Rest2LDAP and filtering + paging of group members

This topic has 3 replies, 2 voices, and was last updated 4 years, 11 months ago by GuyPaddock.

  • Author
  • #19196

    In 3.5, with the newer version of Rest2LDAP that supports nested resources, is there support for filtering and paging of group members?

    The example-v1.json file defines a frapi:opendj:rest2ldap:group:1.0 resource type that lists each of the uniqueMember records when you query for a group under the URL /api/groups/{cn} (e.g. /api/groups/administrators). If that group has, say, thousands of users, are there ways to:

    1. Cull down the result set to only include information on a particular user?
    2. Only show something like 50 users from the group at a time?



    I think this should answer your question?

    IIUC, you can use CREST filters, but you cannot use paging.


    @jnrouvignac Unfortunately, that only works on collection sub-resources. In other words, the list of groups, but not the members _inside_ the group.

    You can use the CREST filters to locate a group based on name, description, etc, but not based on the members inside the group. It does not appear that query operations are supported at all on singletons (i.e. each individual group within the list of groups).


    As an update to this thread: I’m working on extending OpenDJ with a related feature, as part of a pull request into the Wren:DS project:

    Using this feature, you can create a read-only collection resource that flattens the sub-tree of all users into a single collection, then filter that flat collection of users by their group membership.

    • This reply was modified 4 years, 11 months ago by GuyPaddock.
Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?