David,
I think the Spring configuration to add would be something like this:
<bean id="LDAPAttributeFinder"
class="org.fcrepo.server.security.xacml.pdp.finder.attribute.LDAPAttributeFinder"
autowire-candidate="true">
<constructor-arg>
<map>
<entry key="java.naming.factory.initial"
value="com.sun.jndi.ldap.LdapCtxFactory" />
<entry key="java.naming.provider.url"
value="ldap://nish.ramp.org.au:389/"; />
<entry key="java.naming.security.authentication"
value="simple" />
<entry key="java.naming.referral" value="follow" />
<entry key="java.naming.security.principal"
value="cn=admin,dc=arcs,dc=org,dc=au" />
<entry key="java.naming.security.credentials" value="arcs" />
<entry key="id-attribute" value="uid" />
<entry key="searchbase" value="dc=arcs,dc=org,dc=au" />
</map>
</constructor-arg>
<property name="subjectAttributes">
<map>
<entry key="memberOf">
<bean class="org.fcrepo.server.security.xacml.util.Attribute" />
</entry>
</map>
</property>
</bean>
... and then you'd need to add the reference to this bean in the PDP
configuration (by default in config-pdp.xml).
As far as getting your attributes to work, you'd want to get some
feedback from someone who uses the module (my knowledge of it is
pretty academic).
- Ben
On Wed, Oct 24, 2012 at 10:24 AM, David Lacy <[email protected]> wrote:
> Hi,
>
>
>
> Apologies for bumping myself back up, but I still cannot determine how to
> make available LDAP attributes using XACML2/FESL.
>
>
>
> Any insight would be great.
>
>
>
> David Lacy
>
> Falvey Library Technology Services
>
> Villanova University
>
> library.villanova.edu
>
>
>
> From: David Lacy [mailto:[email protected]]
> Sent: Thursday, October 11, 2012 3:15 PM
> To: Support and info exchange list for Fedora users.
> Subject: [fcrepo-user] FESLPOLICY's and LDAP attributes
>
>
>
> Hi,
>
>
>
> Is it possible to access LDAP attributes from within FESLPOLICY’s? I see
> many examples using xacml1.0, but the “ou” attribute doesn’t seem to be
> supported under fesl. I found reference to the LDAPAttributeFinder in
> config-attribute-finder.xml, but its configuration hasn’t been updated.
>
>
>
> Thanks,
>
>
>
> David Lacy
>
> Falvey Library Technology Services
>
> Villanova University
>
> library.villanova.edu
>
>
>
>
> ------------------------------------------------------------------------------
> Everyone hates slow websites. So do we.
> Make your web apps faster with AppDynamics
> Download AppDynamics Lite for free today:
> http://p.sf.net/sfu/appdyn_sfd2d_oct
> _______________________________________________
> Fedora-commons-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
>
------------------------------------------------------------------------------
Everyone hates slow websites. So do we.
Make your web apps faster with AppDynamics
Download AppDynamics Lite for free today:
http://p.sf.net/sfu/appdyn_sfd2d_oct
_______________________________________________
Fedora-commons-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
