Message Queue 4.2 supports DN username format in client connection authentication against an LDAP user repository. The support involves the following new broker property (and value):
This property lets the broker authenticate a client user against an entry in an LDAP user repository by extracting from the DN username format the value of the attribute specified by the following property:
The broker uses the value of the above attribute as the name of the user in access control operations.
For example, if imq.user_repository.ldap.uidattr=udi and a client authentication username is in the format udi=mquser,ou=People,dc=red,dc=sun,dc=com, then “mquser” would be extracted for performing access control.