Thanks to Ruud and Stephane this is very helpful!!
I am testing your code and ran into a peculiar issue. In WebSphere 220.127.116.11 server configured with ADS SSO. When I get the groups for user I get the entire DN not just the group names from Active Directory Server which is my user registry. I added some system out statements to see what is happening, and this what I see:
[12/30/08 12:21:26:718 EST] 00000022 SystemOut O PreAuthenticated WebSphere principal: wasadmin
[12/30/08 12:21:26:734 EST] 00000022 SystemOut O Groups for user wasadmin: [CN=supervisor,OU=vsp,dc=xfdomain,dc=local, CN=vso,OU=vsp,dc=xfdomain,dc=local]WebSphere groups [
] mapped to Granted Authorities: [
My question is wheter there is a way to make websphere return only the cn value, or do you think I have misconfigured the server?