Hi,
First of all I'm not a Jetspeed developer so I cannot answer many of your
questions. Regarding the bean definition, this bean's constructor is as follows:
public AttributeDefImpl(String name, boolean multiValue, boolean
isMapped,String mappedName)
I guess the parameter names explain their meanings. When I tried to integrate
our portal with LDAP, I heavily used Jetspeed's source code to figure out
what's happening. I suggest you the same. Download Jetspeed source codes and
have a look at the classes that synchronize with LDAP. For LDAP entity
synchronization, take a look at the class
org.apache.jetspeed.security.spi.impl.DefaultJetspeedSecuritySynchronizer.
Attribute synchronization takes place in synchronizePrincipalAttributes method.
You can even debug this method once you create your debugging environment.
Good luck.
Aysegul.
----- Original Message ----
From: Jansky Jiri <[email protected]>
To: Jetspeed Users List <[email protected]>
Sent: Wednesday, September 16, 2009 8:12:32 PM
Subject: Re: store user attributes in LDAP
Hi,
thanks for your reply. It helped me. But I have still some questions. For
testing purposes I used the following bean.
<bean class="org.apache.jetspeed.security.mapping.model.impl.AttributeDefImpl">
<constructor-arg type="java.lang.String" index="0" value="mail" />
<constructor-arg index="1" value="false" />
<constructor-arg index="2" value="true" />
<constructor-arg type="java.lang.String" index="3" value="user.mail" />
</bean>
When I set "user.mail" attribute in jetspeed (this attribute is not set in
ldap), the "mail" attribute in ldap was created and everything was ok. But when
I logged first time with user that had "mail" attribute in ldap - user was
created in jetspeed database too, but user.mail attribute was not set. How can
I make it function this way? (create attribute in jetspeed, if it's set in
ldap)
And what does mean value
<constructor-arg index="1" value="false" />
<constructor-arg index="2" value="true" />
in this case? When I set the first one to true, the mail attribute from ldap
was deleted. When I the set second one to false, there was no synchronization
from jetspeed to ldap.
Thanks for your advise
Jiri Jansky
btw: Is somewhere more information about it?
----- Původní zpráva -----
Od: "Aysegul Aydin" <[email protected]>
Komu: "Jetspeed Users List" <[email protected]>
Odeslané: Středa, 16. Září 2009 7:52:12 GMT +01:00 Amsterdam / Berlín / Bern /
Řím / Stockholm / Vídeň
Předmět: Re: store user attributes in LDAP
Hi,
You can configure jetspeed2.2.0 to store and retrieve attributes from LDAP
through security-ldap.xml file. This file is located under WEB-INF/assembly
directory of your portal project (under your Tomcat webapps directory) In this
file, you define your LDAP entities and their attributes. For user attributes,
take a look at the bean with id "UserDaoConfiguration". In this bean
definition, LDAP atttributes are defined with possible mappings to jetspeed
user entity attributes (the one that is stored in your database). Here is a
sample configuration from our file:
<bean id="UserDaoConfiguration"
class="org.apache.jetspeed.security.mapping.ldap.dao.LDAPEntityDAOConfiguration"
init-method="initialize">
<meta key="j2:cat" value="ldapSecurity" />
<property name="baseDN" value="${ldap.base}" />
<property name="searchDN" value="${ldap.user.searchBase}" />
<property name="searchFilter">
<bean class="org.apache.jetspeed.security.mapping.ldap.filter.SimpleFilter">
<constructor-arg index="0" value="(objectClass=inetOrgPerson)" />
</bean>
</property>
<property name="ldapIdAttribute" value="cn" />
<property name="objectClasses"
value="inetOrgPerson,organizationalPerson,person,top" />
<property name="attributeDefinitions">
<set>
<bean class="org.apache.jetspeed.security.mapping.model.impl.AttributeDefImpl">
<constructor-arg type="java.lang.String" index="0" value="uid" />
<constructor-arg index="1" value="false" />
<constructor-arg index="2" value="false" />
<property name="required" value="true" />
<property name="idAttribute" value="true" />
</bean>
<bean class="org.apache.jetspeed.security.mapping.model.impl.AttributeDefImpl">
<constructor-arg type="java.lang.String" index="0" value="cn" />
<constructor-arg index="1" value="false" />
<constructor-arg index="2" value="false" />
<property name="required" value="true" />
<property name="idAttribute" value="true" />
</bean>
<bean class="org.apache.jetspeed.security.mapping.model.impl.AttributeDefImpl">
<constructor-arg type="java.lang.String" index="0" value="sn" />
<constructor-arg index="1" value="false" />
<constructor-arg index="2" value="false" />
<property name="required" value="true" />
<property name="idAttribute" value="true" />
</bean>
<bean class="org.apache.jetspeed.security.mapping.model.impl.AttributeDefImpl">
<constructor-arg type="java.lang.String" index="0" value="givenName" />
<constructor-arg index="1" value="false" />
<constructor-arg index="2" value="true" />
<constructor-arg type="java.lang.String" index="3" value="user.name.given" />
</bean>
<bean class="org.apache.jetspeed.security.mapping.model.impl.AttributeDefImpl">
<constructor-arg type="java.lang.String" index="0" value="initials" />
<constructor-arg index="1" value="false" />
<constructor-arg index="2" value="true" />
<constructor-arg type="java.lang.String" index="3" value="user.name.family" />
</bean>
<bean class="org.apache.jetspeed.security.mapping.model.impl.AttributeDefImpl">
<constructor-arg type="java.lang.String" index="0" value="o" />
<constructor-arg index="1" value="false" />
<constructor-arg index="2" value="false" />
</bean>
</set>
</property>
<property name="entityType" value="user" />
</bean>
In this sample, pay attention to attributes named "givenName" and "initials".
We store and retrieve "user.name.given" and "user.name.family" user attributes
in these LDAP attributes. Here, you should keep in mind that these attributes
will be synchronized with LDAP in every startup of your portal application.
Hope it helps,
Aysegul.
