GUACAMOLE-220: Add configuration property for setting the attributes which uniquely identify user groups within LDAP.

extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/ConfigurationService.java

@@ -138,6 +138,24 @@ public class ConfigurationService {
         );
     }
 
+    /**
+     * Returns all attributes which should be used to determine the unique
+     * identifier of each user group. By default, this will be "cn".
+     *
+     * @return
+     *     The attributes which should be used to determine the unique
+     *     identifier of each group.
+     *
+     * @throws GuacamoleException
+     *     If guacamole.properties cannot be parsed.
+     */
+    public List<String> getGroupNameAttributes() throws GuacamoleException {
+        return environment.getProperty(
+            LDAPGuacamoleProperties.LDAP_GROUP_NAME_ATTRIBUTE,
+            Collections.singletonList("cn")
+        );
+    }
+
     /**
      * Returns the base DN under which all Guacamole role based access control
      * (RBAC) groups will be stored within the LDAP directory. If RBAC will not

extensions/guacamole-auth-ldap/src/main/java/org/apache/guacamole/auth/ldap/LDAPGuacamoleProperties.java

@@ -86,6 +86,18 @@ public class LDAPGuacamoleProperties {
 
     };
 
+    /**
+     * The attribute or attributes which identify user groups. One of these
+     * attributes must be present within each Guacamole user group's record in
+     * the LDAP directory for that group to be visible.
+     */
+    public static final StringListProperty LDAP_GROUP_NAME_ATTRIBUTE = new StringListProperty() {
+
+        @Override
+        public String getName() { return "ldap-group-name-attribute"; }
+
+    };
+
     /**
      * The port on the LDAP server to connect to when authenticating users.
      */