Allow configuration of "expandRoles" and "expandRolesMatching" for LDAP in login.config

[cmasopust]

SUMMARY

We have lots of nested groups in our ActiveDirectory and trying to authenticate a user in a nested group via LDAP fails.

According to Artemis docu for the LDAPLoginModule there are the options:

expandRoles=true
expandRolesMatching="(member={0})"

which would allow processing of nested AD groups. Tested this already and it's working as expected

Although we could use our own template for login.config, I think the better approach would be to make this configurable in the role.

Suggested configuration parameter names:

amq_broker_auth_ldap_expand_roles: true/false
amq_broker_auth_ldap_expand_roles_matching: string

ISSUE TYPE

• Feature Idea

[guidograzioli]

Thanks for reporting; since it's the only change to have AD working in jaas, I agree it's reasonable to add the two parameters