ldapRealm.contextFactory.environment[ldap.searchBase] = dc=join,dc=com ldapRealm.contextFactory.url = ldap://tidb4ser:10389 ldapRealm.userDnTemplate = uid={0},ou=people,dc=join,dc=com ldapRealm.contextFactory.authenticationMechanism = simple ldapRealm.userSearchBase = ou=people,dc=join,dc=com ldapRealm.groupSearchBase = ou=group,dc=join,dc=com #ldapRealm.userSearchAttributeName = uid ldapRealm.groupObjectClass= posixGroup ldapRealm.memberAttribute= memberUid #ldapRealm.memberAttributeValueTemplate= cn={0},ou=group,dc=join,dc=com ldapRealm.rolesByGroup = admin: admin ldapRealm.groupSearchEnableMatchingRuleInChain = false ldapRealm.groupSearchFilter = (&(objectClass=posixGroup)(memberUid={0})) but in log {"status":"OK","message":"","body":{"principal":"jztwk","ticket":"64500a03-5662-44d2-a969-e77f50decc57","roles":"[]"}} roles is null in my application I sure (&(objectClass=posixGroup)(memberUid={0})) is OK EntryCursor result1 = connection.search( "ou=group,dc=join,dc=com", "(&(objectClass=posixGroup)(memberUid=jztwk))", SearchScope.SUBTREE );
igyu
