Versions Compared

Old Version 15

changes.mady.by.user Hyzer

Saved on

compared with

New Version Current

changes.mady.by.user Hyzer

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Setup an LDAP source, here is one I googled from the Internet (public unauthenticated).  Put this in the sources.xml in all groupers (WS, UI, loader, whatever)

  • subject.properties config

    Code Block
    #########################################
## Configuration for source id: cmuDirectory
## Source configName: cmuDirectory
#########################################
subjectApi.source.cmuDirectory.id = cmuDirectory

# this is a friendly name for the source
subjectApi.source.cmuDirectory.name = CMU Directory

# type is not used all that much.  Can have multiple types, comma separate.  Can be person, group, application
subjectApi.source.cmuDirectory.types = person

# the adapter class implements the interface: edu.internet2.middleware.subject.Source
# adapter class must extend: edu.internet2.middleware.subject.provider.BaseSourceAdapter
# edu.internet2.middleware.grouper.subj.GrouperJdbcSourceAdapter2  :  if doing JDBC this should be used if possible.  All subject data in one table/view.
# edu.internet2.middleware.grouper.subj.GrouperJdbcSourceAdapter   :  oldest JDBC source.  Put freeform queries in here
# edu.internet2.middleware.grouper.subj.GrouperJndiSourceAdapter   :  used for LDAP
subjectApi.source.cmuDirectory.adapterClass = edu.internet2.middleware.grouper.subj.GrouperJndiSourceAdapter

# e.g. com.sun.jndi.ldap.LdapCtxFactory
subjectApi.source.cmuDirectory.param.INITIAL_CONTEXT_FACTORY.value = com.sun.jndi.ldap.LdapCtxFactory

# e.g. ldap://localhost:389
subjectApi.source.cmuDirectory.param.PROVIDER_URL.value = ldap://ldap.andrew.cmu.edu:389

# e.g. simple, none, sasl_mech
subjectApi.source.cmuDirectory.param.SECURITY_AUTHENTICATION.value = none

# ldap attribute which is the subject id.  e.g. exampleEduRegID   Each subject has one and only one subject id.  Generally it is opaque and permanent.
subjectApi.source.cmuDirectory.param.SubjectID_AttributeType.value = guid

# if the subject id should be changed to lower case after reading from datastore.  true or false
subjectApi.source.cmuDirectory.param.SubjectID_formatToLowerCase.value = false

# attribute which is the subject name
subjectApi.source.cmuDirectory.param.Name_AttributeType.value = cn

# attribute which is the subject description
subjectApi.source.cmuDirectory.param.Description_AttributeType.value = cn

# the 1st sort attribute for lists on screen that are derived from member table (e.g. search for member in group)
# you can have up to 5 sort attributes 
subjectApi.source.cmuDirectory.param.sortAttribute0.value = cn

# the 1st search attribute for lists on screen that are derived from member table (e.g. search for member in group)
# you can have up to 5 search attributes 
subjectApi.source.cmuDirectory.param.searchAttribute0.value = searchAttribute0

# attribute name of the email attribute
subjectApi.source.cmuDirectory.param.emailAttributeName.value = mail

#searchSubject: find a subject by ID.  ID is generally an opaque and permanent identifier, e.g. 12345678.
#  Each subject has one and only on ID.  Returns one result when searching for one ID.

# sql is the sql to search for the subject by id.  %TERM% will be subsituted by the id searched for
subjectApi.source.cmuDirectory.search.searchSubject.param.filter.value = (& (guid=%TERM%) (objectclass=cmuPerson))

# Scope Values can be: OBJECT_SCOPE, ONELEVEL_SCOPE, SUBTREE_SCOPE
subjectApi.source.cmuDirectory.search.searchSubject.param.scope.value = SUBTREE_SCOPE

# base dn to search in
subjectApi.source.cmuDirectory.search.searchSubject.param.base.value = ou=person,dc=cmu,dc=edu

#searchSubjectByIdentifier: find a subject by identifier.  Identifier is anything that uniquely
#  identifies the user, e.g. jsmith or jsmith@institution.edu.
#  Subjects can have multiple identifiers.  Note: it is nice to have if identifiers are unique
#  even across sources.  Returns one result when searching for one identifier.

# sql is the sql to search for the subject by identifier.  %TERM% will be subsituted by the identifier searched for
subjectApi.source.cmuDirectory.search.searchSubjectByIdentifier.param.filter.value = (& (cmuAndrewCommonNamespaceId=%TERM%) (objectclass=cmuPerson))

# Scope Values can be: OBJECT_SCOPE, ONELEVEL_SCOPE, SUBTREE_SCOPE
subjectApi.source.cmuDirectory.search.searchSubjectByIdentifier.param.scope.value = SUBTREE_SCOPE

# base dn to search in
subjectApi.source.cmuDirectory.search.searchSubjectByIdentifier.param.base.value = ou=person,dc=cmu,dc=edu

#   search: find subjects by free form search.  Returns multiple results.

# sql is the sql to search for the subject by free form search.  %TERM% will be subsituted by the text searched for
subjectApi.source.cmuDirectory.search.search.param.filter.value = (& (|(guid=%TERM%)(|(cn=*%TERM%*)(cmuAndrewCommonNamespaceId=*%TERM%*)))(objectclass=cmuPerson))

# Scope Values can be: OBJECT_SCOPE, ONELEVEL_SCOPE, SUBTREE_SCOPE
subjectApi.source.cmuDirectory.search.search.param.scope.value = SUBTREE_SCOPE

# base dn to search in
subjectApi.source.cmuDirectory.search.search.param.base.value = ou=person,dc=cmu,dc=edu

# attributes from ldap object to become subject attributes.  comma separated
subjectApi.source.cmuDirectory.attributes = cn, guid, cmuAndrewCommonNamespaceId, mail

# internal attributes are used by grouper only not exposed to code that uses subjects.  comma separated
subjectApi.source.cmuDirectory.internalAttributes = searchAttribute0
  • sources.xml config

...