B22SQY652WAIPNO46LOIWOP7LDBSU5HKXCTL5PQVAETICNOLWNWAC
A4NSGFS3QLTLU4Q2TS7M727CWQ5FUNHCYZE3CIQEV3NI3NT7LOEQC
RWNXH3H26EQHKJNMP4DUJCJKUYQBMV347234ZLE26SIFTVLSUWXQC
dn: ou=groups,dc=example ou: groups description: All groups objectClass: top objectClass: organizationalUnit dn: cn=hydra_admin,ou=groups,dc=example cn: hydra_admin description: Hydra Admin user group objectClass: groupOfNames member: cn=admin,ou=users,dc=example
dn: ou=groups,dc=example
ou: groups
description: All groups
objectClass: top
objectClass: organizationalUnit
dn: cn=hydra_admin,ou=groups,dc=example
cn: hydra_admin
description: Hydra Admin user group
objectClass: groupOfNames
member: cn=admin,ou=users,dc=example
dn: cn=admin,ou=users,dc=example objectClass: organizationalPerson objectClass: inetOrgPerson sn: admin cn: admin mail: admin@example userPassword: password
dn: cn=admin,ou=users,dc=example
objectClass: organizationalPerson
objectClass: inetOrgPerson
sn: admin
cn: admin
mail: admin@example
userPassword: password
use_roles: 0 role_basedn: "ou=groups,ou=OxObjects,dc=yourcompany,dc=com" role_filter: "(&(objectClass=posixGroup)(memberUid=%s))"
use_roles: 0
role_basedn: "ou=groups,ou=OxObjects,dc=yourcompany,dc=com"
role_filter: "(&(objectClass=posixGroup)(memberUid=%s))"
use_roles: 1 role_basedn: "ou=groups,dc=example" role_filter: "(&(objectClass=groupOfNames)(member=%s))"
use_roles: 1
role_basedn: "ou=groups,dc=example"
role_filter: "(&(objectClass=groupOfNames)(member=%s))"
role_field: uid
role_field: cn
import json
machine.succeed(
response = machine.succeed(
response_json = json.loads(response) assert "user" == response_json["username"] assert "user@example" == response_json["emailaddress"] assert len(response_json["userroles"]) == 0 # logging on with wrong credentials shouldn't work
response_json = json.loads(response)
assert "user" == response_json["username"]
assert "user@example" == response_json["emailaddress"]
assert len(response_json["userroles"]) == 0
# logging on with wrong credentials shouldn't work
) # the admin user should get the admin role from his group membership in `hydra_admin` response = machine.succeed( "curl --fail http://localhost:3000/login -H 'Accept: application/json' -H 'Referer: http://localhost:3000' --data 'username=admin&password=password'"
)
# the admin user should get the admin role from his group membership in `hydra_admin`
"curl --fail http://localhost:3000/login -H 'Accept: application/json' -H 'Referer: http://localhost:3000' --data 'username=admin&password=password'"
response_json = json.loads(response) assert "admin" == response_json["username"] assert "admin@example" == response_json["emailaddress"] assert "admin" in response_json["userroles"]
assert "admin" == response_json["username"]
assert "admin@example" == response_json["emailaddress"]
assert "admin" in response_json["userroles"]