How make custom LDAPUserGroupCallback to authenticate a user with caseIgnoreMatch for Windows Active Directory in BPMS?

Solution Unverified - Updated -

Issue

We are using Active Directory's SAM Account Name attribute for ldap.user.filter property for authorizing users for performing workflow steps in BPMS. Since this attribute can be any case in our AD, we're getting false-negatives which are in turn causing the Task to claimed by a null user (in actualOwner_id column in Task table) and causing Tasks to get stuck. We would like to do case-insensitive matching and have tried using

ldap.user.filter=(|(distinguishedName:caseIgnoreMatch:={0})(sAMAccountName:caseIgnoreMatch:={0})) 

in jbpm.user.info.properties, which didn't work.

Our custom code of existsUser() method looks like the following.

    @Override
    public boolean existsUser(String userId) {
        if (userId.equals("Administrator"))
            return true;

        if (super.existsUser(userId) || super.existsUser(WordUtils.capitalizeFully(userId, '.')) )
            return true;
        else
            return false;

    }

Is there a way to do case-insensitive matching against AD in BPMS?

Environment

  • Red Hat JBoss BPM Suite (BPMS) 6.4.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In