Add an AdminProvider that identifies administrators by the group they are in
Description
Currently, the only available admin providers are
DefaultAdminProvider - relying on the value of the system property admin.authorizedJIDs
CrowdAdminProvider - delegating to Atlassian Crowd
JDBCAdminProvider - depending on an database table
It would be useful to have an admin provider that allows admin users to be identified by the group they are in. This would be particularly useful for deployments of Openfire that are backed by LDAP.
Environment
None
Activity
Show:
Greg Thomas September 12, 2019 at 9:56 AM
Edited
So, there's now a new AdminProvider that does just this. To use it;
Set the system property `provider.group.groupBasedAdminProvider.groupName` to the name of the group that contains Openfire administrators (defaults to `openfire-administrators`)
Set the system property `provider.admin.className` to `org.jivesoftware.openfire.admin.GroupBasedAdminProvider`
NB. In theory these settings are dynamic, however Openfire can cache the list of admins necessitating a restart.
Greg Thomas September 11, 2019 at 6:18 PM
Apologies. Wrong type was selected when I created it. Now corrected.
wroot September 11, 2019 at 5:50 PM
Maybe this is a feature rather than a bug? Or improvement.
Currently, the only available admin providers are
DefaultAdminProvider - relying on the value of the system property admin.authorizedJIDs
CrowdAdminProvider - delegating to Atlassian Crowd
JDBCAdminProvider - depending on an database table
It would be useful to have an admin provider that allows admin users to be identified by the group they are in. This would be particularly useful for deployments of Openfire that are backed by LDAP.