanent link
jeff oestreich
(1061148) Dec 09 '08, 3:20 p.m.
The answer I got offline is that you cannot do this with tomcat. Have to move to WAS to get this capability. For the time being, I'm staying with tomcat and creating a new ldap group for my JazzUsers.

0 votes

Permanent link
Thomas Loeber
JAZZ DEVELOPER (62237950) Dec 10 '08, 7:14 a.m.
Can you explain how this can be done with WAS. Where, offline did you get your answer. Thanks.

0 votes

Permanent link
jeff oestreich
(1061148) Dec 11 '08, 10:05 a.m.
Can you explain how this can be done with WAS.
I cannot. I received only that assertion, decided that it agreed with my interpretation of the (lack of) Tomcat info I found, and ran with it. (well, "ran away from it" might be more appropriate... the particulars of our environment and timing meant that managing LDAP group membership was a better solution than reinstalling JAZZ with WAS, at least in the short term)
Where, offline did you get your answer. Thanks.
Came up as an aside during offline diagnostics & patching of a different Jazz/LDAP issue (https://jazz.net/forums/viewtopic.php?t=2986)

0 votes

Permanent link
Sudhakar Frederick
JAZZ DEVELOPER (80113631) Dec 12 '08, 7:38 p.m.
thloeber wrote:
Can you explain how this can be done with WAS. Where, offline did you
get your answer. Thanks.

In the WAS admin Console:

Applications-> Enterprise Applications -> jazz_war -> Security Role to
user/group mapping

Select the Role (eg. JazzUsers) and click "Lookup Groups"
In the next dialog (page) enter a search string and hit search to show
your available groups. Select the gorups you want and add them to the
"Selected" textbox using the ">>".
Click Ok and restart jazz_war

HTH
Freddy

0 votes

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Ask a question
Guidelines
FAQ
Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details

Question asked: Dec 09 '08, 2:16 p.m.

Question was seen: 6,277 times

Last updated: Dec 09 '08, 2:16 p.m.

Confirmation Cancel Confirm