...
Bloc de code |
---|
dn: uid=user1,ou=personnes,dc=example,dc=org uid: user1 objectClass: ... isMemberOf: admin:appli:appli1 |
Cette option configuration est décrite dans le paragraphe Activation paragraphe Configuration du SmartLdapGroupStore avec un cn dans l'entrée de personne.
...
Bloc de code |
---|
dn: uid=user1,ou=personnes,dc=example,dc=org uid: user1 objectClass: ... memberOf: cn=admin:appli:appli1,ou=groups,dc=aquitaine,dc=fr |
Cette option configuration est décrite dans le paragraphe Activation paragraphe Configuration du SmartLdapGroupStore avec un dn dans l'entrée de personne.
...
Bloc de code |
---|
<service> <name>smartldap</name> <service_factory>org.jasig.portal.groups.ReferenceIndividualGroupServiceFactory</service_factory> <entity_store_factory>org.jasig.portal.groups.smartldap.SmartLdapEntityStore$Factory</entity_store_factory> <group_store_factory>org.jasig.portal.groups.smartldap.SmartLdapGroupStore$Factory</group_store_factory> <entity_searcher_factory>org.jasig.portal.groups.smartldap.SmartLdapEntitySearcher$Factory</entity_searcher_factory> <internally_managed>false</internally_managed> <caching_enabled>true</caching_enabled> </service> |
Configuration du SmartLdapGroupStore avec un cn dans l'entrée de personne
- Configurer le SmartLdapGroupStore dans uportal-war/src/main/resources/properties/groups/SmartLdapGroupStoreConfig.xml
...
Lors de la recherche de l'appartenance d'une personne à un groupe, le test se fera en parcourant l'attribut memberOfAttributeName et en effectuant une comparaison avec la clé des groupes.
Configuration du SmartLdapGroupStore avec un cn dans l'entrée de personne
- Configurer le SmartLdapGroupStore dans uportal-war/src/main/resources/properties/groups/SmartLdapGroupStoreConfig.xml
Bloc de code |
---|
<!-- | This bean is the ContextSource instance that will be used to connect to LDAP. +--> <bean id="ldapContext" class="org.springframework.ldap.core.support.LdapContextSource"> <property name="url" value="ldap://ldapserveur:389"/> <property name="userDn" value="uid=root,dc=example,dc=org"/> <property name="password" value="XXX"/> </bean> <!-- | BaseDn that will be passed to the search (not to the context). | | WARNING: If you get an error like this... | ...PartialResultException: [LDAP: error code 10... | it probably means your baseDn isn't correct! +--> <bean id="baseDn" class="java.lang.String"> <constructor-arg><value>ou=groups,dc=example,dc=org</value></constructor-arg> </bean> <!-- | ESUP Parameter. | This parameter is used to extract the id path of the groups | form their dn. The id path is expected to be catched from the first group | of the regex. --> <bean id="childGroupKeyRegex" class="java.lang.String"> <constructor-arg><value>cn=(.*),ou=groups,dc=example,dc=org</value></constructor-arg> </bean> <bean id="keyIndexMatchingGroup" class="java.lang.Integer"> <constructor-arg><value>1</value></constructor-arg> </bean> <!-- | LDAP query string that will be passed to the search. +--> <bean id="filter" class="java.lang.String"> <constructor-arg><value>(objectClass=eduMember)</value></constructor-arg> </bean> <!-- | This bean identifies the name of the Person Attribute that | lists the SmartLdap groups each person is a member of. +--> <bean id="memberOfAttributeName" class="java.lang.String"> <constructor-arg><value>isMemberOf</value></constructor-arg> </bean> <!-- | This bean identifies the org.springframework.ldap.core.AttributesMapper | implementation used in reading the groups records from LDAP. +--> <bean id="contextMapper" class="org.jasig.portal.groups.smartldap.SimpleContextMapper"> <!-- | Name of the group attribute that tells you its key. +--> <property name="keyAttributeName"> <value>cn</value> </property> <!-- | Name of the group attribute that tells you its name. +--> <property name="groupNameAttributeName"> <value>cn</value> </property> <!-- | Name of the group attribute that lists its members. +--> <property name="membershipAttributeName"> <value>member</value> </property> </bean> |
Dans les cas où l'entrée de personne contient le dn du groupe au lieu du cn, il faudra modifier les propriété suivante :
...