Configuration for LDAP XACML Attribute Locators
All the above locators have the following options common. url - The LDAP server URL to connect to. factory - The JNDI factory that is JDK specific such as "com.sun.jndi.ldap.LdapCtxFactory" which is the default. username - The username to connect to the LDAP server. This user must have search privileges password - The password of the user to connect to the LDAP server filter - The search filter to be used to find the entries that have a policy attribute - The name of the entry's attribute that we are going to get the value from. searchScope - Scope of the search for entries. Default is SUBTREE searchTimeLimit - Search time limit. Default is 10000 (10 seconds) attributeSupportedId : Attribute that is supported by this locator for retrieval. substituteValue : This is the URI of the attribute available from the request that will be plugged into the ldap filter wildcard. valueDataType: The data type of the attribute that is being plugged into the filter of the wildcard. Â The following option is what is different in the locators. name : the fully qualified name (FQN) of the class.