authenticationldapwildflyelytron

How does wildfly elytron authentication work


problem authentication with elytron wildfly ==> my configuration of LEGACY authentication ldap with the old versions of wildfy is worked good and authenticated only superuser part of specific group

after switching to wildfly 26 which supports elytron, I am facing authentication problems, the problem that I have to authenticate only for a SUPERUSER belonging to a group and not all users but the configuration I made takes and accesses all users and I don't


Solution

  • In the identity-mapping configuration, I think you'll want to add the filter-name attribute and set it to "(&(sAMAccountName={0})(memberOf=CN=tfff wildfly Admins,CN=Users,dc=com,dc=global))".

    Then, in the attribute-mapping configuration, the filter can be set to "(&(objectClass=group)(member={1}))".