Attribute mapping defines how to populate subject records in the ACDB based on the data in the LDAP data store. To map attributes between LDAP and the ACDB, set the following properties in the security.properties file:
ldap.attributeMappingNames – subject attributes in the ACDB that are populated when authenticating an LDAP user.
ldap.attributeMappingValues – LDAP attributes that are stored in the ACDB during authentication.
An attribute mapping must define both properties, each property must contain the same number of attributes in a comma-separated list, and the corresponding attributes must be in the same positional order in both properties. The following attribute mapping is the default definition in security.properties:
ldap.attributeMappingNames=uid, cn, email, telephoneNumber, firstName, lastName ldap.attributeMappingValues=uid, cn, mail, telephoneNumber, givenName, sn
