Sorry, I didn't understand you well. I had thougth you had a table with attribute name as collum. As Alberto said, CAS only provides a per row attribute implementations.
A good start could be this post https://bowerstudios.com/node/645 but with a few modifications because it's for populating authorities from LDAP, and not from SQL. I'm not sure because it don't work default implementations because iterates over all JDBC row results and merge them into the PersonAttribute map of current DAO using MultivaluedPersonAttributeUtils.toMultivaluedMap method, so I suggest you to implement a class, for example ListingJdbcPersonAttributeDao that extends from AbstractJdbcPersonAttributeDao with a mixed behaviour between SingleRowJdbcPersonAttributeDao and MultiRowJdbcPersonAttributeDao. As you see you need implement parseAttributeMapFromResults abstract method. Download the PERSONDIR sources, link it to your cas-server overlay and feel free to debug. Implied sources: https://github.com/Jasig/person-directory/blob/master/person-directory-impl/src/main/java/org/jasig/services/persondir/support/jdbc/AbstractJdbcPersonAttributeDao.java https://github.com/Jasig/person-directory/blob/master/person-directory-impl/src/main/java/org/jasig/services/persondir/support/jdbc/SingleRowJdbcPersonAttributeDao.java https://github.com/Jasig/person-directory/blob/master/person-directory-impl/src/main/java/org/jasig/services/persondir/support/jdbc/MultiRowRowJdbcPersonAttributeDao.java https://github.com/Jasig/person-directory/blob/master/person-directory-impl/src/main/java/org/jasig/services/persondir/support/MultivaluedPersonAttributeUtils.java I hope it will be usefull and share your implementation 2013/11/20 Idan Fridman <id...@cellebrite.com> > Hi, > > I wonder if you had a chance to look at this response? > > > > Thank you. > > > > *From:* Idan Fridman > *Sent:* Sunday, November 17, 2013 10:21 AM > *To:* cas-user@lists.jasig.org > *Subject:* RE: [cas-user] Re: [cas-user] השב: [cas-user] > SingleRowJdbcPersonAttributeDao is not returning the whole records in > resultset > > > > Hi, > > I tried the MultiRowJdbcPersonAttributeDao way. It didn’t work. This time > I didn’t get any permissions at all: > > > > If you run the select straight on DB you get this results: > > > > Permissions Name > > ROLE_PERMISSIONS_MY_EVENTS > > ROLE_PERMISSIONS_CREATE_EVENTS > > > > > > Now this is the new code after modifying it into > MultiRowJdbcPersonAttributeDao: > > > > <bean > class="org.jasig.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao"> > > <constructor-arg index="0" ref="dataSource"/> > > <constructor-arg index="1" value="select distinct > p.PERMISSION_NAME from PERMISSIONS p,USERS_PROFILE u,ROLES_PERMISSIONS rp, > USERNAME_ROLES ur > > where Username=ur.LOGINNAME and > ur.roleId=rp.ROLE_ID and rp.PERMISSION_ID=p.PERMISSION_ID and {0}"/> > > <property > name="nameValueColumnMappings"> > > <map> > > <entry key="PERMISSION_NAME" value="PERMISSION_NAME" /> > > </map> > > </property> > > <property name="queryAttributeMapping"> > > <map> > > <entry key="username" value="Username"/> > > </map> > > </property> > > <property name="resultAttributeMapping"> > > <map> > > <entry key="PERMISSION_NAME" value="PERMISSIONS"/> > > </map> > > </property> > > </bean> > > > > > > And this is the result from CAS logs: > > > > 2013-11-17 10:14:23,571 DEBUG > [org.jasig.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao] > - <Adding attribute 'Username' with value '[ifridman]' to query builder > 'null'> > > 2013-11-17 10:14:23,572 DEBUG > [org.jasig.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao] > - <Generated query builder 'sql=[Username = ?] args=[ifridman]' from query > Map {username=[ifridman]}.> > > 2013-11-17 10:14:23,595 DEBUG > [org.jasig.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao] > - <Executed 'select distinct p.PERMISSION_NAME from PERMISSIONS > p,USERS_PROFILE u,ROLES_PERMISSIONS rp, USERNAME_ROLES ur where > Username=ur.LOGINNAME and ur.roleId=rp.ROLE_ID and > rp.PERMISSION_ID=p.PERMISSION_ID and {0}' with arguments [ifridman] and got > results [{*PERMISSION_NAME=ROLE_PERMISSIONS_MY_EVENTS}, > {PERMISSION_NAME=ROLE_PERMISSIONS_CREATE_EVENTS}]*> > > 2013-11-17 10:14:23,619 DEBUG > [org.jasig.services.persondir.support.MergingPersonAttributeDaoImpl] - > <Retrieved attributes='[NamedPersonImpl[name=ifridman,attributes={}]]' for > query='{username=[ifridman]}', isFirstQuery=false, > currentlyConsidering='org.jasig.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao@207c9fcf', > resultAttributes=*'null'*> > > > > > > As you can see this time I don’t even get the first result. I get none > results. > > > > Any ideas? Kind of desperate with this issue. > > > > Thanks. > > > > > > > > *From:* KaTeLmE [mailto:kate...@gmail.com <kate...@gmail.com>] > *Sent:* Saturday, November 16, 2013 12:13 AM > *To:* cas-user@lists.jasig.org > *Subject:* [cas-user] Re: [cas-user] השב: [cas-user] > SingleRowJdbcPersonAttributeDao is not returning the whole records in > resultset > > > > In your case you must use a MultiRowJdbcPersonAttributeDao. > > https://wiki.jasig.org/display/PDM15/JDBC+Attribute+Source > > http://developer.jasig.org/projects/person-directory/1.5.0-RC3/apidocs/org/jasig/services/persondir/support/jdbc/MultiRowJdbcPersonAttributeDao.html > > > > 2013/11/15 Idan Fridman <id...@cellebrite.com> > > Hi, > > The attr which returning is 'permissions list' each user when logging in > will get back all its permissions for authorization purposes. Now since > this scheme is normalized each permission being retrieved on different row. > > Thqtsan example of sql select from deployerConfig.xml: > > > > deployerConfigContext.xml: > > <bean > class="org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao"> > <constructor-arg index="0" ref="dataSource"/> > <constructor-arg index="1" value="select distinct > p.PERMISSION_NAME from PERMISSIONS p,USERS_PROFILE u,ROLES_PERMISSIONS rp, > USERNAME_ROLES ur > where Username=ur.LOGINNAME and > ur.roleId=rp.ROLE_ID and rp.PER:-) MISSION_ID=p.PERMISSION_ID and {0}"/> > <property name="queryAttributeMapping"> > <map> > <entry key="username" value="Username"/> > </map> > </property> > <property name="resultAttributeMapping"> > <map> > <entry key="PERMISSION_NAME" value="PERMISSIONS"/> > </map> > </property> > </bean> > > > > If we look at the ligs cas we actually see all permissions retrieved but > not being past ton to the SAML request: > > > > > > > > 2013-11-14 14:16:33,384 DEBUG > [org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao] > - <Executed 'select distinct p.PERMISSION_NAME from PERMISSIONS > p,USERS_PROFILE u,ROLES_PERMISSIONS rp, USERNAME_ROLES ur where > Username=ur.LOGINNAME and ur.roleId=rp.ROLE_ID and > rp.PERMISSION_ID=p.PERMISSION_ID and {0}' with arguments [ifridman] and got > results > [{PERMISSION_NAME=ROLE_PERMISSIONS_MY_EVENTS}, > {PERMISSION_NAME=ROLE_PERMISSIONS_CREATE_EVENTS}]> > > We can see here clearly we get two results from the DB: > ROLE_PERMISSIONS_MY_EVENTS > ROLE_PERMISSIONS_CREATE_EVENTS > > However only the first one is returned: > > 2013-11-14 14:16:33,409 DEBUG > > [org.jasig.services.persondir.support.MergingPersonAttributeDaoImpl] - > <Retrieved > attributes='[NamedPersonImpl[name=ifridman,attributes={PERMISSIONS=[ROLE_PERMISSIONS_MY_EVENTS]}]]' > for query='{username=[ifridman]}', isFirstQuery=false, > currentlyConsidering='org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttribute > ... > > > > Thanks > > > > > > > > ----- Reply message ----- > מאת: "Alberto Cabello Sánchez" <albe...@unex.es> > אל: "cas-user@lists.jasig.org" <cas-user@lists.jasig.org> > עותק: "Idan Fridman" <id...@cellebrite.com> > נושא: [cas-user] SingleRowJdbcPersonAttributeDao is not returning the > whole records in resultset > > תאריך: יום ו׳, נוב 15, 2013 17:44 > > > > El Fri, 15 Nov 2013 14:40:18 +0000 > Idan Fridman <id...@cellebrite.com> escribió: > > > So in case I have resultset from jdbc which contains more than one > record I won't > > be able to retrieve all of them via casify client? > > I think SingleRowJdbcPersonAttributeDao works assuming a data layout of > > a_user_id attr1 attr2 ... attrN > another_user attr1 attr2 ... attrN > a_3rd_user attr1 attr2 ... attrN > > I can hardly imagine how do you could need more than a row for just an > user. > If, for a strange reason, you have something like > > a_user_id attr1 attr2 attr3 ... attrN > same_user attr1 attr2 attr3 ... attrN > > What attr set is supposed to be used? > > Even in that case, if you know how to manage such schema, you could build a > database view with the merged attributes. > Except if you want to have multi-valued attributes, in which case I fear > it's not supported. > > -- > Alberto Cabello Sánchez <albe...@unex.es> > > This e-mail and the information it contains may be privileged and/or > confidential. It is intended solely for the use of the named recipient(s). > If you are not the intended recipient you may not disclose, copy, > distribute or retain any part of this message or attachments. If you have > received this e-mail in error please notify the sender immediately [by > clicking 'Reply'] and delete this e-mail. > > -- > > > You are currently subscribed to cas-user@lists.jasig.org as: kate...@gmail.com > > > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > > > -- > You are currently subscribed to cas-user@lists.jasig.org as: > id...@cellebrite.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > This e-mail and the information it contains may be privileged and/or > confidential. It is intended solely for the use of the named recipient(s). > If you are not the intended recipient you may not disclose, copy, > distribute or retain any part of this message or attachments. If you have > received this e-mail in error please notify the sender immediately [by > clicking 'Reply'] and delete this e-mail. > -- You are currently subscribed to cas-user@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
