Copy link to issue

Add an AdminProvider that identifies administrators by the group they are in

Description

Currently, the only available admin providers are

DefaultAdminProvider - relying on the value of the system property admin.authorizedJIDs
CrowdAdminProvider - delegating to Atlassian Crowd
JDBCAdminProvider - depending on an database table

It would be useful to have an admin provider that allows admin users to be identified by the group they are in. This would be particularly useful for deployments of Openfire that are backed by LDAP.

Environment

None

Activity

Show:

wroot

September 11, 2019, 5:50 PM

Copy link to comment

Maybe this is a feature rather than a bug? Or improvement.

Greg Thomas

September 11, 2019, 6:18 PM

Copy link to comment

Apologies. Wrong type was selected when I created it. Now corrected.

Greg Thomas

September 12, 2019, 9:56 AM

Edited

Copy link to comment

So, there's now a new AdminProvider that does just this. To use it;

Set the system property `provider.group.groupBasedAdminProvider.groupName` to the name of the group that contains Openfire administrators (defaults to `openfire-administrators`)
Set the system property `provider.admin.className` to `org.jivesoftware.openfire.admin.GroupBasedAdminProvider`

NB. In theory these settings are dynamic, however Openfire can cache the list of admins necessitating a restart.

Fixed

Assignee

Greg Thomas

Reporter

Greg Thomas

Labels

None

Expected Effort

None

Ignite Forum URL

None

Components

Admin Console

Fix versions

4.5.0

Affects versions

4.4.1

Priority

Major

Configure