9.2.3. Mapping Relationship Types
As mentioned before, the relationship support of the LDAP Identity Store is limited. But you can always map the most common relationships such as
Grant
and GroupMembership
.ldap() .mapping(Grant.class) .forMapping(Role.class) .attribute("assignee", "member"))
When mapping a relationship type you need to configure which identity type is the owner of a relationship. For example, when mapping a
Grant
relationship, the LDAP attribute used to map the association between a role and other types is the member attribute. This attribute belongs to role entries on the LDAP server, what makes the Role
type the owner of this relationship. For last, we need to tell which property on the Grant
type is related with the associated entries. In the case of the Grant
relationship, we're configuring the assignee property to store the associated type instances.