Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] ldappcng : modify the format attribute

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] ldappcng : modify the format attribute


Chronological Thread 
  • From: Wallaert-Taquet Brigitte <>
  • To: Tom Zeller <>
  • Cc:
  • Subject: Re: [grouper-users] ldappcng : modify the format attribute
  • Date: Wed, 13 Jul 2011 09:52:00 +0200
Hello,

Here is my sources.xml

Yes, I use only ldap source for my group members.

Thanks for you help.

Cordialement
Le 12/07/2011 21:45, Tom Zeller a écrit :
Could you attach a copy of sources.xml (omitting any passwords) please ?

I assume you are using an ldap source for group members, is that correct ?

On Tue, Jul 12, 2011 at 12:12 PM, Wallaert-Taquet Brigitte
<>
wrote:
Hello,

I want to obtain this with my ldappcng but I don't find how :

my attributes are a simple attribute "ustlPresident" or "owner" for
example or is the default list members and also a custom list
"supannGroupeAdminDN". I would like that ldappcng do that :
For example : in Grouper, members = jayet, verdier
in ldap : member =
uid=jayet,ou=people,dc=univ-lille1,dc=fr

uid=verdier,ou=people,dc=univ-lille1,dc=fr

At the moment, I obtain this :
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='members'>
<dsml:value>'jayet'/'person'/'lille1:ldap'</dsml:value>
<dsml:value>'verdier'/'person'/'lille1:ldap'</dsml:value>
</dsml:attr>

Here is part of my ldappc-resolver.xml and ldappcng.xml :
------ ldappcng.xml ------------
<object id="group" authoritative="false">
<identifier ref="group-dn" baseId="${groupsOU}">
<identifyingAttribute name="objectClass" value="${groupObjectClass}" />
</identifier>
<attribute name="objectClass" />
<attribute name="cn" />
<attribute name="description" />
<attribute name="owner" />
<attribute name="ustlPresident" />
<attribute name="supannGroupeDateFin" />
<attribute name="members" ref="member" />
<attribute name="supannGroupeAdminDN" ref="admin" />
</object>

----------- ldappc-resolver.xml --------------------
<resolver:AttributeDefinition id="owner" xsi:type="ad:Simple"
sourceAttributeID="owner">
<resolver:Dependency ref="GroupDataConnector" />
</resolver:AttributeDefinition>

<resolver:AttributeDefinition id="ustlPresident" xsi:type="ad:Simple"
sourceAttributeID="ustlPresident">
<resolver:Dependency ref="GroupDataConnector" />
</resolver:AttributeDefinition>

<resolver:AttributeDefinition id="member" xsi:type="ad:Simple"
sourceAttributeID="members:immediate">
<resolver:Dependency ref="GroupDataConnector" />
</resolver:AttributeDefinition>

<resolver:AttributeDefinition id="admin" xsi:type="ad:Simple"
sourceAttributeID="members:immediate:supannGroupeAdminDN">
<resolver:Dependency ref="GroupDataConnector" />
</resolver:AttributeDefinition>

Anyone could help me ?
Thank you.

Nota : Excuse-me for my poor english...

Cordialement

--
Brigitte Wallaert-Taquet
Ingénieure d'études
Chargée d'étude
Espace collaboratif de Documents
Université Lille1
Sciences et Technologies







--
Brigitte Wallaert-Taquet
Ingénieure d'études
Chargée d'étude
Espace collaboratif de Documents
Université Lille1
Sciences et Technologies

<?xml version="1.0" encoding="utf-8"?>

<!--
Grouper's subject resolver configuration
$Id: sources.example.xml,v 1.8 2009-08-11 20:18:09 mchyzer Exp $
-->

<sources>

  <!-- Group Subject Resolver -->
  
  <!-- 
      You can make virtual attributes (attributes with formatting or based on other attributes) like this:
      init-param name is subjectVirtualAttribute_<index>_<name> where index is the order to be processed
      if some depend on others (0 to 99).  The value is the jexl expression language.  You can use subjectUtils
      methods (aliased with "subjectUtils", or you can register your own class (must have default constructor).
      Here are examples:
  
     <init-param>
       <param-name>subjectVirtualAttribute_0_loginIdLfName</param-name>
       <param-value>Hey ${subject.getAttributeValue('LOGINID')} and ${subject.getAttributeValue('LFNAME')}</param-value>
     </init-param>
     <init-param>
       <param-name>subjectVirtualAttribute_1_loginIdLfNameLoginId</param-name>
       <param-value>${subject.getAttributeValue('loginIdLfName')} Hey ${subject.getAttributeValue('LOGINID')} and ${subject.getAttributeValue('LFNAME')}</param-value>
     </init-param>
     <init-param>
       <param-name>subjectVirtualAttributeVariable_JDBCSourceAdapterTest</param-name>
       <param-value>edu.internet2.middleware.subject.provider.JDBCSourceAdapterTest</param-value>
     </init-param>
     <init-param>
       <param-name>subjectVirtualAttribute_2_loginIdSquared</param-name>
       <param-value>${JDBCSourceAdapterTest.appendToSelf(subject.getAttributeValue('LOGINID'))}</param-value>
     </init-param>
-->
 <!-- 
    The first virtual attribute is accessible via: subject.getAttributeValue("loginIdLfNameLoginId");
  
   -->
  
  <!-- 
    NOTE: It is recommended that you **not** change the default
          values for this source adapter.
  -->
  <source adapterClass="edu.internet2.middleware.grouper.GrouperSourceAdapter">
    <id>g:gsa</id>
    <name>Grouper: Group Source Adapter</name>
    <type>group</type>
  </source>
  <!-- Group Subject Resolver -->

 <!-- <source adapterClass="edu.internet2.middleware.grouper.subj.GrouperJdbcSourceAdapter">
    <id>jdbc</id>
    <name>Example JDBC Source Adapter</name>
     <type>person</type> --> 
     
     <!-- edu.internet2.middleware.subject.provider.C3p0JdbcConnectionProvider (default)
          edu.internet2.middleware.subject.provider.DbcpJdbcConnectionProvider (legacy) 
          edu.internet2.middleware.grouper.subj.GrouperJdbcConnectionProvider 
            (same settings as grouper.hibernate.properties, the driver, url, pass, maxActive, maxIdle, maxWait are forbidden -->
 <!--    <init-param>
       <param-name>jdbcConnectionProvider</param-name>
       <param-value>edu.internet2.middleware.grouper.subj.GrouperJdbcConnectionProvider </param-value>
     </init-param> -->
     
     <!-- note: again, if you use GrouperJdbcConnectionProvider, then you should not fill out maxActive, maxIdle,
       maxWait, dbDriver, dbUrl, dbUser, dbPwd, since it will use the grouper.hibernate.properties db settings -->

     <!--   init-param>
       <param-name>maxActive</param-name>
       <param-value>16</param-value>
     </init-param>
     <init-param>
       <param-name>maxIdle</param-name>
       <param-value>16</param-value>
     </init-param>
     <init-param>
       <param-name>maxWait</param-name>
       <param-value>-1</param-value>
     </init-param -->
     
     <!--      
       e.g. mysql:           com.mysql.jdbc.Driver
       e.g. p6spy (log sql): com.p6spy.engine.spy.P6SpyDriver
         for p6spy, put the underlying driver in spy.properties
       e.g. oracle:          oracle.jdbc.driver.OracleDriver
       e.g. hsqldb:          org.hsqldb.jdbcDriver
       e.g. postgres:        org.postgresql.Driver -->

     <!-- init-param>
       <param-name>dbDriver</param-name>
       <param-value>org.hsqldb.jdbcDriver</param-value>
     </init-param -->
     
     <!-- 
       e.g. mysql:           jdbc:mysql://localhost:3306/grouper
       e.g. p6spy (log sql): [use the URL that your DB requires]
       e.g. oracle:          jdbc:oracle:thin:@server.school.edu:1521:sid
       e.g. hsqldb (a):      jdbc:hsqldb:dist/run/grouper;create=true
       e.g. hsqldb (b):      jdbc:hsqldb:hsql://localhost:9001
       e.g. postgres:        jdbc:postgresql:grouper -->
     
     <!-- init-param>
       <param-name>dbUrl</param-name>
       <param-value>jdbc:hsqldb:C:/projects/GrouperI2MI_1-2/grouper/dist/run/grouper</param-value>
     </init-param>
     <init-param>
       <param-name>dbUser</param-name>
       <param-value>sa</param-value>
     </init-param>
     <init-param>
       <param-name>dbPwd</param-name>
       <param-value></param-value>
     </init-param -->
     
<!--      <init-param>
       <param-name>SubjectID_AttributeType</param-name>
       <param-value>id</param-value>
     </init-param>
     <init-param>
       <param-name>Name_AttributeType</param-name>
       <param-value>name</param-value>
     </init-param>
     <init-param>
       <param-name>Description_AttributeType</param-name>
       <param-value>description</param-value>
     </init-param>

     <search>
         <searchType>searchSubject</searchType>
         <param>
             <param-name>sql</param-name>
             <param-value>
select
   s.subjectid as id, s.name as name,
   (select sa2.value from subjectattribute sa2 where name='name' and sa2.SUBJECTID = s.subjectid) as lfname,
   (select sa3.value from subjectattribute sa3 where name='loginid' and sa3.SUBJECTID = s.subjectid) as loginid,
   (select sa4.value from subjectattribute sa4 where name='description' and sa4.SUBJECTID = s.subjectid) as description
from
   subject s
where
   s.subjectid = ?
            </param-value>
         </param>
     </search>
     <search>
         <searchType>searchSubjectByIdentifier</searchType>
         <param>
             <param-name>sql</param-name>
             <param-value>
select
   s.subjectid as id, s.name as name,
   (select sa2.value from subjectattribute sa2 where name='name' and sa2.SUBJECTID = s.subjectid) as lfname,
   (select sa3.value from subjectattribute sa3 where name='loginid' and sa3.SUBJECTID = s.subjectid) as loginid,
   (select sa4.value from subjectattribute sa4 where name='description' and sa4.SUBJECTID = s.subjectid) as description
from
   subject s, subjectattribute a
where
   a.value = ? and a.name='loginid' and s.subjectid = a.subjectid
             </param-value>
         </param>
     </search>
     <search>
        <searchType>search</searchType>
         <param>
             <param-name>sql</param-name> -->
             
             <!--  for postgres, use this query since no concat() exists: -->
             
<!--             <param-value>
             select
   subject.subjectid as id, subject.name as name,
   lfnamet.lfname as lfname, loginidt.loginid as loginid,
   desct.description as description
from
   subject
   left join (select subjectid, value as lfname from subjectattribute
     where name='name') lfnamet
     on subject.subjectid=lfnamet.subjectid
   left join (select subjectid, value as loginid from subjectattribute
     where name='loginid') loginidt
     on subject.subjectid=loginidt.subjectid
   left join (select subjectid, value as description from subjectattribute
      where name='description') desct
     on subject.subjectid=desct.subjectid
where
   (lower(name) like '%' || ? || '%')
   or (lower(lfnamet.lfname) like '%' || ? || '%')
   or (lower(loginidt.loginid) like '%' || ? || '%')
   or (lower(desct.description) like '%' || ? || '%')
 -->            
             
<!-- select
   s.subjectid as id, s.name as name,
   (select sa2.value from subjectattribute sa2 where name='name' and sa2.SUBJECTID = s.subjectid) as lfname,
   (select sa3.value from subjectattribute sa3 where name='loginid' and sa3.SUBJECTID = s.subjectid) as loginid,
   (select sa4.value from subjectattribute sa4 where name='description' and sa4.SUBJECTID = s.subjectid) as description
from 
   subject s
where
   s.subjectid in (
      select subjectid from subject where lower(name) like concat('%',concat(?,'%')) union
      select subjectid from subjectattribute where searchvalue like concat('%',concat(?,'%'))
   )  -->
<!--             </param-value>
         </param>
     </search>
   </source> -->
   
   <!--  
    <!- - This is an alternate jdbc source which allows for more complex searches, assumes 
      all data is in one table or view, and that all attributes are single valued.  There are
      not queries to configure in sources.xml - - >
    <source adapterClass="edu.internet2.middleware.grouper.subj.GrouperJdbcSourceAdapter2">
    <id>sourceId</id>
    <name>Source name</name>
     <type>person</type>
     <init-param>
       <param-name>jdbcConnectionProvider</param-name>
       <param-value>edu.internet2.middleware.grouper.subj.GrouperJdbcConnectionProvider</param-value>
     </init-param>

      <init-param>
       <param-name>dbTableOrView</param-name>
       <param-value>person_source_v</param-value>
     </init-param>
      <init-param>
       <param-name>subjectIdCol</param-name>
       <param-value>some_id</param-value>
     </init-param>
     <init-param>
       <param-name>nameCol</param-name>
       <param-value>name</param-value>
     </init-param>
     <init-param>
       <param-name>descriptionCol</param-name>
       <param-value>description</param-value>
     </init-param>
     <init-param>
       <!- - search col where general searches take place, lower case - - >
       <param-name>lowerSearchCol</param-name>
       <param-value>description_lower</param-value>
     </init-param>
     <init-param>
       <!- - optional col if you want the search results sorted in the API (note, UI might override) - - >
       <param-name>defaultSortCol</param-name>
       <param-value>description</param-value>
     </init-param>
     <init-param>
       <!- - col which identifies the row, perhaps not subjectId, add multiple by incrementing the 0 index - - >
       <param-name>subjectIdentifierCol0</param-name>
       <param-value>pennname</param-value>
     </init-param>
     <init-param>
       <!- - col which identifies the row, perhaps not subjectId, add multiple by incrementing the 0 index - - >
       <param-name>subjectIdentifierCol1</param-name>
       <param-value>penn_id</param-value>
     </init-param>
     <!- - now you can count up from 0 to N of attributes for various cols.  
          The name is how to reference in subject.getAttribute() - - >
     <init-param>
       <param-name>subjectAttributeCol0</param-name>
       <param-value>pennname</param-value>
     </init-param>
     <init-param>
       <param-name>subjectAttributeName0</param-name>
       <param-value>PENNNAME</param-value>
     </init-param>

   </source>
   -->
   
   
  <source adapterClass="edu.internet2.middleware.grouper.subj.GrouperJndiSourceAdapter">
    <id>lille1:ldap</id>
    <name>Ldap de Lille1</name>
    <type>person</type>
    <init-param>
      <param-name>INITIAL_CONTEXT_FACTORY</param-name>
      <param-value>com.sun.jndi.ldap.LdapCtxFactory</param-value>
    </init-param>
    <init-param>
      <param-name>PROVIDER_URL</param-name>
      <param-value>ldap://svrtestldap.univ-lille1.fr:389</param-value>
    </init-param>
    <init-param>
      <param-name>SECURITY_AUTHENTICATION</param-name>
      <param-value>anonymous</param-value>
    </init-param>
    <init-param>
      <param-name>SECURITY_PRINCIPAL</param-name>
      <param-value>uid=admintest,ou=admins,dc=univ-lille1,dc=fr</param-value>
    </init-param>
    <init-param>
      <param-name>SECURITY_CREDENTIALS</param-name>
      <param-value>xxxxxxxx</param-value>
    </init-param>
     <init-param>
      <param-name>SubjectID_AttributeType</param-name>
      <param-value>uid</param-value>
    </init-param>
    <init-param>
      <param-name>Name_AttributeType</param-name>
      <param-value>cn</param-value>
    </init-param>
    <init-param>
      <param-name>Description_AttributeType</param-name>
      <param-value>displayName</param-value>
    </init-param>
    
    /// Scope Values can be: OBJECT_SCOPE, ONELEVEL_SCOPE, SUBTREE_SCOPE 
    /// For filter use 
    
    <search>
        <searchType>searchSubject</searchType>
        <param>
            <param-name>filter</param-name>
            <param-value>
                (&amp; (uid=%TERM%) (objectClass=supannPerson))
            </param-value>
        </param>
        <param>
            <param-name>scope</param-name>
            <param-value>
               SUBTREE_SCOPE
            </param-value>
        </param>
        <param>
            <param-name>base</param-name>
            <param-value>
                ou=people,dc=univ-lille1,dc=fr
            </param-value>
        </param>
         
    </search>
    <search>
        <searchType>searchSubjectByIdentifier</searchType>
        <param>
            <param-name>filter</param-name>
            <param-value>
                (&amp; (uid=%TERM%) (objectClass=supannPerson))
            </param-value>
        </param>
        <param>
            <param-name>scope</param-name>
            <param-value>
                SUBTREE_SCOPE
            </param-value>
        </param>
        <param>
            <param-name>base</param-name>
            <param-value>
                ou=people,dc=univ-lille1,dc=fr
            </param-value>
        </param>
    </search>
    
    <search>
       <searchType>search</searchType>
         <param>
            <param-name>filter</param-name>
            <param-value>
                (&amp; (|(uid=%TERM%)(cn=*%TERM%*))(objectClass=supannPerson))
            </param-value>
        </param>
        <param>
            <param-name>scope</param-name>
            <param-value>
                SUBTREE_SCOPE
            </param-value>
        </param>
         <param>
            <param-name>base</param-name>
            <param-value>
                ou=people,dc=univ-lille1,dc=fr
            </param-value>
        </param>
    </search>
    ///Attributes you would like to display when doing a search 
    <attribute>displayName</attribute>
    <attribute>mail</attribute>
    <attribute>supannCivilite</attribute>
    <attribute>eduPersonPrimaryAffiliation</attribute>
    <attribute>supannAffectation</attribute>
    <attribute>ustlDepartement</attribute>
   
  </source>


</sources>

Archive powered by MHonArc 2.6.16.

Top of Page