I would like to map automatically wso2 application roles to existing LDAP groups from an Active Directory.
Example:
- internal wso2 role
admin
is given to users resolved as(&(objectClass=user) (memberOf=administrators))
inDC=acme,DC=com
- internal wso2 role
publisher
is given to users resolved as(&(objectClass=user) (memberOf=developers))
inDC=acme,DC=com
- ... etc
So no provisioning to do, and role mapping has not to be done manually by the wso2 administrator. To give a user access to an interface, we just have to add the user in the right AD group (or AD mailing list, even easier).
This king of mapping is used in Nexus Sonatype (using the apache Shiro library). https://books.sonatype.com/nexus-book/reference/ldap-sect-external-role-mapping-config.html
Is it possible to do that in WSO2?
Is it a requested feature?
Best regards