| Info |
|---|
Le GIP RECIA n'utilise plus ce type de groupe store et utilise uniquement le SmartLdapGroupStore |
Note d'installation pour l'utilisation des groupes Grouper dans le portail esup 3.2.4 via le GroupStore ESCO du RECIA.
conventions :
<esupSrc> : le répertoire du package du portail eSup
...
ajouter les lignes suivantes dans la liste des repositories défini, entre le repository jasig-3rd-party et sonatype-nexus-snapshots par exemple (ligne 66)
| Bloc de code |
|---|
<repository>
<id>Recia</id>
<name>esco repo</name>
<url>http://www.esco-portail.org/nexus/content/repositories/public/</url>
<releases><enabled>true</enabled></releases>
<snapshots><enabled>false</enabled></snapshots>
</repository>
|
...
ajouter les lignes suivantes dans la liste des dependencies, juste avant le commentaire <!- esup dependencies ->
| Bloc de code |
|---|
<!-- esco dependencies -->
<dependency>
<groupId>org.esco.grouper</groupId>
<artifactId>esco-grouper-portal-groupManager</artifactId>
<version>0.0.3-grouper-1.6.3</version>
<exclusions>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring</artifactId>
</exclusion>
<exclusion>
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>edu.internet2.middleware.subject.provider</groupId>
<artifactId>ldap-source-adapter</artifactId>
<version>0.0.3-grouper-1.6.3</version>
<exclusions>
<exclusion>
<groupId>org.springframework</groupId>
<artifactId>spring</artifactId>
</exclusion>
<exclusion>
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache</artifactId>
</exclusion>
</exclusions>
</dependency>
|
...
| Bloc de code |
|---|
cp <esupSrc>/uPortal_rel-3.2.4/uportal-impl/src/main/resources/properties/groups/compositeGroupServices.xml <customDir>/uPortal/uportal-impl/src/main/resources/properties/groups/
|
- Ajouter le service pour le groupStore ESCO en ajoutant cette définition :
| Bloc de code |
|---|
|
<\!-\- ESCO-Grouper service to use Gouper groups \-->
<service>
<name>ESCO-GROUPER</name>
<service_factory>org.esco.portal.groups.grouper.ESCOReferenceIndividualGroupServiceFactory</service_factory>
<entity_store_factory>org.esco.portal.groups.grouper.EntityStoreFactory</entity_store_factory>
<group_store_factory>org.esco.portal.groups.grouper.EntityGroupStoreFactory</group_store_factory>
<entity_searcher_factory>org.esco.portal.groups.grouper.EntitySearcherFactory</entity_searcher_factory>
<internally_managed>false</internally_managed>
<caching_enabled>true</caching_enabled>
</service>
|
- Modifier le service du groupStore "local" ainsi
| Bloc de code |
|---|
|
<service>
<name>local</name>
<service_factory>org.esco.portal.groups.grouper.ESCOReferenceIndividualGroupServiceFactory</service_factory>
<entity_store_factory>org.jasig.portal.groups.ReferenceEntityStoreFactory</entity_store_factory>
<group_store_factory>org.esco.portal.groups.grouper.ESCOReferenceEntityGroupStoreFactory</group_store_factory>
<entity_searcher_factory>org.jasig.portal.groups.ReferenceEntitySearcherFactory</entity_searcher_factory>
<internally_managed>true</internally_managed>
<caching_enabled>true</caching_enabled>
</service>
|
...
définir le fichier <customDir>/uPortal/uportal-impl/src/main/resources/properties/groups/esco-GroupLoad.xml
| Bloc de code |
|---|
|
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<properties>
<comment>
Properties used to define how the the Grouper groups should be loaded
in the native uPortal groups.
</comment>
<!-- Duration validity, in seconds, for the Grouper requests. -->
<entry key="grouper.requests.cache.duration">25</entry>
<!--
Defines the grouper groups to load in uPortal groups.
keys denote a uPortal group name and values are semicolon separated
lists of grouper stems. The group loaded are the root groups
in the stems.
For instance, all groups in the stem esco:admin that are not member of another group
are loaded in the Portal Administrator group:
<entry key="Portal Administrators">esco:admin</entry>
-->
<entry key="Administrateurs Portail">esco:admin:central</entry>
<entry key="Tout le monde">esco:Etablissements;esco:Applications</entry>
<entry key="Proprietaires de fragment">esco:admin:esco-lo</entry>
</properties>
|
...
*Si vous avez décidé d'installer le module ldap-source-adapter
il vous faudra configurer le fichier sources.xml selon cet exemple :
| Bloc de code |
|---|
|
<?xml version="1.0" encoding="utf-8"?>
<!--
LdapSourceAdapter configuration
-->
<sources>
...
<source adapterClass="edu.internet2.middleware.subject.provider.LdapSourceAdapter">
<id>uwpds</id>
<name>UW PDS</name>
<type>person</type>
<!-- Note that most of the ldap configuration is in the properties file
The filename can be a file in your classpath or an absolute pathname
-->
<init-param>
<param-name>ldapProperties_file</param-name>
<param-value>ldap.properties</param-value>
</init-param>
<init-param>
<param-name>SubjectID_AttributeType</param-name>
<param-value>uwRegID</param-value>
</init-param>
<init-param>
<param-name>Name_AttributeType</param-name>
<param-value>uwNetID</param-value>
</init-param>
<init-param>
<param-name>Description_AttributeType</param-name>
<param-value>displayName</param-value>
</init-param>
<search>
<searchType>searchSubject</searchType>
<param>
<param-name>filter</param-name>
<param-value>
(&(uwRegID=%TERM%)(objectclass=uwPerson))
</param-value>
</param>
<param>
<param-name>scope</param-name>
<param-value>
SUBTREE_SCOPE
</param-value>
</param>
<param>
<param-name>base</param-name>
<param-value>
</param-value>
</param>
</search>
<search>
<searchType>searchSubjectByIdentifier</searchType>
<param>
<param-name>filter</param-name>
<param-value>
(&(|(uwnetID=%TERM%)(uwStudentID=%TERM%))(objectclass=uwPerson))
</param-value>
</param>
<param>
<param-name>scope</param-name>
<param-value>
SUBTREE_SCOPE
</param-value>
</param>
<param>
<param-name>base</param-name>
<param-value>
</param-value>
</param>
</search>
<!-- use the firstlastfilter to allow: last, first lookup -->
<search>
<searchType>search</searchType>
<param>
<param-name>filter</param-name>
<param-value>
(&(|(uwNetID=%TERM%)(sn=%TERM%))(uwNetId=*)(objectclass=uwPerson)))
</param-value>
</param>
<param>
<param-name>firstlastfilter</param-name>
<param-value>
(&(uwPersonRegisteredSurname=%LAST%)(uwPersonRegisteredFirstMiddle=%FIRST%*)(uwnetid=*)(objectClass=uwPerson))
</param-value>
</param>
<param>
<param-name>scope</param-name>
<param-value>
SUBTREE_SCOPE
</param-value>
</param>
<param>
<param-name>base</param-name>
<param-value>
</param-value>
</param>
</search>
///Attributes you would like to display when doing a search
<attribute>uwNetID</attribute>
<attribute>uwEWPName</attribute>
<attribute>uwSWPName</attribute>
<attribute>uwEWPDept1</attribute>
</source>
</sources>
|
côté RECIA nous avons juste modifié ces paramètres par rapport au fichier sources.xml original et personnalisé de grouper :
| Bloc de code |
|---|
|
....
<source adapterClass="edu.internet2.middleware.subject.provider.LdapSourceAdapter">
<id>esco:ldap</id>
<name>JNDI Source Adapter esco:ldap</name>
<type>person</type>
<!-- Note that most of the ldap configuration is in the properties file
The filename can be a file in your classpath or an absolute pathname
-->
<init-param>
<param-name>ldapProperties_file</param-name>
<param-value>ldap.properties</param-value>
</init-param>
<init-param>
<param-name>Multiple_Results</param-name>
<param-value>false</param-value>
</init-param>
....
|
...
et ajouter un fichier ldap.properties avec cet exemple de conf :
| Bloc de code |
|---|
# ldap source adapter properties
#
# for a complete list of properties see:
# http://code.google.com/p/vt-middleware/wiki/vtldap#Configuration_Properties
#
#
edu.vt.middleware.ldap.ldapUrl=ldap://pds.example.edu:389
edu.vt.middleware.ldap.base=dc=example,dc=edu
edu.vt.middleware.ldap.searchScope=SUBTREE
# authn if simple
edu.vt.middleware.ldap.serviceUser=cn=admin,dc=example,dc=edu
edu.vt.middleware.ldap.serviceCredential=admin_password
# authn for sasl external (certificates)
#edu.vt.middleware.ldap.authtype=EXTERNAL
#edu.vt.middleware.ldap.tls=true
#edu.vt.middleware.ldap.serviceUser=cn=admin.example.edu
# these to use PEM format cert and key
#pemCaFile=/path/to/ca.pem
#pemCertFile=/path/to/cert.pem
#pemKeyFile=/path/to/key.pem
# pooling options
edu.vt.middleware.ldap.pool.minPoolSize = 2
edu.vt.middleware.ldap.pool.maxPoolSize = 5
|
...
Recopier les fichiers à éditer
| Bloc de code |
|---|
mkdir -p <customDir>/uportal-impl/src/main/java/org/jasig/portal/channels/groupsmanager/
mkdir <customDir>/uportal-impl/src/main/java/org/jasig/portal/channels/groupsmanager/wrappers/
cp <esupSrc>/uPortal_rel-3.2.4/uportal-impl/src/main/java/org/jasig/portal/channels/groupsmanager/CGroupsManager.java <customDir>/uPortal/uportal-impl/src/main/java/org/jasig/portal/channels/groupsmanager/
cp <esupSrc>/uPortal_rel-3.2.4/uportal-impl/src/main/java/org/jasig/portal/channels/groupsmanager/GroupsManagerXML.java <customDir>/uPortal/uportal-impl/src/main/java/org/jasig/portal/channels/groupsmanager/
cp <esupSrc>/uPortal_rel-3.2.4/uportal-impl/src/main/java/org/jasig/portal/channels/groupsmanager/wrappers/GroupWrapper.java <customDir>/uPortal/uportal-impl/src/main/java/org/jasig/portal/channels/groupsmanager/wrappers/
|
...
| Bloc de code |
|---|
| title | diff <esupSrc>/uPortal_rel-3.2.4/uportal-impl/src/main/java/org/jasig/portal/channels/groupsmanager/CGroupsManager.java <customDir>/uPortal/uportal-impl/src/main/java/org/jasig/portal/channels/groupsmanager/CGroupsManager.java |
|---|
|
65,74c65
< // ---------------------------------
< // -- Modif ESCO - A. Deman 10/2008
< // ---------------------------------
< // Pour eviter de charger systematiquement
< // tous les groupes.
< // L'appell à la méthode init a été
< // ajoutée dans les accesseurs de cette
< // classe qui ne l'avaient pa déjà.
<
< //init();
---
> init();
102,109c93
< // ---------------------------------
< // -- Modif ESCO - J. Gribonvald 07/2011
< // ---------------------------------
< // Pour eviter de charger systematiquement
< // tous les groupes et leurs membre
< // sur le groupe everyone
< // à l'accès des canaux comme le permissionManager.
< /*Iterator allgroups = everyone.getAllMembers();
---
> Iterator allgroups = everyone.getAllMembers();
122,126c106
< }*/
< // ---------------------------------
< // -- Modif ESCO - J. Gribonvald 07/2011
< // ---------------------------------
< // --- Fin modif.
---
> }
375c366
< init();
---
> init();
393,400c384
< // --------------------------------
< // Modif ESCO - A. Deman - 10/2008
< // --------------------------------
< // Ajout de l'appel à init()
< // supprimé dans le constructeur.
< init();
< // --- Fin modif.
< return (String)activities.get(token);
---
> return (String)activities.get(token);
418,425d401
< // --------------------------------
< // Modif ESCO - A. Deman - 10/2008
< // --------------------------------
< // Ajout de l'appel à init()
< // supprimé dans le constructeur.
< init();
< // --- Fin modif.
<
|
| Bloc de code |
|---|
| title | diff <esupSrc>/uPortal_rel-3.2.4/uportal-impl/src/main/java/org/jasig/portal/channels/groupsmanager/GroupsManagerXML.java <customDir>/uPortal/uportal-impl/src/main/java/org/jasig/portal/channels/groupsmanager/GroupsManagerXML.java |
|---|
|
239,242c239
< // ========= Modification ESCO ==============
< // Used to handle Grouper groups.
< // if (hasMembers) {
< // =========================================
---
> if (hasMembers) {
251c248
< // } // Modification ESCO
---
> }
|
| Bloc de code |
|---|
| title | diff <esupSrc>/uPortal_rel-3.2.4/uportal-impl/src/main/java/org/jasig/portal/channels/groupsmanager/wrappers/GroupWrapper.java <customDir>/uPortal/uportal-impl/src/main/java/org/jasig/portal/channels/groupsmanager/wrappers/GroupWrapper.java |
|---|
|
239,242c239
< // ========= Modification ESCO ==============
< // Used to handle Grouper groups.
< // if (hasMembers) {
< // =========================================
---
> if (hasMembers) {
251c248
< // } // Modification ESCO
---
> }
|
- Si utilisation du WS esup des groupes
| Bloc de code |
|---|
cp <updateSrc>/uPortal/uportal-impl/src/main/java/org/esupportail/portal/ws/groups/PortalGroups.java <customDir>/uPortal/uportal-impl/src/main/java/org/esupportail/portal/ws/groups/PortalGroups.java
|
...
| Bloc de code |
|---|
| title | diff <updateSrc>uPortal/uportal-impl/src/main/java/org/esupportail/portal/ws/groups/PortalGroups.java <customDir>uPortal/uportal-impl/src/main/java/org/esupportail/portal/ws/groups/PortalGroups.java |
|---|
|
35a36
> import org.esco.portal.groups.grouper.ESCOEntityGroupImpl;
284,285c285,290
< // on remplit ce vecteur en remontant la hierarchie recursivement
< getRecurContainingGroups(egi, groups, v);
---
> // on appelle une méthode spécifique optimal pour les groupes grouper
> if (egi instanceof ESCOEntityGroupImpl) {
> getESCORecurContaininGroups(egi,v);
> } else {
> getRecurContainingGroups(egi, groups, v);
> }
364,365c369,383
<
<
---
>
> /**
> * Même méthode que la précédente mais spécifique aux groupes esco. Méthode optimale pour obtenir les groupes parents !
> */
> private void getESCORecurContaininGroups(IEntityGroup egi, Vector v) {
> String[] list = egi.getKey().split(":");
> StringBuffer group = new StringBuffer();
> for (String current : list) {
> if (group.length()>0) {
> group.append(":");
> }
> group.append(current);
> v.add(group.toString());
> }
> }
|
...