gatein SVN: r1301 - in portal/trunk: component/identity/src/main/java/org/exoplatform/services/organization/idm and 5 other directories.
1:39 p.m.
Author: bdaw
Date: 2010-01-14 14:39:39 -0500 (Thu, 14 Jan 2010)
New Revision: 1301
Added:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/Config.java
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/ExtGroup.java
Removed:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/default-ldap.ldif
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/GroupDAOImpl.java
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/MembershipDAOImpl.java
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/PicketLinkIDMOrganizationServiceImpl.java
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/UserDAOImpl.java
portal/trunk/component/identity/src/test/java/conf/portal/idm-configuration.xml
portal/trunk/pom.xml
portal/trunk/web/portal/src/main/webapp/WEB-INF/classes/picketlink-idm/mappings/HibernateIdentityObjectRelationshipName.hbm.xml
portal/trunk/web/portal/src/main/webapp/WEB-INF/classes/picketlink-idm/sybase-mappings/HibernateIdentityObjectRelationshipName.hbm.xml
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/picketlink-idm-config.xml
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/picketlink-idm-ldap-config.xml
Log:
- PicketLink IDM integration improvements
Added:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/Config.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/Config.java
(rev 0)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/Config.java 2010-01-14
19:39:39 UTC (rev 1301)
@@ -0,0 +1,230 @@
+package org.exoplatform.services.organization.idm;
+
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+/*
+* JBoss, a division of Red Hat
+* Copyright 2010, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+public class Config
+{
+
+ private Map<String, String> groupTypeMappings = new HashMap<String,
String>();
+
+ private boolean useParentIdAsGroupType = false;
+
+ private boolean passwordAsAttribute = false;
+
+ private String defaultGroupType = "GTN_GROUP_TYPE";
+
+ private String rootGroupName = "GTN_ROOT_GROUP";
+
+ private String pathSeparator = ".";
+
+ private boolean forceMembershipOfMappedTypes = false;
+
+ public Config()
+ {
+ }
+
+
+ public String getGroupType(String parentId)
+ {
+
+
+ if (parentId == null || parentId.length() == 0)
+ {
+ parentId = "/";
+ }
+
+
+
+ if (!useParentIdAsGroupType)
+ {
+ String type =_getGroupType(parentId, true, true, true);
+ if (type != null)
+ {
+ return type;
+ }
+ return getDefaultGroupType();
+ }
+
+
+ // Search for exact match in mappings
+ String type = _getGroupType(parentId, false, true, true);
+
+ // If not then check for inherited type
+ if (type == null)
+ {
+ type = _getGroupType(parentId, true, false, true);
+ }
+
+ // If not then prepare type from this id
+ if (type == null)
+ {
+ type = convertType(parentId);
+ }
+
+ return type;
+
+ }
+
+ private String _getGroupType(String parentId, boolean checkParents, boolean
matchExact, boolean matchInherited)
+ {
+
+
+ if (matchExact && getGroupTypeMappings().keySet().contains(parentId))
+ {
+ return getGroupTypeMappings().get(parentId);
+ }
+
+ String id = !parentId.equals("/") ? parentId + "/*" :
"/*";
+
+ if (matchInherited && getGroupTypeMappings().keySet().contains(id))
+ {
+ return getGroupTypeMappings().get(id);
+ }
+
+
+ if (checkParents && !parentId.equals("/") &&
parentId.contains("/"))
+ {
+ String newParentId = parentId.substring(0,
parentId.lastIndexOf("/"));
+ return getGroupType(newParentId);
+ }
+
+ return null;
+ }
+
+ public String getParentId(String type)
+ {
+ for (Map.Entry<String, String> entry : groupTypeMappings.entrySet())
+ {
+ if (entry.getValue().equals(type))
+ {
+ return entry.getKey();
+ }
+ }
+
+ return null;
+ }
+
+ Set<String> getTypes(String id)
+ {
+ HashSet<String> types = new HashSet<String>();
+
+ for (String key : groupTypeMappings.keySet())
+ {
+ if (key.startsWith("id"))
+ {
+ types.add(groupTypeMappings.get(key));
+ }
+ }
+
+ return types;
+ }
+
+ Set<String> getAllTypes()
+ {
+ HashSet<String> types = new
HashSet<String>(groupTypeMappings.values());
+
+ return types;
+
+ }
+
+ private String convertType(String type)
+ {
+
+ return type.replaceAll("/", pathSeparator);
+ }
+
+
+ public boolean isUseParentIdAsGroupType()
+ {
+ return useParentIdAsGroupType;
+ }
+
+ public void setUseParentIdAsGroupType(boolean useParentIdAsGroupType)
+ {
+ this.useParentIdAsGroupType = useParentIdAsGroupType;
+ }
+
+ public String getDefaultGroupType()
+ {
+ return defaultGroupType;
+ }
+
+ public void setDefaultGroupType(String defaultGroupType)
+ {
+ this.defaultGroupType = defaultGroupType;
+ }
+
+ public String getRootGroupName()
+ {
+ return rootGroupName;
+ }
+
+ public void setRootGroupName(String rootGroupName)
+ {
+ this.rootGroupName = rootGroupName;
+ }
+
+ public void setGroupTypeMappings(Map<String, String> groupTypeMappings)
+ {
+ this.groupTypeMappings = groupTypeMappings;
+ }
+
+ public Map<String, String> getGroupTypeMappings()
+ {
+ return groupTypeMappings;
+ }
+
+ public boolean isPasswordAsAttribute()
+ {
+ return passwordAsAttribute;
+ }
+
+ public void setPasswordAsAttribute(boolean passwordAsAttribute)
+ {
+ this.passwordAsAttribute = passwordAsAttribute;
+ }
+
+ public String getPathSeparator()
+ {
+ return pathSeparator;
+ }
+
+ public void setPathSeparator(String pathSeparator)
+ {
+ this.pathSeparator = pathSeparator;
+ }
+
+ public boolean isForceMembershipOfMappedTypes()
+ {
+ return forceMembershipOfMappedTypes;
+ }
+
+ public void setForceMembershipOfMappedTypes(boolean forceMembershipOfMappedTypes)
+ {
+ this.forceMembershipOfMappedTypes = forceMembershipOfMappedTypes;
+ }
+}
Added:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/ExtGroup.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/ExtGroup.java
(rev 0)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/ExtGroup.java 2010-01-14
19:39:39 UTC (rev 1301)
@@ -0,0 +1,153 @@
+/*
+* JBoss, a division of Red Hat
+* Copyright 2010, Red Hat Middleware, LLC, and individual contributors as indicated
+* by the @authors tag. See the copyright.txt in the distribution for a
+* full listing of individual contributors.
+*
+* This is free software; you can redistribute it and/or modify it
+* under the terms of the GNU Lesser General Public License as
+* published by the Free Software Foundation; either version 2.1 of
+* the License, or (at your option) any later version.
+*
+* This software is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+* Lesser General Public License for more details.
+*
+* You should have received a copy of the GNU Lesser General Public
+* License along with this software; if not, write to the Free
+* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+*/
+
+package org.exoplatform.services.organization.idm;
+
+import org.exoplatform.services.organization.Group;
+
+public class ExtGroup implements Group
+{
+ private String id;
+
+ private String parentId;
+
+ private String groupName;
+
+ private String label;
+
+ private String desc;
+
+ public ExtGroup()
+ {
+
+ }
+
+ public ExtGroup(String name)
+ {
+ groupName = name;
+ }
+
+ public String getId()
+ {
+ return id;
+ }
+
+ public void setId(String id)
+ {
+ this.id = id;
+ }
+
+ public String getParentId()
+ {
+ return parentId;
+ }
+
+ public void setParentId(String parentId)
+ {
+ this.parentId = parentId;
+ }
+
+ public String getGroupName()
+ {
+ return groupName;
+ }
+
+ public void setGroupName(String name)
+ {
+ this.groupName = name;
+ }
+
+ public String getLabel()
+ {
+ return label;
+ }
+
+ public void setLabel(String s)
+ {
+ label = s;
+ }
+
+ public String getDescription()
+ {
+ return desc;
+ }
+
+ public void setDescription(String s)
+ {
+ desc = s;
+ }
+
+
+ public String toString()
+ {
+ return "Group[" + id + "|" + groupName + "]";
+ }
+
+ @Override
+ public boolean equals(Object o)
+ {
+ if (this == o)
+ {
+ return true;
+ }
+ if (!(o instanceof ExtGroup))
+ {
+ return false;
+ }
+
+ ExtGroup extGroup = (ExtGroup)o;
+
+ if (desc != null ? !desc.equals(extGroup.desc) : extGroup.desc != null)
+ {
+ return false;
+ }
+ if (groupName != null ? !groupName.equals(extGroup.groupName) : extGroup.groupName
!= null)
+ {
+ return false;
+ }
+ if (id != null ? !id.equals(extGroup.id) : extGroup.id != null)
+ {
+ return false;
+ }
+ if (label != null ? !label.equals(extGroup.label) : extGroup.label != null)
+ {
+ return false;
+ }
+ if (parentId != null ? !parentId.equals(extGroup.parentId) : extGroup.parentId !=
null)
+ {
+ return false;
+ }
+
+ return true;
+ }
+
+ @Override
+ public int hashCode()
+ {
+ int result = id != null ? id.hashCode() : 0;
+ result = 31 * result + (parentId != null ? parentId.hashCode() : 0);
+ result = 31 * result + (groupName != null ? groupName.hashCode() : 0);
+ result = 31 * result + (label != null ? label.hashCode() : 0);
+ result = 31 * result + (desc != null ? desc.hashCode() : 0);
+ return result;
+ }
+}
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/GroupDAOImpl.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/GroupDAOImpl.java 2010-01-14
17:44:18 UTC (rev 1300)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/GroupDAOImpl.java 2010-01-14
19:39:39 UTC (rev 1301)
@@ -22,7 +22,6 @@
import org.exoplatform.services.organization.Group;
import org.exoplatform.services.organization.GroupEventListener;
import org.exoplatform.services.organization.GroupHandler;
-import org.exoplatform.services.organization.impl.GroupImpl;
import org.picketlink.idm.api.Attribute;
import org.picketlink.idm.api.IdentitySession;
import org.picketlink.idm.impl.api.SimpleAttribute;
@@ -63,7 +62,7 @@
final public Group createGroupInstance()
{
- return new GroupImpl();
+ return new ExtGroup();
}
public void createGroup(Group group, boolean broadcast) throws Exception
@@ -78,13 +77,14 @@
if (parent != null)
{
parentGroup =
- getIdentitySession().getPersistenceManager().findGroup(parent.getGroupName(),
orgService.getGtnGroupType());
- ((GroupImpl)child).setId(parent.getId() + "/" +
child.getGroupName());
+ getIdentitySession().getPersistenceManager().
+ findGroup(parent.getGroupName(),
orgService.getConfiguration().getGroupType(parent.getParentId()));
+ ((ExtGroup)child).setId(parent.getId() + "/" + child.getGroupName());
}
else
{
- ((GroupImpl)child).setId("/" + child.getGroupName());
+ ((ExtGroup)child).setId("/" + child.getGroupName());
}
if (broadcast)
@@ -92,12 +92,15 @@
preSave(child, true);
}
+ if (parentGroup != null)
+ {
+ ((ExtGroup)child).setParentId(parent.getId());
+ }
org.picketlink.idm.api.Group childGroup = persistGroup(child);
if (parentGroup != null)
{
getIdentitySession().getRelationshipManager().associateGroups(parentGroup,
childGroup);
- ((GroupImpl)child).setParentId(parent.getId());
}
else
@@ -133,7 +136,8 @@
}
org.picketlink.idm.api.Group jbidGroup =
- getIdentitySession().getPersistenceManager().findGroup(group.getGroupName(),
orgService.getGtnGroupType());
+ getIdentitySession().getPersistenceManager().
+ findGroup(group.getGroupName(),
orgService.getConfiguration().getGroupType(group.getParentId()));
if (jbidGroup == null)
{
@@ -143,12 +147,10 @@
// MembershipDAOImpl.removeMembershipEntriesOfGroup(group,
getIdentitySession());
Collection<org.picketlink.idm.api.Group> oneLevelChilds =
- getIdentitySession().getRelationshipManager().findAssociatedGroups(jbidGroup,
orgService.getGtnGroupType(),
- true, false);
+ getIdentitySession().getRelationshipManager().findAssociatedGroups(jbidGroup,
null, true, false);
Collection<org.picketlink.idm.api.Group> allChilds =
- getIdentitySession().getRelationshipManager().findAssociatedGroups(jbidGroup,
orgService.getGtnGroupType(),
- true, true);
+ getIdentitySession().getRelationshipManager().findAssociatedGroups(jbidGroup,
null, true, true);
getIdentitySession().getRelationshipManager().disassociateGroups(jbidGroup,
oneLevelChilds);
@@ -180,7 +182,8 @@
}
- return exoGroups;
+ // UI has hardcoded casts to List
+ return new LinkedList<Group>(exoGroups);
}
//
@@ -208,7 +211,8 @@
else
{
jbidGroup =
- getIdentitySession().getPersistenceManager().findGroup(parent.getGroupName(),
orgService.getGtnGroupType());
+ getIdentitySession().getPersistenceManager().
+ findGroup(parent.getGroupName(),
orgService.getConfiguration().getGroupType(parent.getParentId()));
}
if (jbidGroup == null)
@@ -216,20 +220,39 @@
return Collections.emptyList();
}
- Collection<org.picketlink.idm.api.Group> allGroups =
- getIdentitySession().getRelationshipManager().findAssociatedGroups(jbidGroup,
orgService.getGtnGroupType(),
- true, false);
+ String parentId = parent == null ? null : parent.getParentId();
- List<Group> exoGroups = new LinkedList<Group>();
+ Set<org.picketlink.idm.api.Group> plGroups = new
HashSet<org.picketlink.idm.api.Group>();
- for (org.picketlink.idm.api.Group group : allGroups)
+
+ plGroups.addAll(getIdentitySession().getRelationshipManager().
+ findAssociatedGroups(jbidGroup, null, true, false));
+
+ // Get members of all types mapped below the parent group id path.
+ if (orgService.getConfiguration().isForceMembershipOfMappedTypes())
{
+
+ String id = parent != null ? parent.getId() : "/";
+
+ for (String type : orgService.getConfiguration().getTypes(id))
+ {
+ plGroups
+ .addAll(getIdentitySession().getPersistenceManager().findGroup(type));
+ }
+ }
+
+ Set<Group> exoGroups = new HashSet<Group>();
+
+ for (org.picketlink.idm.api.Group group : plGroups)
+ {
exoGroups.add(convertGroup(group));
}
- return exoGroups;
+ // UI has hardcoded casts to List
+ return new LinkedList<Group>(exoGroups);
+
}
public Collection findGroupsOfUser(String user) throws Exception
@@ -251,7 +274,7 @@
}
Collection<org.picketlink.idm.api.Group> allGroups =
- getIdentitySession().getRelationshipManager().findRelatedGroups(user,
orgService.getGtnGroupType(), null);
+ getIdentitySession().getRelationshipManager().findRelatedGroups(user, null,
null);
List<Group> exoGroups = new LinkedList<Group>();
@@ -266,22 +289,32 @@
public Collection getAllGroups() throws Exception
{
- Collection<org.picketlink.idm.api.Group> allGroups =
-
getIdentitySession().getPersistenceManager().findGroup(orgService.getGtnGroupType());
- List<Group> exoGroups = new LinkedList<Group>();
+ Set<org.picketlink.idm.api.Group> plGroups = new
HashSet<org.picketlink.idm.api.Group>();
- for (org.picketlink.idm.api.Group group : allGroups)
+ plGroups
+
.addAll(getIdentitySession().getRelationshipManager().findAssociatedGroups(getRootGroup(),
null, true, true));
+
+ // Check for all type groups mapped as part of the group tree but not connected
with the root group by association
+ if (orgService.getConfiguration().isForceMembershipOfMappedTypes())
{
- if (!orgService.getGtnGroupType().equals(orgService.getGtnRootGroupType())
- || !group.getName().equals(orgService.getExoRootGroupName()))
+ for (String type : orgService.getConfiguration().getAllTypes())
{
- exoGroups.add(convertGroup(group));
+ plGroups
+ .addAll(getIdentitySession().getPersistenceManager().findGroup(type));
}
+ }
+ Set<Group> exoGroups = new HashSet<Group>();
+
+ for (org.picketlink.idm.api.Group group : plGroups)
+ {
+ exoGroups.add(convertGroup(group));
}
- return exoGroups;
+ // UI has hardcoded casts to List
+ return new LinkedList<Group>(exoGroups);
+
}
private void preSave(Group group, boolean isNew) throws Exception
@@ -316,25 +349,25 @@
}
}
- public Group getGroup(String groupName) throws Exception
- {
- org.picketlink.idm.api.Group jbidGroup =
- getIdentitySession().getPersistenceManager().findGroup(groupName,
orgService.getGtnGroupType());
+// public Group getGroup(String groupName) throws Exception
+// {
+// org.picketlink.idm.api.Group jbidGroup =
+// getIdentitySession().getPersistenceManager().findGroup(groupName,
orgService.getGtnGroupType());
+//
+// if (jbidGroup == null)
+// {
+// return null;
+// }
+//
+// return convertGroup(jbidGroup);
+//
+// }
- if (jbidGroup == null)
- {
- return null;
- }
-
- return convertGroup(jbidGroup);
-
- }
-
- private Group convertGroup(org.picketlink.idm.api.Group jbidGroup) throws Exception
+ protected Group convertGroup(org.picketlink.idm.api.Group jbidGroup) throws Exception
{
Map<String, Attribute> attrs =
getIdentitySession().getAttributesManager().getAttributes(jbidGroup);
- GroupImpl exoGroup = new GroupImpl(jbidGroup.getName());
+ ExtGroup exoGroup = new ExtGroup(jbidGroup.getName());
if (attrs.containsKey(GROUP_DESCRIPTION) &&
attrs.get(GROUP_DESCRIPTION).getValue() != null)
{
@@ -346,53 +379,51 @@
}
// Resolve full ID
- String id = getGroupId(jbidGroup.getName());
+ String id = getGroupId(jbidGroup);
exoGroup.setId(id);
+ // child of root
if (id.length() == jbidGroup.getName().length() + 1)
{
exoGroup.setParentId(null);
}
- else
+ else if (!id.equals("") && !id.equals("/"))
{
- exoGroup.setParentId(id.substring(0, id.length() - jbidGroup.getName().length()
- 1));
+
+ exoGroup.setParentId(id.substring(0, id.lastIndexOf("/")));
}
return exoGroup;
}
- private String getGroupId(String groupName) throws Exception
+ private String getGroupId(org.picketlink.idm.api.Group jbidGroup) throws Exception
{
- if (groupName.equals(orgService.getExoRootGroupName()))
+ if (jbidGroup.getName().equals(orgService.getConfiguration().getRootGroupName()))
{
return "";
}
- org.picketlink.idm.api.Group jbidGroup =
- getIdentitySession().getPersistenceManager().findGroup(groupName,
orgService.getGtnGroupType());
-
Collection<org.picketlink.idm.api.Group> parents =
- getIdentitySession().getRelationshipManager().findAssociatedGroups(jbidGroup,
orgService.getGtnGroupType(),
- false, false);
+ getIdentitySession().getRelationshipManager().findAssociatedGroups(jbidGroup,
null, false, false);
if (parents.size() > 1)
{
- throw new IllegalStateException("Group has more than one parent: " +
groupName);
+ throw new IllegalStateException("Group has more than one parent: " +
jbidGroup.getName());
}
if (parents.size() == 0)
{
//As there is special root group this shouldn't happen:
- throw new IllegalStateException("Group present that is not connected to the
root: " + groupName);
+ throw new IllegalStateException("Group present that is not connected to the
root: " + jbidGroup.getName());
// This group is at the root
//return "/" + groupName;
}
- String parentGroupId =
getGroupId(((org.picketlink.idm.api.Group)parents.iterator().next()).getName());
+ String parentGroupId =
getGroupId(((org.picketlink.idm.api.Group)parents.iterator().next()));
- return parentGroupId + "/" + groupName;
+ return parentGroupId + "/" + jbidGroup.getName();
}
@@ -400,13 +431,14 @@
{
org.picketlink.idm.api.Group jbidGroup =
- getIdentitySession().getPersistenceManager().findGroup(exoGroup.getGroupName(),
orgService.getGtnGroupType());
+ getIdentitySession().getPersistenceManager().
+ findGroup(exoGroup.getGroupName(),
orgService.getConfiguration().getGroupType(exoGroup.getParentId()));
if (jbidGroup == null)
{
jbidGroup =
-
getIdentitySession().getPersistenceManager().createGroup(exoGroup.getGroupName(),
- orgService.getGtnGroupType());
+ getIdentitySession().getPersistenceManager().
+ createGroup(exoGroup.getGroupName(),
orgService.getConfiguration().getGroupType(exoGroup.getParentId()));
}
String description = exoGroup.getDescription();
@@ -444,16 +476,20 @@
private org.picketlink.idm.api.Group getRootGroup() throws Exception
{
org.picketlink.idm.api.Group rootGroup =
-
getIdentitySession().getPersistenceManager().findGroup(orgService.getExoRootGroupName(),
- orgService.getGtnRootGroupType());
+ getIdentitySession().getPersistenceManager().
+ findGroup(orgService.getConfiguration().getRootGroupName(),
orgService.getConfiguration().getGroupType("/"));
if (rootGroup == null)
{
rootGroup =
-
getIdentitySession().getPersistenceManager().createGroup(orgService.getExoRootGroupName(),
- orgService.getGtnRootGroupType());
+ getIdentitySession().getPersistenceManager().
+ createGroup(
+ orgService.getConfiguration().getRootGroupName(),
+ orgService.getConfiguration().getGroupType("/"));
}
return rootGroup;
}
+
+
}
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/MembershipDAOImpl.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/MembershipDAOImpl.java 2010-01-14
17:44:18 UTC (rev 1300)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/MembershipDAOImpl.java 2010-01-14
19:39:39 UTC (rev 1301)
@@ -102,7 +102,8 @@
}
String groupId =
- getIdentitySession().getPersistenceManager().createGroupKey(g.getGroupName(),
orgService.getGtnGroupType());
+ getIdentitySession().getPersistenceManager().
+ createGroupKey(g.getGroupName(),
orgService.getConfiguration().getGroupType(g.getParentId()));
if (getIdentitySession().getRoleManager().hasRole(user.getUserName(), groupId,
mt.getName()))
{
@@ -131,8 +132,8 @@
public void saveMembership(Membership m, boolean broadcast) throws Exception
{
String groupId =
-
getIdentitySession().getPersistenceManager().createGroupKey(getGroupNameFromId(m.getGroupId()),
- orgService.getGtnGroupType());
+ getIdentitySession().getPersistenceManager().
+ createGroupKey(getGroupNameFromId(m.getGroupId()),
getGroupTypeFromId(m.getGroupId()));
if (getIdentitySession().getRoleManager().hasRole(m.getUserName(), groupId,
m.getMembershipType()))
{
@@ -158,8 +159,8 @@
Membership m = new MembershipImpl(id);
String groupId =
-
getIdentitySession().getPersistenceManager().createGroupKey(getGroupNameFromId(m.getGroupId()),
- orgService.getGtnGroupType());
+ getIdentitySession().getPersistenceManager().
+ createGroupKey(getGroupNameFromId(m.getGroupId()),
getGroupTypeFromId(m.getGroupId()));
if (!getIdentitySession().getRoleManager().hasRole(m.getUserName(), groupId,
m.getMembershipType()))
{
@@ -191,7 +192,7 @@
for (Role role : roles)
{
MembershipImpl m = new MembershipImpl();
- Group g =
((GroupDAOImpl)orgService.getGroupHandler()).getGroup(role.getGroup().getName());
+ Group g =
((GroupDAOImpl)orgService.getGroupHandler()).convertGroup(role.getGroup());
m.setGroupId(g.getId());
m.setUserName(role.getUser().getId());
m.setMembershipType(role.getRoleType().getName());
@@ -218,8 +219,8 @@
public Membership findMembershipByUserGroupAndType(String userName, String groupId,
String type) throws Exception
{
String gid =
-
getIdentitySession().getPersistenceManager().createGroupKey(getGroupNameFromId(groupId),
- orgService.getGtnGroupType());
+ getIdentitySession().getPersistenceManager().
+ createGroupKey(getGroupNameFromId(groupId), getGroupTypeFromId(groupId));
Role role = getIdentitySession().getRoleManager().getRole(type, userName, gid);
@@ -245,8 +246,8 @@
}
String gid =
-
getIdentitySession().getPersistenceManager().createGroupKey(getGroupNameFromId(groupId),
- orgService.getGtnGroupType());
+ getIdentitySession().getPersistenceManager().
+ createGroupKey(getGroupNameFromId(groupId), getGroupTypeFromId(groupId));
Collection<RoleType> roleTypes =
getIdentitySession().getRoleManager().findRoleTypes(userName, gid, null);
@@ -275,7 +276,7 @@
for (Role role : roles)
{
MembershipImpl m = new MembershipImpl();
- Group g =
((GroupDAOImpl)orgService.getGroupHandler()).getGroup(role.getGroup().getName());
+ Group g =
((GroupDAOImpl)orgService.getGroupHandler()).convertGroup(role.getGroup());
m.setGroupId(g.getId());
m.setUserName(role.getUser().getId());
m.setMembershipType(role.getRoleType().getName());
@@ -288,7 +289,8 @@
static void removeMembershipEntriesOfGroup(PicketLinkIDMOrganizationServiceImpl
orgService, Group group,
IdentitySession session) throws Exception
{
- String gid = session.getPersistenceManager().createGroupKey(group.getGroupName(),
orgService.getGtnGroupType());
+ String gid = session.getPersistenceManager().
+ createGroupKey(group.getGroupName(),
orgService.getConfiguration().getGroupType(group.getParentId()));
Collection<Role> roles = session.getRoleManager().findRoles(gid, null);
@@ -307,7 +309,7 @@
{
String gid =
getIdentitySession().getPersistenceManager().createGroupKey(getGroupNameFromId(groupId),
- orgService.getGtnGroupType());
+ getGroupTypeFromId(groupId));
Collection<Role> roles = getIdentitySession().getRoleManager().findRoles(gid,
null);
@@ -317,7 +319,7 @@
for (Role role : roles)
{
MembershipImpl m = new MembershipImpl();
- Group g =
((GroupDAOImpl)orgService.getGroupHandler()).getGroup(role.getGroup().getName());
+ Group g =
((GroupDAOImpl)orgService.getGroupHandler()).convertGroup(role.getGroup());
m.setGroupId(g.getId());
m.setUserName(role.getUser().getId());
m.setMembershipType(role.getRoleType().getName());
@@ -334,7 +336,7 @@
String groupId =
getIdentitySession().getPersistenceManager().createGroupKey(getGroupNameFromId(m.getGroupId()),
- orgService.getGtnGroupType());
+ getGroupTypeFromId(m.getGroupId()));
if (getIdentitySession().getRoleManager().hasRole(m.getUserName(), groupId,
m.getMembershipType()))
{
@@ -391,4 +393,12 @@
return ids[ids.length - 1];
}
+
+ private String getGroupTypeFromId(String groupId)
+ {
+
+ String parentId = groupId.substring(0, groupId.lastIndexOf("/"));
+
+ return orgService.getConfiguration().getGroupType(parentId);
+ }
}
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/PicketLinkIDMOrganizationServiceImpl.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/PicketLinkIDMOrganizationServiceImpl.java 2010-01-14
17:44:18 UTC (rev 1300)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/PicketLinkIDMOrganizationServiceImpl.java 2010-01-14
19:39:39 UTC (rev 1301)
@@ -23,6 +23,8 @@
import org.exoplatform.container.component.ComponentRequestLifecycle;
import org.exoplatform.container.component.RequestLifeCycle;
import org.exoplatform.container.xml.InitParams;
+import org.exoplatform.container.xml.ObjectParam;
+import org.exoplatform.container.xml.ObjectParameter;
import org.exoplatform.container.xml.ValueParam;
import org.exoplatform.services.cache.CacheService;
import org.exoplatform.services.organization.BaseOrganizationService;
@@ -39,22 +41,10 @@
// private static PicketLinkIDMService jbidmService_;
private PicketLinkIDMService idmService_;
- public static final String GTN_GROUP_TYPE_OPTION = "gtnGroupTypeName";
+ public static final String CONFIGURATION_OPTION = "configuration";
- public static final String GTN_ROOT_GROUP_NAME_OPTION = "gtnRootGroupName";
+ private Config configuration = new Config();
- public static final String GTN_ROOT_GROUP_TYPE_NAME_OPTION =
"gtnRootGroupTypeName";
-
- public static final String PASSWORD_AS_ATTRIBUTE_OPTION =
"passwordAsAttribute";
-
- private String gtnGroupType = "GTN_GROUP_TYPE";
-
- private String gtnRootGroupName = "GTN_ROOT_GROUP";
-
- private String gtnRootGroupType = gtnGroupType;
-
- private boolean passwordAsAttribute = false;
-
public PicketLinkIDMOrganizationServiceImpl(InitParams params, CacheService cservice,
PicketLinkIDMService idmService)
throws Exception
{
@@ -69,34 +59,13 @@
if (params != null)
{
//Options
- ValueParam gtnGroupTypeNameParam = params.getValueParam(GTN_GROUP_TYPE_OPTION);
- ValueParam gtnRootGroupTypeNameParam =
params.getValueParam(GTN_ROOT_GROUP_TYPE_NAME_OPTION);
- ValueParam gtnRootGroupNameParam =
params.getValueParam(GTN_ROOT_GROUP_NAME_OPTION);
- ValueParam passwordAsAttributeParam =
params.getValueParam(PASSWORD_AS_ATTRIBUTE_OPTION);
+ ObjectParameter configurationParam =
params.getObjectParam(CONFIGURATION_OPTION);
- if (gtnGroupTypeNameParam != null)
+ if (configurationParam != null)
{
- this.gtnGroupType = gtnGroupTypeNameParam.getValue();
+ this.configuration = (Config)configurationParam.getObject();
}
- if (gtnRootGroupNameParam != null)
- {
- this.gtnRootGroupName = gtnRootGroupNameParam.getValue();
- }
-
- if (gtnRootGroupTypeNameParam != null)
- {
- this.gtnRootGroupType = gtnRootGroupTypeNameParam.getValue();
- }
- else if (gtnRootGroupTypeNameParam != null)
- {
- this.gtnRootGroupType = this.gtnGroupType;
- }
-
- if (passwordAsAttributeParam != null &&
passwordAsAttributeParam.getValue().equalsIgnoreCase("true"))
- {
- this.passwordAsAttribute = true;
- }
}
}
@@ -105,7 +74,13 @@
{
String[] ids = groupId.split("/");
String name = ids[ids.length - 1];
- return idmService_.getIdentitySession().getPersistenceManager().findGroup(name,
getGtnGroupType());
+ String parentId = null;
+ if (groupId.contains("/"))
+ {
+ parentId = groupId.substring(0, groupId.lastIndexOf("/"));
+ }
+ return idmService_.getIdentitySession().getPersistenceManager().
+ findGroup(name, getConfiguration().getGroupType(parentId));
}
@Override
@@ -114,15 +89,11 @@
try
{
- // Wrap within transaction so all initializers can work
-// idmService_.getIdentitySession().beginTransaction();
RequestLifeCycle.begin(this);
super.start();
-// idmService_.getIdentitySession().getTransaction().commit();
-
}
catch (Exception e)
{
@@ -182,23 +153,14 @@
}
}
- public String getGtnGroupType()
- {
- return gtnGroupType;
- }
- public String getExoRootGroupName()
+ public Config getConfiguration()
{
- return gtnRootGroupName;
+ return configuration;
}
- public String getGtnRootGroupType()
+ public void setConfiguration(Config configuration)
{
- return gtnRootGroupType;
+ this.configuration = configuration;
}
-
- public boolean isPasswordAsAttribute()
- {
- return passwordAsAttribute;
- }
}
Modified:
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/UserDAOImpl.java
===================================================================
---
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/UserDAOImpl.java 2010-01-14
17:44:18 UTC (rev 1300)
+++
portal/trunk/component/identity/src/main/java/org/exoplatform/services/organization/idm/UserDAOImpl.java 2010-01-14
19:39:39 UTC (rev 1301)
@@ -219,7 +219,7 @@
boolean authenticated = false;
- if (orgService.isPasswordAsAttribute())
+ if (orgService.getConfiguration().isPasswordAsAttribute())
{
authenticated = user.getPassword().equals(password);
}
@@ -347,7 +347,7 @@
}
if (user.getPassword() != null)
{
- if (orgService.isPasswordAsAttribute())
+ if (orgService.getConfiguration().isPasswordAsAttribute())
{
attributes.add(new SimpleAttribute(USER_PASSWORD, user.getPassword()));
}
Modified: portal/trunk/component/identity/src/test/java/conf/portal/idm-configuration.xml
===================================================================
---
portal/trunk/component/identity/src/test/java/conf/portal/idm-configuration.xml 2010-01-14
17:44:18 UTC (rev 1300)
+++
portal/trunk/component/identity/src/test/java/conf/portal/idm-configuration.xml 2010-01-14
19:39:39 UTC (rev 1301)
@@ -24,23 +24,53 @@
xsi:schemaLocation="http://www.exoplaform.org/xml/ns/kernel_1_0.xsd
http://www.exoplaform.org/xml/ns/kernel_1_0.xsd"
xmlns="http://www.exoplaform.org/xml/ns/kernel_1_0.xsd">
- <component>
-
<key>org.exoplatform.services.organization.idm.PicketLinkIDMService</key>
-
<type>org.exoplatform.services.organization.idm.PicketLinkIDMServiceImpl</type>
- <init-params>
- <value-param>
- <name>config</name>
- <value>jar:/conf/portal/idm-config.xml</value>
- </value-param>
- </init-params>
- </component>
+ <component>
+
<key>org.exoplatform.services.organization.idm.PicketLinkIDMService</key>
+
<type>org.exoplatform.services.organization.idm.PicketLinkIDMServiceImpl</type>
+ <init-params>
+ <value-param>
+ <name>config</name>
+ <value>jar:/conf/portal/idm-config.xml</value>
+ </value-param>
+ </init-params>
+ </component>
- <component>
- <key>org.exoplatform.services.organization.OrganizationService</key>
-
<type>org.exoplatform.services.organization.idm.PicketLinkIDMOrganizationServiceImpl</type>
- </component>
+ <component>
+ <key>org.exoplatform.services.organization.OrganizationService</key>
+
<type>org.exoplatform.services.organization.idm.PicketLinkIDMOrganizationServiceImpl</type>
+ <init-params>
+ <object-param>
+ <name>configuration</name>
+ <object type="org.exoplatform.services.organization.idm.Config">
+ <field name="useParentIdAsGroupType">
+ <boolean>true</boolean>
+ </field>
+ <field name="groupTypeMappings">
+ <map type="java.util.HashMap">
+ <entry>
+ <key><string>/</string></key>
+ <value><string>root_type</string></value>
+ </entry>
+ <!--<entry>-->
+
<!--<key><string>/platform</string></key>-->
+
<!--<value><string>platform_type</string></value>-->
+ <!--</entry>-->
+ <!--<entry>-->
+
<!--<key><string>/platform/users</string></key>-->
+
<!--<value><string>users_type</string></value>-->
+ <!--</entry>-->
+ <!--<entry>-->
+
<!--<key><string>/organization/acme/france</string></key>-->
+
<!--<value><string>france_type</string></value>-->
+ <!--</entry>-->
+ </map>
+ </field>
+ </object>
+ </object-param>
+ </init-params>
+ </component>
- <component>
+ <component>
<key>org.exoplatform.services.database.HibernateService</key>
<jmx-name>database:type=HibernateService</jmx-name>
<type>org.exoplatform.services.database.impl.HibernateServiceImpl</type>
@@ -73,28 +103,28 @@
</init-params>
</component>
- <external-component-plugins>
-
<target-component>org.exoplatform.services.database.HibernateService</target-component>
- <component-plugin>
- <name>add.hibernate.mapping</name>
- <set-method>addPlugin</set-method>
-
<type>org.exoplatform.services.database.impl.AddHibernateMappingPlugin</type>
- <init-params>
- <values-param>
- <name>hibernate.mapping</name>
- <value>mappings/HibernateRealm.hbm.xml</value>
-
<value>mappings/HibernateIdentityObjectCredentialBinaryValue.hbm.xml</value>
-
<value>mappings/HibernateIdentityObjectAttributeBinaryValue.hbm.xml</value>
- <value>mappings/HibernateIdentityObject.hbm.xml</value>
-
<value>mappings/HibernateIdentityObjectCredential.hbm.xml</value>
-
<value>mappings/HibernateIdentityObjectCredentialType.hbm.xml</value>
-
<value>mappings/HibernateIdentityObjectAttribute.hbm.xml</value>
- <value>mappings/HibernateIdentityObjectType.hbm.xml</value>
-
<value>mappings/HibernateIdentityObjectRelationship.hbm.xml</value>
-
<value>mappings/HibernateIdentityObjectRelationshipType.hbm.xml</value>
-
<value>mappings/HibernateIdentityObjectRelationshipName.hbm.xml</value>
- </values-param>
- </init-params>
- </component-plugin>
- </external-component-plugins>
+ <external-component-plugins>
+
<target-component>org.exoplatform.services.database.HibernateService</target-component>
+ <component-plugin>
+ <name>add.hibernate.mapping</name>
+ <set-method>addPlugin</set-method>
+
<type>org.exoplatform.services.database.impl.AddHibernateMappingPlugin</type>
+ <init-params>
+ <values-param>
+ <name>hibernate.mapping</name>
+ <value>mappings/HibernateRealm.hbm.xml</value>
+
<value>mappings/HibernateIdentityObjectCredentialBinaryValue.hbm.xml</value>
+
<value>mappings/HibernateIdentityObjectAttributeBinaryValue.hbm.xml</value>
+ <value>mappings/HibernateIdentityObject.hbm.xml</value>
+ <value>mappings/HibernateIdentityObjectCredential.hbm.xml</value>
+
<value>mappings/HibernateIdentityObjectCredentialType.hbm.xml</value>
+ <value>mappings/HibernateIdentityObjectAttribute.hbm.xml</value>
+ <value>mappings/HibernateIdentityObjectType.hbm.xml</value>
+
<value>mappings/HibernateIdentityObjectRelationship.hbm.xml</value>
+
<value>mappings/HibernateIdentityObjectRelationshipType.hbm.xml</value>
+
<value>mappings/HibernateIdentityObjectRelationshipName.hbm.xml</value>
+ </values-param>
+ </init-params>
+ </component-plugin>
+ </external-component-plugins>
</configuration>
Modified: portal/trunk/pom.xml
===================================================================
--- portal/trunk/pom.xml 2010-01-14 17:44:18 UTC (rev 1300)
+++ portal/trunk/pom.xml 2010-01-14 19:39:39 UTC (rev 1301)
@@ -47,7 +47,7 @@
<org.gatein.common.version>2.0.0-CR03</org.gatein.common.version>
<org.gatein.wci.version>2.0.0-CR02</org.gatein.wci.version>
<org.gatein.pc.version>2.1.0-CR02</org.gatein.pc.version>
- <org.picketlink.idm>1.1.0.Beta1</org.picketlink.idm>
+ <org.picketlink.idm>1.1.0.Beta2</org.picketlink.idm>
<org.gatein.wsrp.version>1.0.0-Beta04</org.gatein.wsrp.version>
<org.gatein.mop.version>1.0.0-Beta13</org.gatein.mop.version>
<org.slf4j.version>1.5.6</org.slf4j.version>
Modified:
portal/trunk/web/portal/src/main/webapp/WEB-INF/classes/picketlink-idm/mappings/HibernateIdentityObjectRelationshipName.hbm.xml
===================================================================
---
portal/trunk/web/portal/src/main/webapp/WEB-INF/classes/picketlink-idm/mappings/HibernateIdentityObjectRelationshipName.hbm.xml 2010-01-14
17:44:18 UTC (rev 1300)
+++
portal/trunk/web/portal/src/main/webapp/WEB-INF/classes/picketlink-idm/mappings/HibernateIdentityObjectRelationshipName.hbm.xml 2010-01-14
19:39:39 UTC (rev 1301)
@@ -18,7 +18,6 @@
lazy="false">
<column name="NAME"
not-null="true"
- unique="true"
unique-key="id"/>
</property>
<map name="properties"
Modified:
portal/trunk/web/portal/src/main/webapp/WEB-INF/classes/picketlink-idm/sybase-mappings/HibernateIdentityObjectRelationshipName.hbm.xml
===================================================================
---
portal/trunk/web/portal/src/main/webapp/WEB-INF/classes/picketlink-idm/sybase-mappings/HibernateIdentityObjectRelationshipName.hbm.xml 2010-01-14
17:44:18 UTC (rev 1300)
+++
portal/trunk/web/portal/src/main/webapp/WEB-INF/classes/picketlink-idm/sybase-mappings/HibernateIdentityObjectRelationshipName.hbm.xml 2010-01-14
19:39:39 UTC (rev 1301)
@@ -18,7 +18,6 @@
lazy="false">
<column name="NAME"
not-null="true"
- unique="true"
unique-key="id"/>
</property>
<map name="properties"
Modified:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml
===================================================================
---
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml 2010-01-14
17:44:18 UTC (rev 1300)
+++
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/idm-configuration.xml 2010-01-14
19:39:39 UTC (rev 1301)
@@ -26,52 +26,113 @@
- <component>
-
<key>org.exoplatform.services.organization.idm.PicketLinkIDMService</key>
-
<type>org.exoplatform.services.organization.idm.PicketLinkIDMServiceImpl</type>
- <init-params>
- <value-param>
- <name>config</name>
-
<value>war:/conf/organization/picketlink-idm/picketlink-idm-config.xml</value>
- </value-param>
- <value-param>
- <name>portalRealm</name>
- <value>realm${container.name.suffix}</value>
- </value-param>
+ <component>
+
<key>org.exoplatform.services.organization.idm.PicketLinkIDMService</key>
+
<type>org.exoplatform.services.organization.idm.PicketLinkIDMServiceImpl</type>
+ <init-params>
+ <value-param>
+ <name>config</name>
+
<value>war:/conf/organization/picketlink-idm/picketlink-idm-config.xml</value>
- </init-params>
- </component>
+ <!--Sample LDAP config-->
+
<!--<value>war:/conf/organization/picketlink-idm/picketlink-idm-ldap-config.xml</value>-->
+ </value-param>
+ <value-param>
+ <name>portalRealm</name>
+ <value>realm${container.name.suffix}</value>
+ </value-param>
+ </init-params>
+ </component>
- <component>
- <key>org.exoplatform.services.organization.OrganizationService</key>
-
<type>org.exoplatform.services.organization.idm.PicketLinkIDMOrganizationServiceImpl</type>
- </component>
- <external-component-plugins>
-
<target-component>org.exoplatform.services.database.HibernateService</target-component>
- <component-plugin>
- <name>add.hibernate.mapping</name>
- <set-method>addPlugin</set-method>
-
<type>org.exoplatform.services.database.impl.AddHibernateMappingPlugin</type>
- <init-params>
- <values-param>
- <name>hibernate.mapping</name>
- <value>picketlink-idm/mappings/HibernateRealm.hbm.xml</value>
-
<value>picketlink-idm/mappings/HibernateIdentityObjectCredentialBinaryValue.hbm.xml</value>
-
<value>picketlink-idm/mappings/HibernateIdentityObjectAttributeBinaryValue.hbm.xml</value>
-
<value>picketlink-idm/mappings/HibernateIdentityObject.hbm.xml</value>
-
<value>picketlink-idm/mappings/HibernateIdentityObjectCredential.hbm.xml</value>
-
<value>picketlink-idm/mappings/HibernateIdentityObjectCredentialType.hbm.xml</value>
-
<value>picketlink-idm/mappings/HibernateIdentityObjectAttribute.hbm.xml</value>
-
<value>picketlink-idm/mappings/HibernateIdentityObjectType.hbm.xml</value>
-
<value>picketlink-idm/mappings/HibernateIdentityObjectRelationship.hbm.xml</value>
-
<value>picketlink-idm/mappings/HibernateIdentityObjectRelationshipType.hbm.xml</value>
-
<value>picketlink-idm/mappings/HibernateIdentityObjectRelationshipName.hbm.xml</value>
- </values-param>
- </init-params>
- </component-plugin>
- </external-component-plugins>
+ <component>
+ <key>org.exoplatform.services.organization.OrganizationService</key>
+
<type>org.exoplatform.services.organization.idm.PicketLinkIDMOrganizationServiceImpl</type>
+ <init-params>
+ <object-param>
+ <name>configuration</name>
+ <object type="org.exoplatform.services.organization.idm.Config">
+ <!-- For all ids not mapped with type in 'groupTypeMappings' use
parent id path
+ as a group type to store group in PicketLink IDM. The effect of setting
+ this option to false and not providing any mappings under
'groupTypeMappings' option
+ is that there can be only one group with a given name in all GateIn group
tree-->
+ <field name="useParentIdAsGroupType">
+ <boolean>true</boolean>
+ </field>
+ <!-- Group stored in PicketLink IDM with a type mapped in
'groupTypeMappings' will
+ automatically be member under mapped parent. Normally groups are linked
by
+ PicketLink IDM group association - such relationship won't be needed
then. It can
+ be set to false if all groups are added via GateIn APIs
+ This option may be useful with LDAP config as it will make (if set to
true) every entry
+ added to LDAP (not via GateIn management UI) appear in GateIn-->
+ <field name="forceMembershipOfMappedTypes">
+ <boolean>false</boolean>
+ </field>
+ <!-- When 'userParentIdAsGroupType is set to true this value will be
used to
+ replace all "/" chars in id. This is because "/" is
not allowed to be
+ used in group type name in PicketLink IDM-->
+ <field name="pathSeparator">
+ <string>.</string>
+ </field>
+ <!-- Name of a group stored in PicketLink IDM that acts as root group in
GateIn - "/" -->
+ <field name="rootGroupName">
+ <string>GTN_ROOT_GROUP</string>
+ </field>
+ <!-- Map groups added with GateIn API as a childs of a given group ID to be
stored with a given
+ group type name in PicketLink IDM. If parent ID ends with "/*"
then all child groups will
+ have the mapped group type. Otherwise only direct (first level) children
will use this type.
+ This can be leveraged by LDAP setup. Given LDAP DN configured in
PicketLink IDM to
+ store specific group type will then store one given branch in GateIn group
tree while
+ all other groups will remain in DB. -->
+ <field name="groupTypeMappings">
+ <map type="java.util.HashMap">
+ <entry>
+ <key><string>/</string></key>
+ <value><string>root_type</string></value>
+ </entry>
+ <!-- Uncomment for sample LDAP configuration -->
+ <!--<entry>-->
+
<!--<key><string>/platform/*</string></key>-->
+
<!--<value><string>platform_type</string></value>-->
+ <!--</entry>-->
+ <!--<entry>-->
+
<!--<key><string>/organization/*</string></key>-->
+
<!--<value><string>organization_type</string></value>-->
+ <!--</entry>-->
+ </map>
+ </field>
+ </object>
+ </object-param>
+ </init-params>
+ </component>
+
+ <external-component-plugins>
+
<target-component>org.exoplatform.services.database.HibernateService</target-component>
+ <component-plugin>
+ <name>add.hibernate.mapping</name>
+ <set-method>addPlugin</set-method>
+
<type>org.exoplatform.services.database.impl.AddHibernateMappingPlugin</type>
+ <init-params>
+ <values-param>
+ <name>hibernate.mapping</name>
+ <value>picketlink-idm/mappings/HibernateRealm.hbm.xml</value>
+
<value>picketlink-idm/mappings/HibernateIdentityObjectCredentialBinaryValue.hbm.xml</value>
+
<value>picketlink-idm/mappings/HibernateIdentityObjectAttributeBinaryValue.hbm.xml</value>
+
<value>picketlink-idm/mappings/HibernateIdentityObject.hbm.xml</value>
+
<value>picketlink-idm/mappings/HibernateIdentityObjectCredential.hbm.xml</value>
+
<value>picketlink-idm/mappings/HibernateIdentityObjectCredentialType.hbm.xml</value>
+
<value>picketlink-idm/mappings/HibernateIdentityObjectAttribute.hbm.xml</value>
+
<value>picketlink-idm/mappings/HibernateIdentityObjectType.hbm.xml</value>
+
<value>picketlink-idm/mappings/HibernateIdentityObjectRelationship.hbm.xml</value>
+
<value>picketlink-idm/mappings/HibernateIdentityObjectRelationshipType.hbm.xml</value>
+
<value>picketlink-idm/mappings/HibernateIdentityObjectRelationshipName.hbm.xml</value>
+ </values-param>
+ </init-params>
+ </component-plugin>
+ </external-component-plugins>
+
+
</configuration>
Deleted:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/default-ldap.ldif
===================================================================
---
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/default-ldap.ldif 2010-01-14
17:44:18 UTC (rev 1300)
+++
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/default-ldap.ldif 2010-01-14
19:39:39 UTC (rev 1301)
@@ -1,35 +0,0 @@
-dn: o=gatein,dc=example,dc=com
-objectclass: top
-objectclass: organization
-o: gatein
-
-dn: o=portal,o=gatein,dc=example,dc=com
-objectclass: top
-objectclass: organization
-o: portal
-
-dn: ou=People,o=portal,o=gatein,dc=example,dc=com
-objectclass: top
-objectclass: organizationalUnit
-ou: People
-
-dn: ou=Groups,o=portal,o=gatein,dc=example,dc=com
-objectclass: top
-objectclass: organizationalUnit
-ou: Groups
-
-dn: o=sample-portal,o=gatein,dc=example,dc=com
-objectclass: top
-objectclass: organization
-o: sample-portal
-
-dn: ou=People,o=sample-portal,o=gatein,dc=example,dc=com
-objectclass: top
-objectclass: organizationalUnit
-ou: People
-
-dn: ou=Groups,o=sample-portal,o=gatein,dc=example,dc=com
-objectclass: top
-objectclass: organizationalUnit
-ou: Groups
-
Modified:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/picketlink-idm-config.xml
===================================================================
---
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/picketlink-idm-config.xml 2010-01-14
17:44:18 UTC (rev 1300)
+++
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/picketlink-idm-config.xml 2010-01-14
19:39:39 UTC (rev 1301)
@@ -76,26 +76,6 @@
<attributes/>
<options/>
</identity-object-type>
- <identity-object-type>
- <name>GTN_GROUP_TYPE</name>
- <relationships>
- <relationship>
-
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
- <identity-object-type-ref>USER</identity-object-type-ref>
- </relationship>
- <relationship>
-
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
-
<identity-object-type-ref>GTN_GROUP_TYPE</identity-object-type-ref>
- </relationship>
- <relationship>
-
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
- <identity-object-type-ref>USER</identity-object-type-ref>
- </relationship>
- </relationships>
- <credentials/>
- <attributes/>
- <options/>
- </identity-object-type>
</supported-identity-object-types>
<options>
<option>
@@ -111,6 +91,10 @@
<value>true</value>
</option>
<option>
+ <name>allowNotDefinedIdentityObjectTypes</name>
+ <value>true</value>
+ </option>
+ <option>
<name>allowNotDefinedAttributes</name>
<value>true</value>
</option>
Modified:
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/picketlink-idm-ldap-config.xml
===================================================================
---
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/picketlink-idm-ldap-config.xml 2010-01-14
17:44:18 UTC (rev 1300)
+++
portal/trunk/web/portal/src/main/webapp/WEB-INF/conf/organization/picketlink-idm/picketlink-idm-ldap-config.xml 2010-01-14
19:39:39 UTC (rev 1301)
@@ -58,7 +58,8 @@
<identity-store-id>PortalLDAPStore</identity-store-id>
<identity-object-types>
<identity-object-type>USER</identity-object-type>
- <identity-object-type>GTN_GROUP_TYPE</identity-object-type>
+ <identity-object-type>platform_type</identity-object-type>
+ <identity-object-type>organization_type</identity-object-type>
</identity-object-types>
<options/>
</identity-store-mapping>
@@ -72,26 +73,10 @@
</repository>
<repository>
<id>SamplePortalRepository</id>
-
<class>org.picketlink.idm.impl.repository.FallbackIdentityStoreRepository</class>
+
<class>org.picketlink.idm.impl.repository.WrapperIdentityStoreRepository</class>
<external-config/>
<default-identity-store-id>HibernateStore</default-identity-store-id>
<default-attribute-store-id>HibernateStore</default-attribute-store-id>
- <identity-store-mappings>
- <identity-store-mapping>
- <identity-store-id>SamplePortalLDAPStore</identity-store-id>
- <identity-object-types>
- <identity-object-type>USER</identity-object-type>
- <identity-object-type>GTN_GROUP_TYPE</identity-object-type>
- </identity-object-types>
- <options/>
- </identity-store-mapping>
- </identity-store-mappings>
- <options>
- <option>
- <name>allowNotDefinedAttributes</name>
- <value>true</value>
- </option>
- </options>
</repository>
</repositories>
<stores>
@@ -115,26 +100,6 @@
<attributes/>
<options/>
</identity-object-type>
- <identity-object-type>
- <name>GTN_GROUP_TYPE</name>
- <relationships>
- <relationship>
-
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
- <identity-object-type-ref>USER</identity-object-type-ref>
- </relationship>
- <relationship>
-
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
-
<identity-object-type-ref>GTN_GROUP_TYPE</identity-object-type-ref>
- </relationship>
- <relationship>
-
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
- <identity-object-type-ref>USER</identity-object-type-ref>
- </relationship>
- </relationships>
- <credentials/>
- <attributes/>
- <options/>
- </identity-object-type>
</supported-identity-object-types>
<options>
<option>
@@ -150,6 +115,10 @@
<value>true</value>
</option>
<option>
+ <name>allowNotDefinedIdentityObjectTypes</name>
+ <value>true</value>
+ </option>
+ <option>
<name>allowNotDefinedAttributes</name>
<value>true</value>
</option>
@@ -202,7 +171,7 @@
</options>
</identity-object-type>
<identity-object-type>
- <name>GTN_GROUP_TYPE</name>
+ <name>platform_type</name>
<relationships>
<relationship>
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
@@ -210,7 +179,7 @@
</relationship>
<relationship>
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
-
<identity-object-type-ref>GTN_GROUP_TYPE</identity-object-type-ref>
+
<identity-object-type-ref>platform_type</identity-object-type-ref>
</relationship>
</relationships>
<credentials/>
@@ -222,7 +191,7 @@
</option>
<option>
<name>ctxDNs</name>
- <value>ou=Groups,o=portal,o=gatein,dc=example,dc=com</value>
+
<value>ou=Platform,o=portal,o=gatein,dc=example,dc=com</value>
</option>
<!--<option>-->
<!--<name>entrySearchFilter</name>-->
@@ -251,70 +220,8 @@
</option>
</options>
</identity-object-type>
- </supported-identity-object-types>
- <options>
- <option>
- <name>providerURL</name>
- <value>ldap://localhost:1389</value>
- </option>
- <option>
- <name>adminDN</name>
- <value>cn=Directory Manager</value>
- </option>
- <option>
- <name>adminPassword</name>
- <value>password</value>
- </option>
- <option>
- <name>searchTimeLimit</name>
- <value>10000</value>
- </option>
- </options>
- </identity-store>
- <identity-store>
- <id>SamplePortalLDAPStore</id>
-
<class>org.picketlink.idm.impl.store.ldap.LDAPIdentityStoreImpl</class>
- <external-config/>
- <supported-relationship-types>
- <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
- </supported-relationship-types>
- <supported-identity-object-types>
<identity-object-type>
- <name>USER</name>
- <relationships/>
- <credentials>
- <credential-type>PASSWORD</credential-type>
- </credentials>
- <attributes>
- </attributes>
- <options>
- <option>
- <name>idAttributeName</name>
- <value>uid</value>
- </option>
- <option>
- <name>passwordAttributeName</name>
- <value>userPassword</value>
- </option>
- <option>
- <name>ctxDNs</name>
-
<value>ou=People,o=sample-portal,o=gatein,dc=example,dc=com</value>
- </option>
- <option>
- <name>allowCreateEntry</name>
- <value>true</value>
- </option>
- <option>
- <name>createEntryAttributeValues</name>
- <value>objectClass=top</value>
- <value>objectClass=inetOrgPerson</value>
- <value>sn= </value>
- <value>cn= </value>
- </option>
- </options>
- </identity-object-type>
- <identity-object-type>
- <name>GTN_GROUP_TYPE</name>
+ <name>organization_type</name>
<relationships>
<relationship>
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
@@ -322,7 +229,7 @@
</relationship>
<relationship>
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
-
<identity-object-type-ref>GTN_GROUP_TYPE</identity-object-type-ref>
+
<identity-object-type-ref>organization_type</identity-object-type-ref>
</relationship>
</relationships>
<credentials/>
@@ -334,7 +241,7 @@
</option>
<option>
<name>ctxDNs</name>
-
<value>ou=Groups,o=sample-portal,o=gatein,dc=example,dc=com</value>
+
<value>ou=Organization,o=portal,o=gatein,dc=example,dc=com</value>
</option>
<!--<option>-->
<!--<name>entrySearchFilter</name>-->
@@ -381,6 +288,10 @@
<name>searchTimeLimit</name>
<value>10000</value>
</option>
+ <option>
+ <name>createMissingContexts</name>
+ <value>true</value>
+ </option>
</options>
</identity-store>
</identity-stores>
5461
days inactive
5461
days old
gatein-commits@lists.jboss.org
0 comments
1 participants
participants (1)
-
do-not-reply@jboss.org