grouper-users - Re: [grouper-users] a problem with ldappc
Subject: Grouper Users - Open Discussion List
List archive
- From: Kathryn Huxtable <>
- To: 冯娟 <>, signet-dev <>, <>
- Subject: Re: [grouper-users] a problem with ldappc
- Date: Thu, 15 Mar 2007 04:25:54 -0500
Title: Re: [grouper-users] a problem with ldappc I’ve never included the g:gsa source in the ldappc.xml file. Try just the example source. -K
On 3/15/07 1:53 AM, "冯娟" <> wrote:
Dear all,
I have some problems with ldappc while importing the -groups and -membership.
I looked into the sources, and found that, every time when it arrives to:
NamingEnumeration namingEnum = ldapCtx.search(baseName, filterExpr, filterArgs, searchControls);
of the Provisioner.java, findSubjectDn(LdapContext ldapCtx,
ProvisionerConfiguration configuration, String sourceId,
String subjectIdentifier) function,
it cannot get the namingEnum.
and my sources.xml is:
<?xml version="1.0" encoding="utf-8"?>
<!--
Grouper's subject resolver configuration
$Id: sources.xml,v 1.6 2006/07/10 15:18:34 blair Exp $
-->
<sources>
<!-- Group Subject Resolver -->
<!--
NOTE: It is recommended that you **not** change the default
values for this source adapter.
-->
<source adapterClass="edu.internet2.middleware.grouper.GrouperSourceAdapter ">
<id>g:gsa</id>
<name>Grouper: Group Source Adapter</name>
<type>group</type>
</source>
<source adapterClass="edu.internet2.middleware.subject.provider.JNDISourceAdapter">
<id>example</id>
<name>SCUT Edu</name>
<type>person</type>
<init-param>
<param-name>INITIAL_CONTEXT_FACTORY</param-name>
<param-value>com.sun.jndi.ldap.LdapCtxFactory</param-value>
</init-param>
<init-param>
<param-name>PROVIDER_URL</param-name>
<param-value>ldap://192.168.78.12:389</param-value>
</init-param>
<init-param>
<param-name>SECURITY_AUTHENTICATION</param-name>
<param-value>simple</param-value>
</init-param>
<init-param>
<param-name>SECURITY_PRINCIPAL</param-name>
<param-value>cn=Directory Manager</param-value>
</init-param>
<init-param>
<param-name>SECURITY_CREDENTIALS</param-name>
<param-value>ldap+admin</param-value>
</init-param>
<init-param>
<param-name>SubjectID_AttributeType</param-name>
<param-value>uid</param-value>
</init-param>
<init-param>
<param-name>Name_AttributeType</param-name>
<param-value>cn</param-value>
</init-param>
<init-param>
<param-name>Description_AttributeType</param-name>
<param-value>sn</param-value>
</init-param>
/// Scope Values can be: OBJECT_SCOPE, ONELEVEL_SCOPE, SUBTREE_SCOPE
/// For filter use
<search>
<searchType>searchSubject</searchType>
<param>
<param-name>filter</param-name>
<param-value>
(& (uid=%TERM%) (objectclass=scutCNEduPerson))
</param-value>
</param>
<param>
<param-name>scope</param-name>
<param-value>
SUBTREE_SCOPE
</param-value>
</param>
<param>
<param-name>base</param-name>
<param-value>
ou=People,dc=scut,dc=edu,dc=cn
</param-value>
</param>
</search>
<search>
<searchType>searchSubjectByIdentifier</searchType>
<param>
<param-name>filter</param-name>
<param-value>
(& (uid=%TERM%) (objectclass=scutCNEduPerson))
</param-value>
</param>
<param>
<param-name>scope</param-name>
<param-value>
SUBTREE_SCOPE
</param-value>
</param>
<param>
<param-name>base</param-name>
<param-value>
ou=People,dc=scut,dc=edu,dc=cn
</param-value>
</param>
</search>
<search>
<searchType>search</searchType>
<param>
<param-name>filter</param-name>
<param-value>
(& (|(uid=*%TERM%*)(cn=*%TERM%*)(sn=*%TERM%*))(objectclass=scutCNEduPerson))
</param-value>
</param>
<param>
<param-name>scope</param-name>
<param-value>
SUBTREE_SCOPE
</param-value>
</param>
<param>
<param-name>base</param-name>
<param-value>
ou=People,dc=scut,dc=edu,dc=cn
</param-value>
</param>
</search>
///Attributes you would like to display when doing a search
<attribute>sn</attribute>
<attribute>ou</attribute>
<attribute>uid</attribute>
<attribute>cn</attribute>
</source>
</sources>
my ldappc.xml is:
<?xml version="1.0" encoding="utf-8"?>
<!--
* This file contains data for testing Ldappc.
*
* See ldappcTemplate.xml for documentation regarding how to use these
* elements.
-->
<ldappc>
<grouper>
<group-queries>
<subordinate-stem-queries>
<stem-list>
<stem></stem>
</stem-list>
</subordinate-stem-queries>
<!--
<attribute-matching-queries>
<attribute-list>
<attribute name="attribute" value="value" />
</attribute-list>
</attribute-matching-queries>
-->
</group-queries>
<groups structure="flat"
root-dn="ou=Groups,dc=scut,dc=edu,dc=cn"
ldap-object-class="groupOfNames"
ldap-rdn-attribute="cn" grouper-attribute="name" >
<group-members-dn-list list-object-class="scutCNEduPerson" list-attribute="member" list-empty-value=""/>
</groups>
<memberships>
<member-groups-list
list-object-class="groupOfNames"
list-attribute="ou"
naming-attribute="name" />
</memberships>
</grouper>
<source-subject-identifiers>
<source-subject-identifier source="example" subject-attribute="uid" >
<ldap-search base="ou=People,dc=scut,dc=edu,dc=cn"
scope="subtree_scope"
filter="(uid={0})" />
</source-subject-identifier>
<source-subject-identifier source="g:gsa" subject-attribute="name">
<ldap-search base="ou=Groups,dc=scut,dc=edu,dc=cn"
scope="subtree_scope"
filter="(cn={0})" />
</source-subject-identifier>
</source-subject-identifiers>
<ldap>
<context>
<parameter-list>
<parameter name="initial_context_factory" value="com.sun.jndi.ldap.LdapCtxFactory" />
<parameter name="provider_url" value=" ldap://192.168.78.12:389 <ldap://192.168.78.12:389/> " />
<parameter name="security_authentication" value="simple" />
<parameter name="security_principal" value="cn=Directory Manager" />
<parameter name="security_credentials" value="ldap+admin" />
</parameter-list>
</context>
</ldap>
</ldappc>
I doubt that if I have configured the two xml files well. And I especially don't understand the <source-subject-identifiers> element.
Could any one kind to tell me if I have configured well?
Thanks a lot!
- a problem with ldappc, 冯娟, 03/15/2007
- Re: [grouper-users] a problem with ldappc, Kathryn Huxtable, 03/15/2007
- Re: [grouper-users] a problem with ldappc, Tom Barton, 03/15/2007
Archive powered by MHonArc 2.6.16.