Author: bdaw
Date: 2010-03-26 09:48:01 -0400 (Fri, 26 Mar 2010)
New Revision: 2372
Added:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/acme-openldap.ldif
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/initial-openldap.ldif
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-openldap-acme-config.xml
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-openldap-config.xml
Modified:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-config.xml
Log:
- GTNPORTAL-989 - example configuration files for OpenLDAP
Modified:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml
===================================================================
---
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml 2010-03-26
12:40:57 UTC (rev 2371)
+++
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml 2010-03-26
13:48:01 UTC (rev 2372)
@@ -65,13 +65,19 @@
<!--Sample LDAP config-->
<!--<value>war:/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-config.xml</value>-->
- <!--ACME LDAP Example-->
+ <!--Read Only "ACME" LDAP Example-->
<!--<value>war:/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-acme-config.xml</value>-->
+ <!--OpenLDAP LDAP config-->
+
<!--<value>war:/conf/organization/picketlink-idm/examples/picketlink-idm-openldap-config.xml</value>-->
+
+ <!--OpenLDAP ReadOnly "ACME" LDAP Example-->
+
<!--<value>war:/conf/organization/picketlink-idm/examples/picketlink-idm-openldap-acme-config.xml</value>-->
+
<!--MSAD LDAP Example-->
<!--<value>war:/conf/organization/picketlink-idm/examples/picketlink-idm-msad-config.xml</value>-->
- <!--MSAD Read Only LDAP Example-->
+ <!--MSAD Read Only "ACME" LDAP Example-->
<!--<value>war:/conf/organization/picketlink-idm/examples/picketlink-idm-msad-readonly-config.xml</value>-->
</value-param>
Copied:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/acme-openldap.ldif
(from rev 2370,
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/acme.ldif)
===================================================================
---
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/acme-openldap.ldif
(rev 0)
+++
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/acme-openldap.ldif 2010-03-26
13:48:01 UTC (rev 2372)
@@ -0,0 +1,160 @@
+dn: o=acme,dc=my-domain,dc=com
+objectclass: top
+objectclass: dcObject
+objectclass: organization
+o: acme
+dc: acme
+
+dn: ou=placeholder,o=acme,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: placeholder
+description: entry used to satisfy schmema restrictions for required member attribute in
groupOfNames objectClass
+
+dn: ou=People,o=acme,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: People
+
+dn: uid=admin,ou=People,o=acme,dc=my-domain,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: admin
+cn: Administrator
+sn: Duke
+userPassword: admin
+mail: admin(a)acme.example.com
+
+dn: uid=user,ou=People,o=acme,dc=my-domain,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: user
+cn: User
+sn: Sample
+userPassword: user
+mail: user(a)acme.example.com
+
+dn: uid=jduke,ou=People,o=acme,dc=my-domain,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: jduke
+cn: Java
+sn: Duke
+userPassword: theduke
+mail: jduke(a)acme.example.com
+
+dn: uid=jduke1,ou=People,o=acme,dc=my-domain,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: jduke1
+cn: Java 1
+sn: Duke1
+userPassword: theduke
+mail: jduke1(a)acme.example.com
+
+
+dn: uid=jduke2,ou=People,o=acme,dc=my-domain,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: jduke2
+cn: Java 2
+sn: Duke2
+userPassword: theduke
+mail: jduke2(a)acme.example.com
+
+dn: uid=jduke3,ou=People,o=acme,dc=my-domain,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: jduke3
+cn: Java 3
+sn: Duke3
+userPassword: theduke
+mail: jduke3(a)acme.example.com
+
+dn: uid=jduke4,ou=People,o=acme,dc=my-domain,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: jduke4
+cn: Java 4
+sn: Duke4
+userPassword: theduke
+mail: jduke4(a)acme.example.com
+
+dn: ou=Roles,o=acme,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Roles
+
+dn: cn=admins,ou=Roles,o=acme,dc=my-domain,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: admins
+description: Portal admin role
+member: uid=admin,ou=People,o=acme,dc=my-domain,dc=com
+
+dn: cn=employees,ou=Roles,o=acme,dc=my-domain,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: employees
+description: ACME Employees
+member: uid=admin,ou=People,o=acme,dc=my-domain,dc=com
+member: uid=user,ou=People,o=acme,dc=my-domain,dc=com
+member: uid=jduke,ou=People,o=acme,dc=my-domain,dc=com
+member: uid=jduke1,ou=People,o=acme,dc=my-domain,dc=com
+member: uid=jduke2,ou=People,o=acme,dc=my-domain,dc=com
+member: uid=jduke3,ou=People,o=acme,dc=my-domain,dc=com
+member: uid=jduke4,ou=People,o=acme,dc=my-domain,dc=com
+
+dn: cn=echo,ou=Roles,o=acme,dc=my-domain,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: echo
+description: Echo role
+member: uid=jduke1,ou=People,o=acme,dc=my-domain,dc=com
+member: uid=jduke3,ou=People,o=acme,dc=my-domain,dc=com
+member: uid=jduke4,ou=People,o=acme,dc=my-domain,dc=com
+
+dn: cn=echo1,ou=Roles,o=acme,dc=my-domain,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: echo1
+description: Echo1 role
+member: uid=jduke2,ou=People,o=acme,dc=my-domain,dc=com
+member: uid=jduke3,ou=People,o=acme,dc=my-domain,dc=com
+
+dn: cn=theduke,ou=Roles,o=acme,dc=my-domain,dc=com
+objectClass: groupOfNames
+objectClass: top
+cn: theduke
+description: TheDuke role
+member: uid=jduke,ou=People,o=acme,dc=my-domain,dc=com
+
+dn: ou=OrganizationUnits,o=acme,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: OrganizationUnits
+
+dn: cn=foo,ou=OrganizationUnits,o=acme,dc=my-domain,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: foo
+description: Foo organization unit
+member: uid=admin,ou=People,o=acme,dc=my-domain,dc=com
+
+
+
+dn: cn=bar,ou=OrganizationUnits,o=acme,dc=my-domain,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: bar
+description: Bar organization
+member: uid=admin,ou=People,o=acme,dc=my-domain,dc=com
+
+
Added:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/initial-openldap.ldif
===================================================================
---
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/initial-openldap.ldif
(rev 0)
+++
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/initial-openldap.ldif 2010-03-26
13:48:01 UTC (rev 2372)
@@ -0,0 +1,16 @@
+dn: o=gatein,dc=my-domain,dc=com
+objectclass: top
+objectclass: organization
+o: gatein
+
+dn: o=portal,o=gatein,dc=my-domain,dc=com
+objectclass: top
+objectclass: organization
+o: portal
+
+dn: ou=placeholder,o=portal,o=gatein,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: placeholder
+description: entry used to satisfy schmema restrictions for required member attribute in
groupOfNames objectClass
+
Modified:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-config.xml
===================================================================
---
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-config.xml 2010-03-26
12:40:57 UTC (rev 2371)
+++
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-config.xml 2010-03-26
13:48:01 UTC (rev 2372)
@@ -152,6 +152,31 @@
<credential-type>PASSWORD</credential-type>
</credentials>
<attributes>
+ <attribute>
+ <name>firstName</name>
+ <mapping>cn</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>lastName</name>
+ <mapping>sn</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
</attributes>
<options>
<option>
Copied:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-openldap-acme-config.xml
(from rev 2370,
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-acme-config.xml)
===================================================================
---
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-openldap-acme-config.xml
(rev 0)
+++
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-openldap-acme-config.xml 2010-03-26
13:48:01 UTC (rev 2372)
@@ -0,0 +1,393 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ Copyright (C) 2009 eXo Platform SAS.
+
+ This is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as
+ published by the Free Software Foundation; either version 2.1 of
+ the License, or (at your option) any later version.
+
+ This software is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this software; if not, write to the Free
+ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+
+-->
+
+<jboss-identity xmlns="urn:picketlink:idm:config:v1_0_0_ga"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:picketlink:idm:config:v1_0_0_ga
identity-config.xsd">
+ <realms>
+ <realm>
+ <id>idm_realm_sample-portal</id>
+ <repository-id-ref>DefaultPortalRepository</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ <options>
+ <option>
+ <name>cache.providerRegistryName</name>
+ <value>apiCacheProvider</value>
+ </option>
+ </options>
+ </realm>
+ <realm>
+ <id>idm_realm</id>
+ <repository-id-ref>PortalRepository</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ <options>
+ <option>
+ <name>template</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>cache.providerRegistryName</name>
+ <value>apiCacheProvider</value>
+ </option>
+ </options>
+ </realm>
+ </realms>
+ <repositories>
+ <repository>
+ <id>PortalRepository</id>
+
<class>org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>HibernateStore</default-identity-store-id>
+
<default-attribute-store-id>HibernateStore</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>PortalLDAPStore</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>acme_roles_type</identity-object-type>
+ <identity-object-type>acme_ou_type</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>readOnly</name>
+ <value>true</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>DefaultPortalRepository</id>
+
<class>org.picketlink.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>HibernateStore</default-identity-store-id>
+
<default-attribute-store-id>HibernateStore</default-attribute-store-id>
+ </repository>
+ </repositories>
+ <stores>
+ <attribute-stores/>
+ <identity-stores>
+ <identity-store>
+ <id>HibernateStore</id>
+
<class>org.picketlink.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+ <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships/>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <option>
+ <name>hibernateSessionFactoryRegistryName</name>
+ <value>hibernateSessionFactory</value>
+ </option>
+ <option>
+ <name>populateRelationshipTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>populateIdentityObjectTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedIdentityObjectTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>isRealmAware</name>
+ <value>true</value>
+ </option>
+ </options>
+ </identity-store>
+ <identity-store>
+ <id>PortalLDAPStore</id>
+
<class>org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+ <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships/>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>firstName</name>
+ <mapping>cn</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>lastName</name>
+ <mapping>sn</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>uid</value>
+ </option>
+ <option>
+ <name>passwordAttributeName</name>
+ <value>userPassword</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=People,o=acme,dc=my-domain,dc=com</value>
+ </option>
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=inetOrgPerson</value>
+ <value>sn= </value>
+ <value>cn= </value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>acme_roles_type</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>acme_roles_type</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes>
+ <attribute>
+ <name>label</name>
+ <mapping>cn</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>true</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ </attributes>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Roles,o=acme,dc=my-domain,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>parentMembershipAttributePlaceholder</name>
+ <value>ou=placeholder,o=acme,dc=my-domain,dc=com</value>
+ </option>
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+
<value>member=ou=placeholder,o=acme,dc=my-domain,dc=com</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>acme_ou_type</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>acme_ou_type</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes>
+ <attribute>
+ <name>label</name>
+ <mapping>cn</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>true</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ </attributes>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=OrganizationUnits,o=acme,dc=my-domain,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributePlaceholder</name>
+ <value>ou=placeholder,o=acme,dc=my-domain,dc=com</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+
<value>member=ou=placeholder,o=acme,dc=my-domain,dc=com</value>
+ </option>
+ </options>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <option>
+ <name>providerURL</name>
+ <value>ldap://localhost:1389</value>
+ </option>
+ <option>
+ <name>adminDN</name>
+ <value>cn=Manager,dc=my-domain,dc=com</value>
+ </option>
+ <option>
+ <name>adminPassword</name>
+ <value>secret</value>
+ </option>
+ <option>
+ <name>searchTimeLimit</name>
+ <value>10000</value>
+ </option>
+ <option>
+ <name>createMissingContexts</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>sortExtensionSupported</name>
+ <value>false</value>
+ </option>
+ </options>
+ </identity-store>
+ </identity-stores>
+ </stores>
+ <options>
+ <option>
+ <name>defaultTemplate</name>
+ <value>idm_realm</value>
+ </option>
+ </options>
+</jboss-identity>
\ No newline at end of file
Copied:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-openldap-config.xml
(from rev 2370,
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-ldap-config.xml)
===================================================================
---
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-openldap-config.xml
(rev 0)
+++
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/examples/picketlink-idm-openldap-config.xml 2010-03-26
13:48:01 UTC (rev 2372)
@@ -0,0 +1,353 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ Copyright (C) 2009 eXo Platform SAS.
+
+ This is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as
+ published by the Free Software Foundation; either version 2.1 of
+ the License, or (at your option) any later version.
+
+ This software is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this software; if not, write to the Free
+ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+
+-->
+
+<jboss-identity xmlns="urn:picketlink:idm:config:v1_0_0_ga"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:picketlink:idm:config:v1_0_0_ga
identity-config.xsd">
+ <realms>
+ <realm>
+ <id>idm_realm_sample-portal</id>
+ <repository-id-ref>DefaultPortalRepository</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ <options>
+ <option>
+ <name>cache.providerRegistryName</name>
+ <value>apiCacheProvider</value>
+ </option>
+ </options>
+ </realm>
+ <realm>
+ <id>idm_realm</id>
+ <repository-id-ref>PortalRepository</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ <options>
+ <option>
+ <name>template</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>cache.providerRegistryName</name>
+ <value>apiCacheProvider</value>
+ </option>
+ </options>
+ </realm>
+ </realms>
+ <repositories>
+ <repository>
+ <id>PortalRepository</id>
+
<class>org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>HibernateStore</default-identity-store-id>
+
<default-attribute-store-id>HibernateStore</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>PortalLDAPStore</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>platform_type</identity-object-type>
+ <identity-object-type>organization_type</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>DefaultPortalRepository</id>
+
<class>org.picketlink.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>HibernateStore</default-identity-store-id>
+
<default-attribute-store-id>HibernateStore</default-attribute-store-id>
+ </repository>
+ </repositories>
+ <stores>
+ <attribute-stores/>
+ <identity-stores>
+ <identity-store>
+ <id>HibernateStore</id>
+
<class>org.picketlink.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+ <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships/>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <option>
+ <name>hibernateSessionFactoryRegistryName</name>
+ <value>hibernateSessionFactory</value>
+ </option>
+ <option>
+ <name>populateRelationshipTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>populateIdentityObjectTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedIdentityObjectTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>isRealmAware</name>
+ <value>true</value>
+ </option>
+ </options>
+ </identity-store>
+ <identity-store>
+ <id>PortalLDAPStore</id>
+
<class>org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+ <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships/>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>firstName</name>
+ <mapping>cn</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>lastName</name>
+ <mapping>sn</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>uid</value>
+ </option>
+ <option>
+ <name>passwordAttributeName</name>
+ <value>userPassword</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=People,o=portal,o=gatein,dc=my-domain,dc=com</value>
+ </option>
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=inetOrgPerson</value>
+ <value>sn= </value>
+ <value>cn= </value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>platform_type</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>platform_type</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Platform,o=portal,o=gatein,dc=my-domain,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributePlaceholder</name>
+
<value>ou=placeholder,o=portal,o=gatein,dc=my-domain,dc=com</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+
<value>member=ou=placeholder,o=portal,o=gatein,dc=my-domain,dc=com</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>organization_type</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>organization_type</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Organization,o=portal,o=gatein,dc=my-domain,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributePlaceholder</name>
+
<value>ou=placeholder,o=portal,o=gatein,dc=my-domain,dc=com</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+
<value>member=ou=placeholder,o=portal,o=gatein,dc=my-domain,dc=com</value>
+ </option>
+ </options>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <option>
+ <name>providerURL</name>
+ <value>ldap://localhost:1389</value>
+ </option>
+ <option>
+ <name>adminDN</name>
+ <value>cn=Manager,dc=my-domain,dc=com</value>
+ </option>
+ <option>
+ <name>adminPassword</name>
+ <value>secret</value>
+ </option>
+ <option>
+ <name>searchTimeLimit</name>
+ <value>10000</value>
+ </option>
+ <option>
+ <name>createMissingContexts</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>sortExtensionSupported</name>
+ <value>false</value>
+ </option>
+ </options>
+ </identity-store>
+ </identity-stores>
+ </stores>
+ <options>
+ <option>
+ <name>defaultTemplate</name>
+ <value>idm_realm</value>
+ </option>
+ </options>
+</jboss-identity>
\ No newline at end of file