From 2e15cc8ce73623f07c80ea514eb9795cfcc3c8f1 Mon Sep 17 00:00:00 2001
From: neil_a_wilson <neil_a_wilson@localhost>
Date: Thu, 09 Aug 2007 17:42:31 +0000
Subject: [PATCH] Implement support for an identity mapper that can use regular expressions to transform the provided ID string before searching for the appropriate matching user in the server.  This makes it possible, for example, to strip the realm portion of a Kerberos V principal to obtain just the username before searching for entries containing a uid attribute with that value.

---
 opendj-sdk/opends/resource/config/config.ldif |   13 ++++++++++++-
 1 files changed, 12 insertions(+), 1 deletions(-)

diff --git a/opendj-sdk/opends/resource/config/config.ldif b/opendj-sdk/opends/resource/config/config.ldif
index 7ad4897..0bcfe74 100644
--- a/opendj-sdk/opends/resource/config/config.ldif
+++ b/opendj-sdk/opends/resource/config/config.ldif
@@ -496,6 +496,17 @@
 ds-cfg-identity-mapper-enabled: true
 ds-cfg-match-attribute: uid
 
+dn: cn=Regular Expression,cn=Identity Mappers,cn=config
+objectClass: top
+objectClass: ds-cfg-identity-mapper
+objectClass: ds-cfg-regular-expression-identity-mapper
+cn: Regular Expression
+ds-cfg-identity-mapper-class: org.opends.server.extensions.RegularExpressionIdentityMapper
+ds-cfg-identity-mapper-enabled: true
+ds-cfg-match-attribute: uid
+ds-cfg-match-pattern: ^([^@]+)@.+$
+ds-cfg-replace-pattern: $1
+
 dn: cn=Key Manager Providers,cn=config
 objectClass: top
 objectClass: ds-cfg-branch
@@ -1439,7 +1450,7 @@
 cn: GSSAPI
 ds-cfg-sasl-mechanism-handler-class: org.opends.server.extensions.GSSAPISASLMechanismHandler
 ds-cfg-sasl-mechanism-handler-enabled: false
-ds-cfg-identity-mapper-dn: cn=Exact Match,cn=Identity Mappers,cn=config
+ds-cfg-identity-mapper-dn: cn=Regular Expression,cn=Identity Mappers,cn=config
 ds-cfg-keytab: /etc/krb5/krb5.keytab
 
 dn: cn=PLAIN,cn=SASL Mechanisms,cn=config

--
Gitblit v1.10.0