[ome-users] active directory user identificaion
Josh Moore
josh at glencoesoftware.com
Tue Jul 4 13:08:00 BST 2017
On Wed, Jun 28, 2017 at 12:53 PM, MEYENHOFER Felix
<felix.meyenhofer at unifr.ch> wrote:
> Hi
Hi Felix,
> is there a way to allow multiple user identifiers for the login when using an LDAP system with OMERO?
In short, no, not currently.
> In this case we have three possibilities to identify users:
> 1) short login: hansm
> 2) email: hans.muster at unifr.ch
> 3) full name: MUSTER Hans
>
> so I currently use the mail attribute as user identifier in the omero.ldap settings (omero.ldap.user_mapping=omeName=mail, ...)
>
> how could I allow for all three variants of logins?
In the past a hand-full of sites have had success by configuring their
own PasswordProvider[1] allowing them to inject their own logic into
user login. One example is Pasteur's SynchronizingPasswordProviders[2]
That being said, it certainly sounds like something that it would be
worth contributing back to the mainline if you or anyone else has
success.
> Best regards,
> Felix
All the best,
~Josh.
[1] https://www.openmicroscopy.org/site/support/omero5.3/developers/Server/PasswordProvider.html
[2] https://github.com/imagopole/omero-auth-ppms/blob/master/src/main/java/org/imagopole/omero/auth/impl/SynchronizingPasswordProviders.java
More information about the ome-users
mailing list