How To Map OpenLDAP Group Custom Attribute To CN Attribute In BPM
(Doc ID 3005007.1)
Last updated on FEBRUARY 20, 2024
Applies to:
Oracle Business Process Management Suite - Version 12.2.1.4.0 and laterInformation in this document applies to any platform.
Goal
The customer needs to use external OpenLDAP server as Identity Provider in BPM.
They are using the following custom object classes and attributes in their OpenLDAP:
- custom object class for users, let's call it XClassPerson
- custom object class for groups, let's call it XClassGroup
- custom attribute for group name, let's call it XCustomGroupName
Based on the above they have configured this Identity Provider in Weblogic admin console:
With this configuration, they are able to see in Weblogic console all the users and groups from OpenLDAP and also the groups membership. However, running Identity Service with getGrantedRolesToUser operation does not return the groups based on XCustomGroupName for the group name and this results in the users being prevented to perform some actions because of their membership being incorrectly evaluated.
Solution
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Goal |
Solution |
References |