Context Navigation

← Previous Ticket
Next Ticket →

Warning: Can't synchronize with repository "(default)" (/home/git/ome.git does not appear to be a Git repository.). Look in the Trac log for more information.

Notice: In order to edit this ticket you need to be either: a Product Owner, The owner or the reporter of the ticket, or, in case of a Task not yet assigned, a team_member"

User Story #8344 (accepted)

Opened 12 years ago

Last modified 8 years ago

LDAP-based group support

Reported by:	jamoore	Owned by:	jamoore
Priority:	critical	Milestone:	GatherReqs
Component:	Deployment	Keywords:	n.a.
Cc:	bpindelski, jburel	Story Points:	n.a.
Sprint:	n.a.	Importance:	n.a.
Total Remaining Time:	1.0d	Estimated Remaining Time:	n.a.

Description

As a spin off from #1382, LDAP-based group support should provide better integration between OMERO and LDAP for any groups which are automatically created via the OMERO ldap plugin.

Currently, when users are created, they are marked as having come from LDAP (by setting the "dn" column on the "password" table). Similarly, the groups should be marked, so that if a user is removed from a group in LDAP, the same removal can be repeated inside of OMERO.

Most likely, deleting and modifying such groups should be prohibited.

References

Referenced by:

← Requirement (#1936): Secure Login and Ldap improvements
References:
→ Task (#2587): LDAP: remove DN from OMERO DB. ( Owner: bpindelski Remaining Time: 0 ) → Task (#8537): LDAP: filter attribute results for new groups ( Owner: jamoore Remaining Time: 0 ) → Task (#4821): LDAP: Improve username case sensitivity support ( Owner: bpindelski ) → Task (#4828): LDAP: Display DNs for user and group in webadmin ( Owner: wmoore ) → Task (#6719): LDAP: Add DN for groups ( Owner: jamoore Remaining Time: 0 ) → Task (#2151): LDAP cleanup tasks ( Owner: jamoore Remaining Time: 1 ) → Task (#9481): LDAP API breakges → Task (#3892): Improve LDAP debug logging ( Owner: jamoore ) → Task (#7745): E-mail notification when adding to group ( Owner: jamoore Keywords: LDAP )

Change History (10)

comment:1 Changed 12 years ago by bpindelski

Owner changed from jmoore to bpindelski

comment:2 Changed 12 years ago by bpindelski

Cc b.pindelski@… removed
Milestone changed from OMERO-Beta4.4 to OMERO-Beta4.5

comment:3 Changed 12 years ago by jmoore

Milestone changed from OMERO-Beta4.5 to OMERO-Beta4.4.1

Moving back to 4.4.1, since it doesn't really have anything to do with the breaking changes of 4.5

comment:4 Changed 12 years ago by bpindelski

Thanks for the correction. Wasn't sure in which milestone to put it so to clear up the ticket list before Paris.

comment:5 Changed 12 years ago by agilo

Status changed from new to accepted

Updated status, related task in progress

comment:6 Changed 12 years ago by jmoore

Milestone changed from OMERO-4.4.x to OMERO-4.4.2
Owner changed from bpindelski to jmoore

comment:7 Changed 12 years ago by jmoore

Work on overloading ILdap's findDN and setDN methods pushed to 8344-ldap-groups.

comment:8 Changed 12 years ago by jmoore

Fairly certain that since the 431 password provider will no longer work with this branch, that it will be necessary to also solve #4821 while doing ldap groups. Linking.

comment:9 Changed 12 years ago by jmoore

Cc bpindelski jburel added
Milestone changed from OMERO-4.4.4 to OMERO-4.5

Based on today's decision, pushing this out of 4.4.4

comment:10 Changed 8 years ago by jamoore

Milestone changed from 5.x to GatherReqs

Note: See TracTickets for help on using tickets. You may also have a look at Agilo extensions to the ticket.

Download in other formats: