Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] ldappc, problems during large scale groups replication

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] ldappc, problems during large scale groups replication


Chronological Thread 
  • From: Kathryn Huxtable <>
  • To:
  • Cc: Tom Barton <>, Grouper Users <>
  • Subject: Re: [grouper-users] ldappc, problems during large scale groups replication
  • Date: Mon, 11 Jun 2007 11:17:02 -0500

Here's mine, passwords removed. It's for the new version 0.3.0 subject API. -K
<?xml version="1.0" encoding="utf-8"?>

<!--
Grouper's subject resolver configuration
$Id: sources.xml,v 1.2 2006/09/05 03:55:25 huxtable Exp $
-->

<sources>

  <!-- Group Subject Resolver -->
  <!-- 
    NOTE: It is recommended that you **not** change the default
          values for this source adapter.
  -->
  <source adapterClass="edu.internet2.middleware.grouper.GrouperSourceAdapter">
    <id>g:gsa</id>
    <name>Grouper: Group Source Adapter</name>
    <type>group</type>
  </source>
  <!-- Group Subject Resolver -->

  <source adapterClass="edu.internet2.middleware.subject.provider.JDBCSourceAdapter">
    <id>KU</id>
    <name>The University of Kansas</name>
    <type>person</type>
    <init-param>
      <param-name>maxActive</param-name>
      <param-value>4</param-value>
    </init-param>
    <init-param>
      <param-name>maxIdle</param-name>
      <param-value>2</param-value>
    </init-param>
    <init-param>
      <param-name>maxWait</param-name>
      <param-value>5</param-value>
    </init-param>

    <init-param>
      <param-name>dbDriver</param-name>
      <param-value>oracle.jdbc.driver.OracleDriver</param-value>
    </init-param>
    <init-param>
      <param-name>dbUrl</param-name>
      <param-value>jdbc:oracle:thin:@mydbhost:1521:mydbname</param-value>
    </init-param>

    <init-param>
      <param-name>dbUser</param-name>
      <param-value>grouper</param-value>
    </init-param>
    <init-param>
      <param-name>dbPwd</param-name>
      <param-value>xxxxxxxxx</param-value>
    </init-param>

     <init-param>
      <param-name>SubjectID_AttributeType</param-name>
      <param-value>subjectId</param-value>
    </init-param>
    <init-param>
      <param-name>Name_AttributeType</param-name>
      <param-value>name</param-value>
    </init-param>
    <init-param>
      <param-name>Description_AttributeType</param-name>
      <param-value>name</param-value>
    </init-param>
    
    <search>
      <searchType>searchSubject</searchType>
      <param>
        <param-name>numParameters</param-name>
        <param-value>1</param-value>
      </param>
      <param>
        <param-name>sql</param-name>
        <param-value>
          select subjectId, subjectTypeId, name, description, EPPN, department, title
          from ku_subject
          where (subjectId = ?)  
        </param-value>
      </param>
    </search>
    <search>
      <searchType>searchSubjectByIdentifier</searchType>
      <param>
        <param-name>numParameters</param-name>
        <param-value>1</param-value>
      </param>
      <param>
        <param-name>sql</param-name>
        <param-value>
          select subjectId, subjectTypeId, name, description, EPPN, department, title
          from ku_subject
          where (eppn = ?)  
        </param-value>
      </param>
    </search>
    <search>
      <searchType>search</searchType>
      <param>
        <param-name>numParameters</param-name>
        <param-value>1</param-value>
      </param>
        <param>
          <param-name>sql</param-name>
          <param-value>
            select subjectId, subjectTypeId, name, description, EPPN, department, title
            from ku_subject
            where id in (select id
                         from ku_subject_search
                         where searchValue like lower('%'||?||'%'))
          </param-value>
      </param>
    </search>
  </source>

</sources>


On Jun 8, 2007, at 9:42 AM,

wrote:

At 1:50 PM -0500 6/7/07, Tom Barton wrote:

wrote:
We're now thinking of trying Tom's idea -- create a table within oracle with one user per row, and use that as a source instead of ldap. That should get rid of -- literally -- hundreds of thousands of ldap queries...

So, what do I need to do?

1) can I just build the oracle table (including as columns all the attributes that Grouper will retrieve, including the "key" value for each person), edit the sources.xml to replace the ldap source with this new table? And run ldappc again? I would build the oracle table by exporting an ldif from the existing ldap server, and then loading that data into oracle.

Yes.

3) what can I get away with (minimally) as columns in the oracle table? I currently have this in my sources.xml file:

///Attributes you would like to display when doing a search
<attribute>uid</attribute>
<attribute>cn</attribute>
<attribute>department</attribute>
<attribute>brownBRUID</attribute>

Since these are precisely the attributes that constitute your JNDI- based Subjects, they are the perfect set to constitute the same Subjects obtained from a JDBC source. But the minimally necessary set is the key, ie, what you identify as the subject's Id, and any other uniquely identifying attributes needed for ldappc to be able to find the ldap entry corresponding to a Subject (uid in your case).


would someone be willing to share a sources.xml file that was using an SQL/Oracle source for "people"? As opposed to where the group definitions are stored?





Archive powered by MHonArc 2.6.16.

Top of Page