Task #6703 (new)
Opened 13 years ago
Last modified 13 years ago
LDAP: allow root user lookup or disallow guest — at Version 1
Reported by: | jamoore | Owned by: | jamoore |
---|---|---|---|
Priority: | major | Milestone: | Unscheduled |
Component: | Security | Version: | n.a. |
Keywords: | n.a. | Cc: | |
Resources: | n.a. | Referenced By: | n.a. |
References: | n.a. | Remaining Time: | n.a. |
Sprint: | n.a. |
Description (last modified by jmoore)
Depending on the overall strategy chosen, either the "guest" user should also be kept non-LDAP, or the root user should be LDAP-able (see #6702), keeping in mind, though, that many LDAPs will have a "root" user who has nothing to do with OMERO. For this to work, properly, the mapping of "omeName" may have to be altered, so that the DN is automatically trusted regardless of the user's name (in which case it may be necessary to prevent user synchronization!)