This repository has been archived by the owner on Jul 27, 2021. It is now read-only.
Hotfix3960ActiveDirectoryLdapAuthenticationProvider is not configurable to allow nested groups #6
Comments
|
I just had a closer look. Nested groups has been an open issue for years: spring-projects/spring-security#2053. The regular ActiveDirectoryLdapAuthenticationProvider does not offer this, so it's not a limitation only of the Hotfix3960ActiveDirectoryLdapAuthenticationProvider. |
|
Hotfix3960ActiveDirectoryLdapAuthenticationProvider is now removed from the code. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hi,
in our setup we want to use nested LDAP-groups, but the Hotfix3960ActiveDirectoryLdapAuthenticationProvider reads only the direct memberships from the users memberOf-attribute. For the regular LdapAuthenticationProvider and its LdapAuthoritiesPopulator it is possible to configure the group-filter to read nested groups.
Is there a reason, why the Hotfix3960ActiveDirectoryLdapAuthenticationProvider cannot use the LdapAuthenticationProvider as well, but has its own logic implemented in loadUserAuthorities()? Or could this be a possible enhancement?
The text was updated successfully, but these errors were encountered: