My users authenticate with one userid but I want them to be identified with another ID from LDAP. Is that possible?
There is a way to configure WebSphere Application Server to do just that. This assumes that the LDAP entry for each user has an attribute containing a string that can be used for the second userid. For example, let’s call this attribute myname. Let’s also assume the userid used for authentication is contained in an LDAP attribute called uid. In the WebSphere Application Server LDAP configuration (from the administrative console, click Security > User Registries > LDAP > Advanced LDAP Settings), modify the User ID map field from *:uid to *:myname . This basically tells WebSphere Application Server to set the J2EE principal that is returned to the application to the value of the myname LDAP attribute. Normally, WebSphere Application Server would return the same userid that was used to logon. As an example, assume that a user’s LDAP entry has the following attribute/value pairs: uid=dale.sue.ping, myname=sueping. With the above WebSphere Application Server LDAP configuration change, the u
