gpt4 book ai didi

tomcat - 为 JNDIRealm 创建 userPattern

转载 作者:行者123 更新时间:2023-11-28 21:55:37 25 4
gpt4 key购买 nike

大家好,我必须满足用户之间的第二个区分。我刚刚粘贴了为 JNDIRealm 给出的示例

dn: uid=jjones,ou=people,dc=mycompany,dc=com

<Realm   className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionName="cn=Manager,dc=mycompany,dc=com"
connectionPassword="secret"
connectionURL="ldap://localhost:389"
userPassword="userPassword"
userPattern="uid={0},ou=people,dc=mycompany,dc=com"
roleBase="ou=groups,dc=mycompany,dc=com"
roleName="cn"
roleSearch="(uniqueMember={0})"
/>

改变

dn: uid=jjones,ou=people,dc=mycompany,dc=com

dn: uid=jjones,ou=robots,dc=mycompany,dc=com

<Realm   className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionName="cn=Manager,dc=mycompany,dc=com"
connectionPassword="secret"
connectionURL="ldap://localhost:389"
userPassword="userPassword"
userPattern="uid={0},ou={0},dc=mycompany,dc=com"
roleBase="ou=groups,dc=mycompany,dc=com"
roleName="cn"
roleSearch="(uniqueMember={0})"
/>

这个调整能满足我二次区分的要求吗?我不知道“{0}”是否有效,或者我是否必须将其更改为“{1}”。

当我定义了“userPattern”属性时,真的不需要“userBase”属性吗?

最佳答案

解决方案是 userPatternArray

如下:

Sometimes it is necessary for users from different organizational units to have access to Code Collaborator. If you are using direct-bind configuration using the userPattern attribute, you can change the configuration to use userPatternArray instead where the value is a colon-separated list of user patterns. For example, if there are users in ou=foo,dc=mycompany,dc=com and ou=bar,dc=mycompany,dc=com identified by their uid attribute, you can set theuserPatternArray attribute as follows:as follows:

userPatternArray="(uid={0},ou=foo,dc=mycompany,dc=com):(uid={0},ou=bar,dc=mycompany,dc=com)as follows:

关于tomcat - 为 JNDIRealm 创建 userPattern,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/3830722/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com