Loading...

general@portals.apache.org

[Prev] Thread [Next]  |  [Prev] Date [Next]

[Portals Wiki] Update of "Jetspeed2/LDAP-howto" by Dupo nt Apache Wiki Thu Mar 15 10:01:08 2012

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Portals Wiki" for 
change notification.

The "Jetspeed2/LDAP-howto" page has been changed by Dupont:
http://wiki.apache.org/portals/Jetspeed2/LDAP-howto?action=diff&rev1=6&rev2=7

  If you want to change the attribute used to describe the relationship between 
User and Role, you can do it, in the Ldap configuration file: 
'''WEB-INF/assembly/security-ldap.xml'''. In our example, we want to use 
BnFMemberOf relation, in the user to role direction.
  
   * First, you have to declare it in the ''UserDaoConfiguration'', like shown 
in the above example
-  * Second, you have to change the ''UserRoleRelationDAO'''' ''the 
''relationAttribute''; property permits to define the attribute used to store 
the relation.
+  * Second, you have to change the ''UserRoleRelationDAO'''' ''''''''the 
''relationAttribute''; property permits to define the attribute used to store 
the relation. '''
-  * Moreover, it's possible to define the direction Jetspeed uses t find roles 
have a user (2 possibities: the default one which is searching in all roles 
which ones are related to the authentificating user,  the second way is to look 
from User entities which roles he has) Depending how your ldap is configured, 
the two methods can be used, or only one. In our case, the method chosen is the 
second one: for performance reasons, the attributes are stored in the User 
entities. To handle that, the ''useFromEntityAttribute'' was set to true.
+  * '''Moreover, it's possible to define the direction Jetspeed uses t find 
roles have a user (2 possibities: the default one which is searching in all 
roles which ones are related to the authentificating user,  the second way is 
to look from User entities which roles he has) Depending how your ldap is 
configured, the two methods can be used, or only one. In our case, the method 
chosen is the second one: for performance reasons, the attributes are stored in 
the User entities. To handle that, the ''useFromEntityAttribute'' was set to 
true. '''
  
- This is an example configuration:
+ '''This is an example configuration: '''
  
+ {{{
- {{{#!xml
-   <bean id="UserRoleRelationDAO" 
class="org.apache.jetspeed.security.mapping.ldap.dao.impl.AttributeBasedRelationDAO">
-     <meta key="j2:cat" value="ldapSecurity" />
-     <property name="relationAttribute" value="BnFMemberOf" />
-     <property name="attributeContainsInternalId" value="true" />
-     <property name="useFromEntityAttribute" value="true" />
-     <property name="relationType">
-       <bean 
class="org.apache.jetspeed.security.mapping.impl.SecurityEntityRelationTypeImpl">
-         <constructor-arg index="0" value="isMemberOf" />
-         <constructor-arg index="1" value="user" />
-         <constructor-arg index="2" value="role" />
-       </bean>
-     </property>
-   </bean>
  }}}