grouper-users - Re: [grouper-users] import, command line parameters....
Subject: Grouper Users - Open Discussion List
List archive
- From: Tom Barton <>
- To:
- Cc:
- Subject: Re: [grouper-users] import, command line parameters....
- Date: Tue, 27 Feb 2007 17:31:49 -0600
wrote:
In addition, take care of what namespace is used for the 'id' attribute. Should that be id='stc' or id='<some opaque identifier>'? It depends on what you declare for the subject 'id' attribute in sources.xml. For the JNDI adapter subject v0.2.1 uses the declaration
<param-name>SubjectID_AttributeType</param-name>
<param-value>someAttribute</param-value>
The value of <someAttribute> is the subject's id, and that value is what's needed in the xml import file to identify a member.
so, my input file now contains elements like this:
<subject id="stc" source='Brown' type='person' immediate='true' />
and my sources file contains:
<param-name>SubjectID_AttributeType</param-name>
<param-value>uid</param-value>
and my user object contains uid=stc .... so I think I've got those all set....
That seems like a consistent set of settings. But would you rather use brownBRUID as the subject Id? Making an assumption here, but is it a persistent & non-reassignable & non-revocable identifier? That seems perfect as a subject Id - no need to reflect changes in subject Id into membership & privilege lists; membership can be managed even if there's no username assigned to the subject.
my sources file also contains:
searchSubject filter = uid (MUST be same attribute as used for SubjectID_AttributeType ?)
Yes.
searchSubjectByIdentifier filter = brownBRUID (a unique persistent value assigned to every member of the brown community -- is this a good choice ? )
I'd consider switching your use of uid and brownBRUID. The later as subject Id, the former as (one of) the identifying attributes searched to identify a subject.
search filter = (this looks like a grab-bag search of the directory.. eg "find an entry which has this value in some attribute" )
(|(uid=%TERM%)(cn=*%TERM%*)(objectclass=exampleEduPerson))
Grab bag is about the right mind set for this search type. Anticipate how ordinary people will use a UI to search and select others to put them in groups.
Tom
- import, command line parameters...., Steven_Carmody, 02/23/2007
- Re: [grouper-users] import, command line parameters...., Tom Barton, 02/26/2007
- Re: [grouper-users] import, command line parameters...., GW Brown, Information Systems and Computing, 02/27/2007
- Re: [grouper-users] import, command line parameters...., Tom Barton, 02/27/2007
- Re: [grouper-users] import, command line parameters...., Steven_Carmody, 02/27/2007
- Re: [grouper-users] import, command line parameters...., Tom Barton, 02/27/2007
- Re: [grouper-users] import, command line parameters...., Steven_Carmody, 02/27/2007
- Re: [grouper-users] import, command line parameters...., Tom Barton, 02/27/2007
- Re: [grouper-users] import, command line parameters...., Steven_Carmody, 02/27/2007
- Re: [grouper-users] import, command line parameters...., Tom Barton, 02/27/2007
- Re: [grouper-users] import, command line parameters...., blair christensen., 02/28/2007
- Re: [grouper-users] import, command line parameters...., Steven_Carmody, 02/27/2007
- Re: [grouper-users] import, command line parameters...., Tom Barton, 02/26/2007
Archive powered by MHonArc 2.6.16.