Add an option to restrict scope by reading an HTTP header #278
Description
Our ServiceDesk instance is SSO-protected.
It could be interresting to restricte power users scope by using a parameter in ldap search filter.
Our use-case:
power-user's residence departement is '92'. SSO can send an HTTP Header 'HTTP_DEPARTMENT=92'
This header could be appent to LDAP search filter to restrict scope like this: (&(uid='john.doe')(department=$http_department)).
Power-user can force users password in same department only.
Header could define a service, a city,...