mapping multiple ldap groups to one jazz group
reading in ldap4dummies and infocenter:
One Jazz group can be mapped to multiple LDAP groups. The LDAP groups must be separated by a semicolon. I currently have a one-to-one mapping of ldap group to Jazz group, but would like to extend to multiple ldap groups per Jazz group. I haven't found any docs that describe what this means to my tomcat config. Can I add additional corresponding role-name and role-link tags to my web.xml for the Jazz group names that will have multiple LDAP groups associated? Seems to make sense where role-name is already overloaded, but not sure about role-link. |
4 answers
The answer I got offline is that you cannot do this with tomcat. Have to move to WAS to get this capability. For the time being, I'm staying with tomcat and creating a new ldap group for my JazzUsers.
|
Can you explain how this can be done with WAS. Where, offline did you get your answer. Thanks.
|
Can you explain how this can be done with WAS.I cannot. I received only that assertion, decided that it agreed with my interpretation of the (lack of) Tomcat info I found, and ran with it. (well, "ran away from it" might be more appropriate... the particulars of our environment and timing meant that managing LDAP group membership was a better solution than reinstalling JAZZ with WAS, at least in the short term) Where, offline did you get your answer. Thanks.Came up as an aside during offline diagnostics & patching of a different Jazz/LDAP issue (https://jazz.net/forums/viewtopic.php?t=2986) |
thloeber wrote:
Can you explain how this can be done with WAS. Where, offline did you Applications-> Enterprise Applications -> jazz_war -> Security Role to user/group mapping Select the Role (eg. JazzUsers) and click "Lookup Groups" In the next dialog (page) enter a search string and hit search to show your available groups. Select the gorups you want and add them to the "Selected" textbox using the ">>". Click Ok and restart jazz_war HTH Freddy |
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.