[Portals Wiki] Update of "Jetspeed2/LDAP-howto" by Dupo nt

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Portals Wiki" for 
change notification.

The "Jetspeed2/LDAP-howto" page has been changed by Dupont:
http://wiki.apache.org/portals/Jetspeed2/LDAP-howto?action=diff&rev1=7&rev2=8

  
  ------
   . Adapting jetspeed to an existing schema
+  .
   . This paragraphs shows how to configure Jestspeed to adapt it to a specific 
ldap model.
   .
  
@@ -108, +109 @@

  
  {{{constructor-arg index="2"}}} defines if the attribute is mapped in 
jetspeed database.
  
- This is the coplete example of UserDaoConfiguration bean:
+ This is the coplete example of ''UserDaoConfiguration'' bean:
  
  {{{#!xml
    <bean id="UserDaoConfiguration" 
class="org.apache.jetspeed.security.mapping.ldap.dao.LDAPEntityDAOConfiguration"
 init-method="initialize">
@@ -150, +151 @@

      <property name="entityType" value="user" />
    </bean>
  }}}
+ And the user defined in the ldap (ldif format).
+ 
+ {{{
+ dn: [EMAIL PROTECTED],ou=comptes,ou=clients,dc=public,dc=bnf,dc=fr
+ objectClass: BNFUser
+ BnfIdentifiant: [EMAIL PROTECTED]
+ BnfMemberOf: 
cn=partenaires_bibliotheque,ou=groupes,ou=clients,dc=public,dc=bnf,dc=fr
+ BnfMemberOf: 
cn=partenaires_moissonnage_gallica_partenaire,ou=groupes,ou=clients,dc=public,dc=bnf,dc=fr
+ cn: [EMAIL PROTECTED]
+ userPassword:: e1NIQX1mRXFOQ2NvM1lxOWg1WlVnbEQzQ1pKVDRsQnM9
+ }}}
  == Changing relationship with user and role, name and direction ==
  If you want to change the attribute used to describe the relationship between 
User and Role, you can do it, in the Ldap configuration file: 
'''WEB-INF/assembly/security-ldap.xml'''. In our example, we want to use 
BnFMemberOf relation, in the user to role direction.
  
   * First, you have to declare it in the ''UserDaoConfiguration'', like shown 
in the above example
   * Second, you have to change the ''UserRoleRelationDAO'''' ''''''''the 
''relationAttribute''; property permits to define the attribute used to store 
the relation. '''
-  * '''Moreover, it's possible to define the direction Jetspeed uses t find 
roles have a user (2 possibities: the default one which is searching in all 
roles which ones are related to the authentificating user,  the second way is 
to look from User entities which roles he has) Depending how your ldap is 
configured, the two methods can be used, or only one. In our case, the method 
chosen is the second one: for performance reasons, the attributes are stored in 
the User entities. To handle that, the ''useFromEntityAttribute'' was set to 
true. '''
+  * Moreover, it's possible to define the direction Jetspeed uses t find roles 
have a user (2 possibities: the default one which is searching in all roles 
which ones are related to the authentificating user,  the second way is to look 
from User entities which roles he has) Depending how your ldap is configured, 
the two methods can be used, or only one. In our case, the method chosen is the 
second one: for performance reasons, the attributes are stored in the User 
entities. To handle that, the ''useFromEntityAttribute'' was set to true.
  
- '''This is an example configuration: '''
+ This is an example configuration:
  
  {{{
+   <bean id="UserRoleRelationDAO" 
class="org.apache.jetspeed.security.mapping.ldap.dao.impl.AttributeBasedRelationDAO">
+     <meta key="j2:cat" value="ldapSecurity" />
+     <property name="relationAttribute" value="BnFMemberOf" />
+     <property name="attributeContainsInternalId" value="true" />
+     <property name="useFromEntityAttribute" value="true" />
+     <property name="relationType">
+       <bean 
class="org.apache.jetspeed.security.mapping.impl.SecurityEntityRelationTypeImpl">
+         <constructor-arg index="0" value="isMemberOf" />
+         <constructor-arg index="1" value="user" />
+         <constructor-arg index="2" value="role" />
+       </bean>
+     </property>
+   </bean>
  }}}