mirrors/pinniped
1
0
Fork 0
mirror of https://github.com/vmware-tanzu/pinniped.git synced 2026-01-07 22:15:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Default groupSearch.attributes.groupName to "dn" instead of "cn"

Browse Source 
- DNs are more unique than CNs, so it feels like a safer default
This commit is contained in:
Ryan Richard
2021-05-28 13:27:11 -07:00
parent a741041737
commit cedbe82bbb
19 changed files with 81 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
apis/supervisor/idp/v1alpha1/types_ldapidentityprovider.go.tmpl
View File

@@ -68,8 +68,8 @@ type LDAPIdentityProviderGroupSearchAttributes struct {
// GroupName specifies the name of the attribute in the LDAP entries whose value shall become a group name
// in the user's list of groups after a successful authentication.
// The value of this field is case-sensitive and must match the case of the attribute name returned by the LDAP
// server in the user's entry. Distinguished names can be used by specifying lower-case "dn".
// Optional. When not specified, the default will act as if the GroupName were specified as "cn" (common name).
// server in the user's entry. E.g. "cn" for common name. Distinguished names can be used by specifying lower-case "dn".
// Optional. When not specified, the default will act as if the GroupName were specified as "dn" (distinguished name).
// +optional
GroupName string `json:"groupName,omitempty"`
}