[gatein-commits] gatein SVN: r5975 - in portal/branches/idm: web/portal/src/main/webapp/WEB-INF/conf/organization and 1 other directories.

Author: bdaw Date: 2011-03-08 02:59:16 -0500 (Tue, 08 Mar 2011) New Revision: 5975 Added: portal/branches/idm/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/acme-2ldap.ldif portal/branches/idm/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-acme-2ldap-config.xml Modified: portal/branches/idm/pom.xml portal/branches/idm/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml Log: - ldap config try Modified: portal/branches/idm/pom.xml =================================================================== --- portal/branches/idm/pom.xml 2011-03-08 06:43:52 UTC (rev 5974) +++ portal/branches/idm/pom.xml 2011-03-08 07:59:16 UTC (rev 5975) @@ -47,7 +47,7 @@ <org.gatein.common.version>2.0.3-GA</org.gatein.common.version> <org.gatein.wci.version>2.1.0-Alpha02</org.gatein.wci.version> <org.gatein.pc.version>2.3.0-Alpha01</org.gatein.pc.version> - <org.picketlink.idm>1.1.8.CR01</org.picketlink.idm> + <org.picketlink.idm>1.3.0.Alpha01-SNAPSHOT</org.picketlink.idm> <org.gatein.wsrp.version>2.0.0-GA</org.gatein.wsrp.version> <org.gatein.mop.version>1.0.5-GA</org.gatein.mop.version> <org.slf4j.version>1.5.6</org.slf4j.version> Modified: portal/branches/idm/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml =================================================================== --- portal/branches/idm/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml 2011-03-08 06:43:52 UTC (rev 5974) +++ portal/branches/idm/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml 2011-03-08 07:59:16 UTC (rev 5975) @@ -68,6 +68,9 @@ <!--Read Only "ACME" LDAP Example--> <!--<value>war:/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-acme-config.xml</value>--> + <!--Read Only "ACME" LDAP 2 Example--> + <!--<value>war:/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-acme-2ldap-config.xml</value>--> + <!--OpenLDAP LDAP config--> <!--<value>war:/conf/organization/picketlink-idm/examples/picketlink-idm-openldap-config.xml</value>--> @@ -185,6 +188,26 @@ </entry> --> + <!-- Uncomment for ACME LDAP 2 example --> + <!-- + <entry> + <key><string>/acme/internal/roles/*</string></key> + <value><string>internal_role</string></value> + </entry> + <entry> + <key><string>/acme/internal/ou/*</string></key> + <value><string>internal_ou</string></value> + </entry> + <entry> + <key><string>/acme/customers/roles/*</string></key> + <value><string>customers_role</string></value> + </entry> + <entry> + <key><string>/acme/customers/ou/*</string></key> + <value><string>customers_ou</string></value> + </entry> + --> + <!-- Uncomment for MSAD ReadOnly LDAP example --> <!-- <entry> Copied: portal/branches/idm/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/acme-2ldap.ldif (from rev 5953, portal/branches/idm/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/acme.ldif) =================================================================== --- portal/branches/idm/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/acme-2ldap.ldif (rev 0) +++ portal/branches/idm/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/acme-2ldap.ldif 2011-03-08 07:59:16 UTC (rev 5975) @@ -0,0 +1,330 @@ +#dn: dc=example,dc=com +#objectclass: top +#objectclass: dcObject +#objectclass: organization +#dc: example +#o: example + +dn: dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: dcObject +objectclass: organization +o: picketlink +dc: picketlink + +dn: dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: dcObject +objectclass: organization +o: idm +dc: idm + +dn: o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: organization +o: trunk + +## portal1 + +dn: o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: organization +o: portal1 + +dn: ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: People + + +dn: uid=admin,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: inetOrgPerson +objectclass: person +uid: admin +cn: Administrator +sn: Duke +userPassword: admin +mail: admin(a)acme.example.com + +dn: uid=user,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: inetOrgPerson +objectclass: person +uid: user +cn: User +sn: Sample +userPassword: user +mail: user(a)acme.example.com + +dn: uid=jduke,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: inetOrgPerson +objectclass: person +uid: jduke +cn: Java +sn: Duke +userPassword: theduke +mail: jduke(a)acme.example.com + +dn: uid=jduke1,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: inetOrgPerson +objectclass: person +uid: jduke1 +cn: Java 1 +sn: Duke1 +userPassword: theduke +mail: jduke1(a)acme.example.com + + +dn: uid=jduke2,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: inetOrgPerson +objectclass: person +uid: jduke2 +cn: Java 2 +sn: Duke2 +userPassword: theduke +mail: jduke2(a)acme.example.com + +dn: uid=jduke3,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: inetOrgPerson +objectclass: person +uid: jduke3 +cn: Java 3 +sn: Duke3 +userPassword: theduke +mail: jduke3(a)acme.example.com + +dn: uid=jduke4,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: inetOrgPerson +objectclass: person +uid: jduke4 +cn: Java 4 +sn: Duke4 +userPassword: theduke +mail: jduke4(a)acme.example.com + +dn: ou=Roles,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: Roles + +dn: cn=admins,ou=Roles,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectClass: top +objectClass: groupOfNames +cn: admins +description: Portal admin role +member: uid=admin,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com + +dn: cn=employee,ou=Roles,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectClass: top +objectClass: groupOfNames +cn: employee +description: ACME Employees +member: uid=admin,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=user,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=jduke,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=jduke1,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=jduke2,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=jduke3,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=jduke4,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com + +dn: cn=echo,ou=Roles,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectClass: top +objectClass: groupOfNames +cn: echo +description: Echo role +member: uid=jduke1,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=jduke3,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=jduke4,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com + +dn: cn=echo1,ou=Roles,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectClass: top +objectClass: groupOfNames +cn: echo1 +description: Echo1 role +member: uid=jduke2,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=jduke3,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com + +dn: cn=theduke,ou=Roles,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectClass: groupOfNames +objectClass: top +cn: theduke +description: TheDuke role +member: uid=jduke,ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com + +dn: ou=OrganizationUnits,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: OrganizationUnits + +dn: cn=foo,ou=OrganizationUnits,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectClass: top +objectClass: groupOfNames +cn: foo +description: Foo organization unit + + +dn: cn=bar,ou=OrganizationUnits,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectClass: top +objectClass: groupOfNames +cn: bar +description: Bar organization + +#################################################### +## portal2 +#################################################### + +dn: o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: organization +o: portal2 + +dn: ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: People + + +dn: uid=admin2,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: inetOrgPerson +objectclass: person +uid: admin2 +cn: Administrator2 +sn: Duke +userPassword: admin +mail: admin(a)acme.example.com + +dn: uid=user2,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: inetOrgPerson +objectclass: person +uid: user2 +cn: User2 +sn: Sample +userPassword: user +mail: user2(a)acme.example.com + +dn: uid=jduke5,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: inetOrgPerson +objectclass: person +uid: jduke5 +cn: Java 5 +sn: Duke +userPassword: theduke +mail: jduke5(a)acme.example.com + +dn: uid=jduke6,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: inetOrgPerson +objectclass: person +uid: jduke6 +cn: Java 6 +sn: Duke +userPassword: theduke +mail: jduke6(a)acme.example.com + + +dn: uid=jduke7,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: inetOrgPerson +objectclass: person +uid: jduke7 +cn: Java 7 +sn: Duke +userPassword: theduke +mail: jduke7(a)acme.example.com + +dn: uid=jduke8,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: inetOrgPerson +objectclass: person +uid: jduke8 +cn: Java 8 +sn: Duke8 +userPassword: theduke +mail: jduke8(a)acme.example.com + +dn: uid=jduke9,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: inetOrgPerson +objectclass: person +uid: jduke9 +cn: Java 9 +sn: Duke20 +userPassword: theduke +mail: jduke9(a)acme.example.com + +dn: ou=Roles,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: Roles + +dn: cn=admins,ou=Roles,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectClass: top +objectClass: groupOfNames +cn: admins +description: Portal admin role +member: uid=admin2,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com + +dn: cn=customer,ou=Roles,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectClass: top +objectClass: groupOfNames +cn: customer +description: ACME Customers +member: uid=admin2,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=user2,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=jduke5,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=jduke6,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=jduke7,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=jduke8,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=jduke9,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com + +dn: cn=echo2,ou=Roles,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectClass: top +objectClass: groupOfNames +cn: echo +description: Echo role +member: uid=jduke5,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=jduke7,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=jduke8,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com + +dn: cn=echo3,ou=Roles,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectClass: top +objectClass: groupOfNames +cn: echo1 +description: Echo1 role +member: uid=jduke6,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +member: uid=jduke9,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com + +dn: cn=partner,ou=Roles,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectClass: groupOfNames +objectClass: top +cn:partner +description: Partner role +member: uid=jduke6,ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com + +dn: ou=OrganizationUnits,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: OrganizationUnits + +dn: cn=customer_foo,ou=OrganizationUnits,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectClass: top +objectClass: groupOfNames +cn: customer_foo +description: Customer Foo organization unit + + +dn: cn=customer_bar,ou=OrganizationUnits,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com +objectClass: top +objectClass: groupOfNames +cn: customer_bar +description: Customer Bar organization + Copied: portal/branches/idm/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-acme-2ldap-config.xml (from rev 5953, portal/branches/idm/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-acme-config.xml) =================================================================== --- portal/branches/idm/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-acme-2ldap-config.xml (rev 0) +++ portal/branches/idm/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-acme-2ldap-config.xml 2011-03-08 07:59:16 UTC (rev 5975) @@ -0,0 +1,632 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + + Copyright (C) 2009 eXo Platform SAS. + + This is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of + the License, or (at your option) any later version. + + This software is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this software; if not, write to the Free + Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + 02110-1301 USA, or see the FSF site: http://www.fsf.org. + +--> + +<jboss-identity xmlns="urn:picketlink:idm:config:v1_0_0_ga" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="urn:picketlink:idm:config:v1_0_0_ga identity-config.xsd"> + <realms> + <realm> + <id>idm_realm_sample-portal</id> + <repository-id-ref>DefaultPortalRepository</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + <options> + <option> + <name>cache.providerRegistryName</name> + <value>apiCacheProvider</value> + </option> + </options> + </realm> + <realm> + <id>idm_realm</id> + <repository-id-ref>PortalRepository</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + <options> + <option> + <name>template</name> + <value>true</value> + </option> + <option> + <name>cache.providerRegistryName</name> + <value>apiCacheProvider</value> + </option> + </options> + </realm> + </realms> + <repositories> + <repository> + <id>PortalRepository</id> + <class>org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>HibernateStore</default-identity-store-id> + <default-attribute-store-id>HibernateStore</default-attribute-store-id> + <identity-store-mappings> + <identity-store-mapping> + <identity-store-id>LDAP_1</identity-store-id> + <identity-object-types> + <identity-object-type>USER</identity-object-type> + <identity-object-type>internal_role</identity-object-type> + <identity-object-type>internal_ou</identity-object-type> + </identity-object-types> + <options> + </options> + </identity-store-mapping> + <identity-store-mapping> + <identity-store-id>LDAP_2</identity-store-id> + <identity-object-types> + <identity-object-type>USER</identity-object-type> + <identity-object-type>customers_role</identity-object-type> + <identity-object-type>customers_ou</identity-object-type> + </identity-object-types> + <options> + </options> + </identity-store-mapping> + </identity-store-mappings> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + <repository> + <id>DefaultPortalRepository</id> + <class>org.picketlink.idm.impl.repository.WrapperIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>HibernateStore</default-identity-store-id> + <default-attribute-store-id>HibernateStore</default-attribute-store-id> + </repository> + </repositories> + <stores> + <attribute-stores/> + <identity-stores> + <identity-store> + <id>HibernateStore</id> + <class>org.picketlink.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class> + <external-config/> + <supported-relationship-types> + <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type> + <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type> + </supported-relationship-types> + <supported-identity-object-types> + <identity-object-type> + <name>USER</name> + <relationships/> + <credentials> + <credential-type>PASSWORD</credential-type> + </credentials> + <attributes/> + <options/> + </identity-object-type> + </supported-identity-object-types> + <options> + <option> + <name>hibernateSessionFactoryRegistryName</name> + <value>hibernateSessionFactory</value> + </option> + <option> + <name>populateRelationshipTypes</name> + <value>true</value> + </option> + <option> + <name>populateIdentityObjectTypes</name> + <value>true</value> + </option> + <option> + <name>allowNotDefinedIdentityObjectTypes</name> + <value>true</value> + </option> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + <option> + <name>isRealmAware</name> + <value>true</value> + </option> + </options> + </identity-store> + + <!--FIRST LDAP--> + <identity-store> + <id>LDAP_1</id> + <class>org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl</class> + <external-config/> + <supported-relationship-types> + <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type> + </supported-relationship-types> + <supported-identity-object-types> + <identity-object-type> + <name>USER</name> + <relationships/> + <credentials> + <credential-type>PASSWORD</credential-type> + </credentials> + <attributes> + <attribute> + <name>firstName</name> + <mapping>cn</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>lastName</name> + <mapping>sn</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>email</name> + <mapping>mail</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + <isUnique>true</isUnique> + </attribute> + </attributes> + <options> + <option> + <name>idAttributeName</name> + <value>uid</value> + </option> + <option> + <name>passwordAttributeName</name> + <value>userPassword</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=People,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com</value> + </option> + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=inetOrgPerson</value> + <value>sn= </value> + <value>cn= </value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>internal_role</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>internal_role</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes> + <attribute> + <name>label</name> + <mapping>cn</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>true</isReadOnly> + </attribute> + <attribute> + <name>description</name> + <mapping>description</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + </attributes> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Roles,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com</value> + </option> + <!--<option>--> + <!--<name>entrySearchFilter</name>--> + <!--<value></value>--> + <!--</option>--> + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>internal_ou</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>internal_ou</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes> + <attribute> + <name>label</name> + <mapping>cn</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>true</isReadOnly> + </attribute> + <attribute> + <name>description</name> + <mapping>description</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + </attributes> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=OrganizationUnits,o=portal1,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com</value> + </option> + <!--<option>--> + <!--<name>entrySearchFilter</name>--> + <!--<value></value>--> + <!--</option>--> + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + </supported-identity-object-types> + <options> + <option> + <name>providerURL</name> + <value>ldap://localhost:10389</value> + </option> + <option> + <name>adminDN</name> + <value>cn=Directory Manager</value> + </option> + <option> + <name>adminPassword</name> + <value>password</value> + </option> + <option> + <name>searchTimeLimit</name> + <value>10000</value> + </option> + <option> + <name>createMissingContexts</name> + <value>true</value> + </option> + <option> + <name>customJNDIConnectionParameters</name> + <value>com.sun.jndi.ldap.connect.pool=true</value> + </option> + <option> + <name>customSystemProperties</name> + <value>com.sun.jndi.ldap.connect.pool.maxsize=300000</value> + <value>com.sun.jndi.ldap.connect.pool.protocol=plain ssl</value> + </option> + </options> + </identity-store> + + <!-- SECOND LDAP--> + <identity-store> + <id>LDAP_2</id> + <class>org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl</class> + <external-config/> + <supported-relationship-types> + <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type> + </supported-relationship-types> + <supported-identity-object-types> + <identity-object-type> + <name>USER</name> + <relationships/> + <credentials> + <credential-type>PASSWORD</credential-type> + </credentials> + <attributes> + <attribute> + <name>firstName</name> + <mapping>cn</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>lastName</name> + <mapping>sn</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>email</name> + <mapping>mail</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + <isUnique>true</isUnique> + </attribute> + </attributes> + <options> + <option> + <name>idAttributeName</name> + <value>uid</value> + </option> + <option> + <name>passwordAttributeName</name> + <value>userPassword</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=People,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com</value> + </option> + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=inetOrgPerson</value> + <value>sn= </value> + <value>cn= </value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>customers_role</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>customers_role</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes> + <attribute> + <name>label</name> + <mapping>cn</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>true</isReadOnly> + </attribute> + <attribute> + <name>description</name> + <mapping>description</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + </attributes> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Roles,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com</value> + </option> + <!--<option>--> + <!--<name>entrySearchFilter</name>--> + <!--<value></value>--> + <!--</option>--> + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>customers_ou</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>customers_ou</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes> + <attribute> + <name>label</name> + <mapping>cn</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>true</isReadOnly> + </attribute> + <attribute> + <name>description</name> + <mapping>description</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + </attributes> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=OrganizationUnits,o=portal2,o=trunk,dc=idm,dc=picketlink,dc=example,dc=com</value> + </option> + <!--<option>--> + <!--<name>entrySearchFilter</name>--> + <!--<value></value>--> + <!--</option>--> + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + </supported-identity-object-types> + <options> + <option> + <name>providerURL</name> + <value>ldap://localhost:10389</value> + </option> + <option> + <name>adminDN</name> + <value>cn=Directory Manager</value> + </option> + <option> + <name>adminPassword</name> + <value>password</value> + </option> + <option> + <name>searchTimeLimit</name> + <value>10000</value> + </option> + <option> + <name>createMissingContexts</name> + <value>true</value> + </option> + <option> + <name>customJNDIConnectionParameters</name> + <value>com.sun.jndi.ldap.connect.pool=true</value> + </option> + <option> + <name>customSystemProperties</name> + <value>com.sun.jndi.ldap.connect.pool.maxsize=300000</value> + <value>com.sun.jndi.ldap.connect.pool.protocol=plain ssl</value> + </option> + </options> + </identity-store> + + </identity-stores> + </stores> + <options> + <option> + <name>defaultTemplate</name> + <value>idm_realm</value> + </option> + </options> +</jboss-identity> \ No newline at end of file