Uploaded image for project: 'Openfire'
  1. Openfire
  2. OF-1736

Support for LDAP event notifications to detect user deletion

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 4.3.2
    • Fix Version/s: None
    • Component/s: LDAP
    • Labels:
      None

      Description

      Currently, if a user is deleted from LDAP, Openfire never finds out about it. To avoid "clutter" (e.g. user properties, private storage entries belong to ex-users) Openfire should take advantage of LDAP event notifications and use that to detect when a user is deleted.

      This may require the addition of a new method in UserEventListener - userDeleted(String username) as it will not be possible to create the user for the userDeleting(User user) methods.

      References;

      ActiveDirectory: https://docs.microsoft.com/en-us/windows/desktop/ad/change-notifications-in-active-directory-domain-services

      (I can't find any explicit indication if ApacheDS supports this feature)

      JNDI: https://docs.oracle.com/javase/8/docs/api/javax/naming/event/EventContext.html

       

      See also https://issues.igniterealtime.org/browse/OF-1735 which proposes a background housekeeping activity to tidy up when the EventContext is missed (e.g. Openfire is not running when the user is deleted).

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              gdt Greg Thomas
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated: