JBoss Identity SVN: r684 - identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp.
by jboss-identity-commits@lists.jboss.org
Author: marcelkolsteren
Date: 2009-08-08 07:15:22 -0400 (Sat, 08 Aug 2009)
New Revision: 684
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
Log:
IDPWebBrowserSSOValve: by default sign outgoing messages and ignore incoming signatures
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2009-08-07 23:52:12 UTC (rev 683)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2009-08-08 11:15:22 UTC (rev 684)
@@ -75,17 +75,29 @@
private TrustKeyManager keyManager;
- private Boolean supportSignature = false;
-
- public Boolean getSupportSignature()
+ private Boolean ignoreIncomingSignatures = true;
+
+ private Boolean signOutgoingMessages = true;
+
+ public Boolean getIgnoreIncomingSignatures()
{
- return supportSignature;
+ return ignoreIncomingSignatures;
}
- public void setSupportSignature(Boolean supportSignature)
+ public void setIgnoreIncomingSignatures(Boolean ignoreIncomingSignature)
{
- this.supportSignature = supportSignature;
- }
+ this.ignoreIncomingSignatures = ignoreIncomingSignature;
+ }
+
+ public Boolean getSignOutgoingMessages()
+ {
+ return signOutgoingMessages;
+ }
+
+ public void setSignOutgoingMessages(Boolean signOutgoingMessages)
+ {
+ this.signOutgoingMessages = signOutgoingMessages;
+ }
@Override
public void invoke(Request request, Response response) throws IOException, ServletException
@@ -142,7 +154,7 @@
JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(),
this.identityURL);
- if(this.supportSignature)
+ if(this.signOutgoingMessages)
webRequestUtil.send(errorResponseType, relayState, response, true,
this.keyManager.getSigningKey());
else
@@ -254,7 +266,7 @@
{
try
{
- if(this.supportSignature)
+ if(this.signOutgoingMessages)
webRequestUtil.send(responseType, relayState, response, true,
this.keyManager.getSigningKey());
else
@@ -298,7 +310,7 @@
this.identityURL);
try
{
- if(this.supportSignature)
+ if(this.signOutgoingMessages)
webRequestUtil.send(errorResponseType, relayState, response, true,
this.keyManager.getSigningKey());
else
@@ -317,25 +329,29 @@
protected boolean validate(String remoteAddress,
SessionHolder holder) throws IOException, GeneralSecurityException
{
- if(!supportSignature)
+ if (holder.samlRequest == null || holder.samlRequest.length() == 0)
{
- return holder.samlRequest != null && holder.samlRequest.length() > 0;
+ return false;
}
-
- String sig = holder.signature;
- if(sig == null || sig.length() == 0)
+
+ if (!this.ignoreIncomingSignatures)
{
- log.error("Signature received from SP is null:" + remoteAddress);
- return false;
+ String sig = holder.signature;
+ if (sig == null || sig.length() == 0)
+ {
+ log.error("Signature received from SP is null:" + remoteAddress);
+ return false;
+ }
+
+ return PostBindingUtil.validateSignature(holder.samlRequest.getBytes("UTF-8"), sig, keyManager
+ .getValidatingKey(remoteAddress));
}
-
- return PostBindingUtil.validateSignature(holder.samlRequest.getBytes("UTF-8"),
- sig, keyManager.getValidatingKey(remoteAddress));
+ else
+ {
+ return true;
+ }
}
-
-
-
//***************Lifecycle
/**
* The lifecycle event support for this component.
@@ -413,7 +429,7 @@
throw new RuntimeException(e);
}
- if(this.supportSignature)
+ if(this.signOutgoingMessages)
{
KeyProviderType keyProvider = this.idpConfiguration.getKeyProvider();
try
14 years, 9 months
JBoss Identity SVN: r683 - in identity-federation/trunk: jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories and 1 other directory.
by jboss-identity-commits@lists.jboss.org
Author: marcelkolsteren
Date: 2009-08-07 19:52:12 -0400 (Fri, 07 Aug 2009)
New Revision: 683
Added:
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SecurityActions.java
Modified:
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java
Log:
JBID-159: Disable JAXB Schema validation when marshalling SAML2Response
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-08-07 23:09:26 UTC (rev 682)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-08-07 23:52:12 UTC (rev 683)
@@ -37,6 +37,7 @@
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.Source;
+import org.jboss.identity.federation.core.constants.JBossIdentityFederationConstants;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
import org.jboss.identity.federation.core.exceptions.ParsingException;
import org.jboss.identity.federation.core.exceptions.ProcessingException;
@@ -327,9 +328,15 @@
*/
public void marshall(ResponseType responseType, OutputStream os) throws JAXBException, SAXException
{
- Marshaller marshaller = JBossSAMLAuthnResponseFactory.getValidatingMarshaller();
- JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory().createResponse(responseType);
- marshaller.marshal(jaxb, os);
+ String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION;
+ boolean validate = Boolean.parseBoolean(SecurityActions
+ .getSystemProperty(key, "false"));
+
+ Marshaller marshaller = JBossSAMLAuthnResponseFactory
+ .getValidatingMarshaller(validate);
+ JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory()
+ .createResponse(responseType);
+ marshaller.marshal(jaxb, os);
}
/**
Added: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SecurityActions.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SecurityActions.java (rev 0)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SecurityActions.java 2009-08-07 23:52:12 UTC (rev 683)
@@ -0,0 +1,59 @@
+/*
+ * JBoss, Home of Professional Open Source.
+ * Copyright 2008, Red Hat Middleware LLC, and individual contributors
+ * as indicated by the @author tags. See the copyright.txt file in the
+ * distribution for a full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.identity.federation.api.saml.v2.response;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+/**
+ * Privileged Blocks
+ */
+class SecurityActions {
+ /**
+ * Get the Thread Context ClassLoader
+ *
+ * @return
+ */
+ static ClassLoader getContextClassLoader() {
+ return AccessController
+ .doPrivileged(new PrivilegedAction<ClassLoader>() {
+ public ClassLoader run() {
+ return Thread.currentThread().getContextClassLoader();
+ }
+ });
+ }
+
+ /**
+ * Get the system property
+ *
+ * @param key
+ * @param defaultValue
+ * @return
+ */
+ static String getSystemProperty(final String key, final String defaultValue) {
+ return AccessController.doPrivileged(new PrivilegedAction<String>() {
+ public String run() {
+ return System.getProperty(key, defaultValue);
+ }
+ });
+ }
+}
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java 2009-08-07 23:09:26 UTC (rev 682)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java 2009-08-07 23:52:12 UTC (rev 683)
@@ -197,14 +197,19 @@
}
/**
- * Get the JAXB2 marshaller
- * @return
- * @throws JAXBException
- * @throws SAXException
+ * Get the validating marshaller
+ *
+ * @param schemaValidation Whether schema validation is needed
+ * @return
+ * @throws JAXBException
+ * @throws SAXException
*/
- public static Marshaller getValidatingMarshaller() throws SAXException, JAXBException
+ public static Marshaller getValidatingMarshaller(boolean schemaValidation) throws SAXException, JAXBException
{
- return JAXBUtil.getValidatingMarshaller(pkgName, schemaLocation);
+ if (schemaValidation)
+ return JAXBUtil.getValidatingMarshaller(pkgName, schemaLocation);
+ else
+ return JAXBUtil.getMarshaller(pkgName);
}
/**
14 years, 9 months
JBoss Identity SVN: r682 - in idm/trunk/idm-testsuite/src/test/resources: datasources and 1 other directories.
by jboss-identity-commits@lists.jboss.org
Author: bdaw
Date: 2009-08-07 19:09:26 -0400 (Fri, 07 Aug 2009)
New Revision: 682
Added:
idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad-local.ldif
idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad-local.xml
Modified:
idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml
idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif
idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml
Log:
MSAD test configuration fix
Modified: idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml 2009-08-07 22:56:43 UTC (rev 681)
+++ idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml 2009-08-07 23:09:26 UTC (rev 682)
@@ -84,7 +84,7 @@
</directory>
<directory>
<directory-name>MSAD</directory-name>
- <description>Microsoft Active Directory in QA Labs (need vpn access)</description>
+ <description>ldap://dev44.qa.atl.jboss.com:389</description>
<config-file>test-identity-config-msad.xml</config-file>
<host>dev44.qa.atl.jboss.com</host>
@@ -95,20 +95,20 @@
<populate-ldif>ldap/initial-empty-msad.ldif</populate-ldif>
- <cleanup-dn>o=jbid,dc=test,dc=domain</cleanup-dn>
+ <cleanup-dn>o=jbid,dc=jboss,dc=test</cleanup-dn>
</directory>
<directory>
<directory-name>MSAD-local</directory-name>
<description>ldap://192.168.56.101:389</description>
- <config-file>test-identity-config-msad.xml</config-file>
+ <config-file>test-identity-config-msad-local.xml</config-file>
<host>192.168.56.101</host>
<port>389</port>
<context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory>
<admin-dn>TEST\Administrator</admin-dn>
<admin-password>!Q2w3e4r</admin-password>
- <populate-ldif>ldap/initial-empty-msad.ldif</populate-ldif>
+ <populate-ldif>ldap/initial-empty-msad-local.ldif</populate-ldif>
<cleanup-dn>o=jbid,dc=test,dc=domain</cleanup-dn>
</directory>
Copied: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad-local.ldif (from rev 681, idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif)
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad-local.ldif (rev 0)
+++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad-local.ldif 2009-08-07 23:09:26 UTC (rev 682)
@@ -0,0 +1,55 @@
+dn: o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organization
+o: jbid
+
+dn: ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: idm
+
+dn: ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: trunk
+
+dn: ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: test
+
+dn: ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: People
+
+dn: ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: Roles
+
+dn: ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: Groups
+
+dn: ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: Organizations
+
+dn: ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: OrganizationUnits
+
+dn: ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: Departments
+
+dn: ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: Offices
+
Modified: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif 2009-08-07 22:56:43 UTC (rev 681)
+++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif 2009-08-07 23:09:26 UTC (rev 682)
@@ -1,54 +1,54 @@
-dn: o=jbid,dc=test,dc=domain
+dn: o=jbid,dc=jboss,dc=test
objectclass: top
objectclass: organization
o: jbid
-dn: ou=idm,o=jbid,dc=test,dc=domain
+dn: ou=idm,o=jbid,dc=jboss,dc=test
objectclass: top
objectclass: organizationalUnit
ou: idm
-dn: ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+dn: ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test
objectclass: top
objectclass: organizationalUnit
ou: trunk
-dn: ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+dn: ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test
objectclass: top
objectclass: organizationalUnit
ou: test
-dn: ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+dn: ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test
objectclass: top
objectclass: organizationalUnit
ou: People
-dn: ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+dn: ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test
objectclass: top
objectclass: organizationalUnit
ou: Roles
-dn: ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+dn: ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test
objectclass: top
objectclass: organizationalUnit
ou: Groups
-dn: ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+dn: ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test
objectclass: top
objectclass: organizationalUnit
ou: Organizations
-dn: ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+dn: ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test
objectclass: top
objectclass: organizationalUnit
ou: OrganizationUnits
-dn: ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+dn: ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test
objectclass: top
objectclass: organizationalUnit
ou: Departments
-dn: ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+dn: ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test
objectclass: top
objectclass: organizationalUnit
ou: Offices
Copied: idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad-local.xml (from rev 681, idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml)
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad-local.xml (rev 0)
+++ idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad-local.xml 2009-08-07 23:09:26 UTC (rev 682)
@@ -0,0 +1,931 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-identity xmlns="urn:jboss:identity:idm:config:v1_0_beta"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:identity:idm:config:v1_0_beta identity-config.xsd">
+ <realms>
+ <realm>
+ <id>realm://RedHat/DB</id>
+ <repository-id-ref>RedHat Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB</id>
+ <repository-id-ref>Sample Portal Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://RedHat/DB_LDAP</id>
+ <repository-id-ref>RedHat Repository DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB_LDAP</id>
+ <repository-id-ref>Sample Portal Repository DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ </realms>
+ <repositories>
+ <repository>
+ <id>RedHat Repository DB</id>
+ <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB</id>
+ <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>RedHat Repository DB+LDAP</id>
+ <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>PROJECT</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+ <identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+ <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB+LDAP</id>
+ <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>SYSTEM</identity-object-type>
+ <identity-object-type>ADMINISTRATION</identity-object-type>
+ <identity-object-type>COMMUNITY</identity-object-type>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>SECURITY</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+ <identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>OFFICE</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+ <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ </repositories>
+ <stores>
+ <attribute-stores/>
+ <identity-stores>
+ <identity-store>
+ <id>Hibernate Identity Store</id>
+ <class>org.jboss.identity.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+ <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships>
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>COMMUNITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>OFFICE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>SECURITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>PROJECT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>PEOPLE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ </relationships>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>picture</name>
+ <mapping>user.picture</mapping>
+ <type>binary</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>PEOPLE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>PROJECT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DIVISION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PROJECT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PEOPLE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ADMINISTRATION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>COMMUNITY</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SECURITY</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SYSTEM</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>SECURITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>COMMUNITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <!--<option>-->
+ <!--<name>hibernateConfiguration</name>-->
+ <!--<value>hibernate-jboss-identity.cfg.xml</value>-->
+ <!--</option>-->
+ <option>
+ <name>hibernateSessionFactoryJNDIName</name>
+ <value>java:/jbossidentity/HibernateStoreSessionFactory</value>
+ </option>
+ <option>
+ <name>populateRelationshipTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>populateIdentityObjectTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>isRealmAware</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </identity-store>
+ <identity-store>
+ <id>LDAP Identity Store</id>
+ <class>org.jboss.identity.idm.impl.store.ldap.LDAPIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+ <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships/>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>phone</name>
+ <mapping>telephoneNumber</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>carLicense</name>
+ <mapping>carLicense</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>passwordAttributeName</name>
+ <value>unicodePwd</value>
+ </option>
+ <option>
+ <name>enclosePasswordWith</name>
+ <value>"</value>
+ </option>
+ <option>
+ <name>passwordEncoding</name>
+ <value>UTF-16LE</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=inetOrgPerson</value>
+ <value>sn= </value>
+ <!--<value>cn= </value>-->
+ </option>
+ <option>
+ <name>passwordUpdateAttributeValues</name>
+ <value>userAccountControl=512</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>GROUP</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ROLE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <option>
+ <name>providerURL</name>
+ <value>ldap://192.168.56.101:636</value>
+ </option>
+ <option>
+ <name>adminDN</name>
+ <value>TEST\Administrator</value>
+ </option>
+ <option>
+ <name>adminPassword</name>
+ <value>!Q2w3e4r</value>
+ </option>
+ <option>
+ <name>customJNDIConnectionParameters</name>
+ <value>java.naming.security.protocol=ssl</value>
+ </option>
+ <option>
+ <name>customSystemProperties</name>
+ <value>javax.net.ssl.trustStore=d:\Workshop\msad.truststore</value>
+ <value>javax.net.ssl.trustStorePassword=password</value>
+ </option>
+ <option>
+ <name>searchTimeLimit</name>
+ <value>10000</value>
+ </option>
+ </options>
+ </identity-store>
+ </identity-stores>
+ </stores>
+</jboss-identity>
\ No newline at end of file
Modified: idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml 2009-08-07 22:56:43 UTC (rev 681)
+++ idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml 2009-08-07 23:09:26 UTC (rev 682)
@@ -566,7 +566,7 @@
</option>
<option>
<name>ctxDNs</name>
- <value>ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ <value>ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test</value>
</option>
<option>
<name>allowCreateEntry</name>
@@ -618,7 +618,7 @@
</option>
<option>
<name>ctxDNs</name>
- <value>ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ <value>ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test</value>
</option>
<!--<option>-->
<!--<name>entrySearchFilter</name>-->
@@ -676,7 +676,7 @@
</option>
<option>
<name>ctxDNs</name>
- <value>ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ <value>ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test</value>
</option>
<!--<option>-->
<!--<name>entrySearchFilter</name>-->
@@ -730,7 +730,7 @@
</option>
<option>
<name>ctxDNs</name>
- <value>ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ <value>ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test</value>
</option>
<!--<option>-->
<!--<name>entrySearchFilter</name>-->
@@ -776,7 +776,7 @@
</option>
<option>
<name>ctxDNs</name>
- <value>ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ <value>ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test</value>
</option>
<!--<option>-->
<!--<name>entrySearchFilter</name>-->
@@ -822,7 +822,7 @@
</option>
<option>
<name>ctxDNs</name>
- <value>ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ <value>ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test</value>
</option>
<!--<option>-->
<!--<name>entrySearchFilter</name>-->
@@ -868,7 +868,7 @@
</option>
<option>
<name>ctxDNs</name>
- <value>ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ <value>ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test</value>
</option>
<!--<option>-->
<!--<name>entrySearchFilter</name>-->
@@ -901,26 +901,26 @@
<options>
<option>
<name>providerURL</name>
- <value>ldap://192.168.56.101:636</value>
+ <value>ldap://dev44.qa.atl.jboss.com:389</value>
</option>
<option>
<name>adminDN</name>
- <value>TEST\Administrator</value>
+ <value>JBOSS\jbossqa</value>
</option>
<option>
<name>adminPassword</name>
- <value>!Q2w3e4r</value>
+ <value>jboss42</value>
</option>
+ <!--<option>-->
+ <!--<name>customJNDIConnectionParameters</name>-->
+ <!--<value>java.naming.security.protocol=ssl</value>-->
+ <!--</option>-->
+ <!--<option>-->
+ <!--<name>customSystemProperties</name>-->
+ <!--<value>javax.net.ssl.trustStore=d:\Workshop\msad.truststore</value>-->
+ <!--<value>javax.net.ssl.trustStorePassword=password</value>-->
+ <!--</option>-->
<option>
- <name>customJNDIConnectionParameters</name>
- <value>java.naming.security.protocol=ssl</value>
- </option>
- <option>
- <name>customSystemProperties</name>
- <value>javax.net.ssl.trustStore=d:\Workshop\msad.truststore</value>
- <value>javax.net.ssl.trustStorePassword=password</value>
- </option>
- <option>
<name>searchTimeLimit</name>
<value>10000</value>
</option>
14 years, 9 months
JBoss Identity SVN: r681 - in idm/trunk: idm-hibernate/src/main/java/org/jboss/identity/idm/impl/store/hibernate and 6 other directories.
by jboss-identity-commits@lists.jboss.org
Author: bdaw
Date: 2009-08-07 18:56:43 -0400 (Fri, 07 Aug 2009)
New Revision: 681
Added:
idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml
idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif
idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-openldapds.ldif
idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-redhatds.ldif
idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-sunds.ldif
idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml
idm/trunk/idm-testsuite/src/test/resources/test-identity-config-openldapds.xml
idm/trunk/idm-testsuite/src/test/resources/test-identity-config-redhatds.xml
idm/trunk/idm-testsuite/src/test/resources/test-identity-config-sunds.xml
Modified:
idm/trunk/assembly/scripts/assembly-distro.xml
idm/trunk/idm-hibernate/src/main/java/org/jboss/identity/idm/impl/store/hibernate/HibernateIdentityStoreImpl.java
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityObjectTypeConfiguration.java
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreConfiguration.java
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreImpl.java
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreSessionImpl.java
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityObjectTypeConfiguration.java
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityStoreConfiguration.java
idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/IdentityTestPOJO.java
idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/LDAPTestPOJO.java
idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreTestCase.java
idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif
idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml
Log:
LDAP support improvements
Modified: idm/trunk/assembly/scripts/assembly-distro.xml
===================================================================
--- idm/trunk/assembly/scripts/assembly-distro.xml 2009-08-07 21:17:36 UTC (rev 680)
+++ idm/trunk/assembly/scripts/assembly-distro.xml 2009-08-07 22:56:43 UTC (rev 681)
@@ -14,7 +14,7 @@
<!-- Dependency Sets -->
<dependencySets>
<dependencySet>
- <outputFileNameMapping>${artifact.artifactId}${dashClassifier?}.${artifact.extension}</outputFileNameMapping>
+ <!--<outputFileNameMapping>${artifact.artifactId}${dashClassifier?}.${artifact.extension}</outputFileNameMapping>-->
<!-- useStrictFiltering>true</useStrictFiltering -->
<unpack>false</unpack>
<scope>test</scope>
Modified: idm/trunk/idm-hibernate/src/main/java/org/jboss/identity/idm/impl/store/hibernate/HibernateIdentityStoreImpl.java
===================================================================
--- idm/trunk/idm-hibernate/src/main/java/org/jboss/identity/idm/impl/store/hibernate/HibernateIdentityStoreImpl.java 2009-08-07 21:17:36 UTC (rev 680)
+++ idm/trunk/idm-hibernate/src/main/java/org/jboss/identity/idm/impl/store/hibernate/HibernateIdentityStoreImpl.java 2009-08-07 22:56:43 UTC (rev 681)
@@ -22,30 +22,11 @@
package org.jboss.identity.idm.impl.store.hibernate;
-import java.io.Serializable;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.hibernate.Criteria;
-import org.hibernate.HibernateException;
-import org.hibernate.Session;
-import org.hibernate.Query;
-import org.hibernate.SessionFactory;
-import org.hibernate.cfg.AnnotationConfiguration;
-import org.hibernate.criterion.Restrictions;
-import org.hibernate.criterion.MatchMode;
import org.jboss.identity.idm.common.exception.IdentityException;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObject;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectAttribute;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttribute;
+import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttributeValue;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectCredential;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectCredentialType;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectRelationship;
@@ -54,12 +35,11 @@
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectTextAttribute;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectType;
import org.jboss.identity.idm.impl.model.hibernate.HibernateRealm;
-import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttributeValue;
import org.jboss.identity.idm.impl.store.FeaturesMetaDataImpl;
+import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext;
import org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectAttributeMetaData;
import org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectTypeMetaData;
import org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData;
-import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext;
import org.jboss.identity.idm.spi.exception.OperationNotSupportedException;
import org.jboss.identity.idm.spi.model.IdentityObject;
import org.jboss.identity.idm.spi.model.IdentityObjectAttribute;
@@ -68,16 +48,35 @@
import org.jboss.identity.idm.spi.model.IdentityObjectRelationship;
import org.jboss.identity.idm.spi.model.IdentityObjectRelationshipType;
import org.jboss.identity.idm.spi.model.IdentityObjectType;
+import org.jboss.identity.idm.spi.search.IdentityObjectSearchCriteria;
import org.jboss.identity.idm.spi.store.FeaturesMetaData;
+import org.jboss.identity.idm.spi.store.IdentityObjectSearchCriteriaType;
import org.jboss.identity.idm.spi.store.IdentityStore;
import org.jboss.identity.idm.spi.store.IdentityStoreInvocationContext;
import org.jboss.identity.idm.spi.store.IdentityStoreSession;
-import org.jboss.identity.idm.spi.store.IdentityObjectSearchCriteriaType;
-import org.jboss.identity.idm.spi.search.IdentityObjectSearchCriteria;
-//import javax.persistence.Persistence;
+import java.io.Serializable;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
import javax.naming.InitialContext;
import javax.naming.NamingException;
+
+import org.hibernate.Criteria;
+import org.hibernate.HibernateException;
+import org.hibernate.Query;
+import org.hibernate.Session;
+import org.hibernate.SessionFactory;
+import org.hibernate.cfg.AnnotationConfiguration;
+import org.hibernate.criterion.Restrictions;
//import javax.persistence.Persistence;
/**
@@ -1552,9 +1551,19 @@
HibernateIdentityObject hibernateObject = safeGet(ctx, identity);
- Set<HibernateIdentityObjectAttribute> storeAttributes = hibernateObject.getAttributes();
+
+
Map<String, IdentityObjectAttribute> result = new HashMap<String, IdentityObjectAttribute>();
+ if (hibernateObject == null)
+ {
+ return result;
+ }
+
+ Set<HibernateIdentityObjectAttribute> storeAttributes = hibernateObject.getAttributes();
+
+
+
// Remap the names
for (HibernateIdentityObjectAttribute attribute : storeAttributes)
{
@@ -1607,13 +1616,12 @@
}
}
- IdentityObjectAttributeMetaData amd = mdMap.get(attribute.getName());
- if (amd != null)
+ if (mdMap != null && mdMap.containsKey(attribute.getName()))
{
+ IdentityObjectAttributeMetaData amd = mdMap.get(attribute.getName());
-
if (!amd.isMultivalued() && attribute.getSize() > 1)
{
throw new IdentityException("Cannot assigned multiply values to single valued attribute: " + attribute.getName());
@@ -1663,8 +1671,13 @@
{
IdentityObjectAttribute attribute = mappedAttributes.get(name);
- IdentityObjectAttributeMetaData amd = mdMap.get(attribute.getName());
+ IdentityObjectAttributeMetaData amd = null;
+ if (mdMap != null)
+ {
+ amd = mdMap.get(attribute.getName());
+ }
+
// Default to text
String type = amd != null ? amd.getType() : IdentityObjectAttributeMetaData.TEXT_TYPE;
Modified: idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityObjectTypeConfiguration.java
===================================================================
--- idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityObjectTypeConfiguration.java 2009-08-07 21:17:36 UTC (rev 680)
+++ idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityObjectTypeConfiguration.java 2009-08-07 22:56:43 UTC (rev 681)
@@ -41,19 +41,36 @@
String getEntrySearchFilter();
+ String getEntrySearchScope();
+
boolean isAllowCreateEntry();
Map<String, String[]> getCreateEntryAttributeValues();
String[] getAllowedMembershipTypes();
- String getMembershipAttributeName();
+ String getParentMembershipAttributeName();
- boolean isMembershipAttributeDN();
+ boolean isParentMembershipAttributeDN();
- boolean allowEmptyMemberships();
+ boolean isAllowEmptyMemberships();
String getAttributeMapping(String identityAttribute);
Set<String> getMappedAttributesNames();
+
+ String getChildMembershipAttributeName();
+
+ boolean isChildMembershipAttributeDN();
+
+ boolean isAllowEmptyPassword();
+
+ String getEnclosePasswordWith();
+
+ String getPasswordEncoding();
+
+ Map<String, String[]> getUpdatePasswordAttributeValues();
+
+ boolean isSubentryMembershipLookup();
+
}
Modified: idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreConfiguration.java
===================================================================
--- idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreConfiguration.java 2009-08-07 21:17:36 UTC (rev 680)
+++ idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreConfiguration.java 2009-08-07 22:56:43 UTC (rev 681)
@@ -23,7 +23,10 @@
package org.jboss.identity.idm.impl.store.ldap;
import org.jboss.identity.idm.spi.model.IdentityObjectType;
+import org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData;
+import java.util.Map;
+
/**
* Helper interface to expose LDAP IdentityStore configuration in a different way
*
@@ -32,6 +35,8 @@
*/
public interface LDAPIdentityStoreConfiguration
{
+
+ IdentityStoreConfigurationMetaData getConfigurationMetaData();
String getProviderURL();
@@ -45,4 +50,34 @@
IdentityObjectType[] getConfiguredTypes();
+ Map<String, LDAPIdentityObjectTypeConfiguration> getTypesConfiguration();
+
+ Map<String, String> getCustomJNDIConnectionParameters();
+
+ Map<String, String> getCustomSystemProperties();
+
+ String getExternalJNDIContext();
+
+ String getMembershipToRelationshipTypeMapping();
+
+ boolean isSupportNamedRelationships();
+
+ String[] getRelationshipNamesCtxDNs();
+
+ String getRelationshipNameSearchFilter();
+
+ String getRelationshipNameSearchScope();
+
+ Map<String, String[]> getRelationshipNameCreateEntryAttributeValues();
+
+ String getRelationshipNameAttributeName();
+
+ String getNamedRelationshipSearchFilter();
+
+ Map<String, String[]> getNamedRelationshipCreateEntryAttributeValues();
+
+ String getNamedRelationshipNameAttributeName();
+
+ String getNamedRelationshipMemberAttributeName();
+
}
Modified: idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreImpl.java
===================================================================
--- idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreImpl.java 2009-08-07 21:17:36 UTC (rev 680)
+++ idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreImpl.java 2009-08-07 22:56:43 UTC (rev 681)
@@ -22,6 +22,31 @@
package org.jboss.identity.idm.impl.store.ldap;
+import org.jboss.identity.idm.common.exception.IdentityException;
+import org.jboss.identity.idm.impl.NotYetImplementedException;
+import org.jboss.identity.idm.impl.api.SimpleAttribute;
+import org.jboss.identity.idm.impl.helper.Tools;
+import org.jboss.identity.idm.impl.model.ldap.LDAPIdentityObjectImpl;
+import org.jboss.identity.idm.impl.model.ldap.LDAPIdentityObjectRelationshipImpl;
+import org.jboss.identity.idm.impl.store.FeaturesMetaDataImpl;
+import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext;
+import org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectAttributeMetaData;
+import org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectTypeMetaData;
+import org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData;
+import org.jboss.identity.idm.spi.exception.OperationNotSupportedException;
+import org.jboss.identity.idm.spi.model.IdentityObject;
+import org.jboss.identity.idm.spi.model.IdentityObjectAttribute;
+import org.jboss.identity.idm.spi.model.IdentityObjectCredential;
+import org.jboss.identity.idm.spi.model.IdentityObjectRelationship;
+import org.jboss.identity.idm.spi.model.IdentityObjectRelationshipType;
+import org.jboss.identity.idm.spi.model.IdentityObjectType;
+import org.jboss.identity.idm.spi.search.IdentityObjectSearchCriteria;
+import org.jboss.identity.idm.spi.store.FeaturesMetaData;
+import org.jboss.identity.idm.spi.store.IdentityObjectSearchCriteriaType;
+import org.jboss.identity.idm.spi.store.IdentityStore;
+import org.jboss.identity.idm.spi.store.IdentityStoreInvocationContext;
+import org.jboss.identity.idm.spi.store.IdentityStoreSession;
+
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
@@ -38,6 +63,7 @@
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Pattern;
+import java.io.UnsupportedEncodingException;
import javax.naming.Context;
import javax.naming.InitialContext;
@@ -56,31 +82,6 @@
import javax.naming.ldap.LdapName;
import javax.naming.ldap.SortControl;
-import org.jboss.identity.idm.common.exception.IdentityException;
-import org.jboss.identity.idm.impl.NotYetImplementedException;
-import org.jboss.identity.idm.impl.api.SimpleAttribute;
-import org.jboss.identity.idm.impl.helper.Tools;
-import org.jboss.identity.idm.impl.model.ldap.LDAPIdentityObjectImpl;
-import org.jboss.identity.idm.impl.model.ldap.LDAPIdentityObjectRelationshipImpl;
-import org.jboss.identity.idm.impl.store.FeaturesMetaDataImpl;
-import org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectAttributeMetaData;
-import org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectTypeMetaData;
-import org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData;
-import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext;
-import org.jboss.identity.idm.spi.exception.OperationNotSupportedException;
-import org.jboss.identity.idm.spi.model.IdentityObject;
-import org.jboss.identity.idm.spi.model.IdentityObjectAttribute;
-import org.jboss.identity.idm.spi.model.IdentityObjectCredential;
-import org.jboss.identity.idm.spi.model.IdentityObjectRelationship;
-import org.jboss.identity.idm.spi.model.IdentityObjectRelationshipType;
-import org.jboss.identity.idm.spi.model.IdentityObjectType;
-import org.jboss.identity.idm.spi.store.FeaturesMetaData;
-import org.jboss.identity.idm.spi.store.IdentityStore;
-import org.jboss.identity.idm.spi.store.IdentityStoreInvocationContext;
-import org.jboss.identity.idm.spi.store.IdentityStoreSession;
-import org.jboss.identity.idm.spi.store.IdentityObjectSearchCriteriaType;
-import org.jboss.identity.idm.spi.search.IdentityObjectSearchCriteria;
-
/**
* @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw Dawidowicz</a>
* @version : 0.1 $
@@ -163,14 +164,7 @@
public IdentityStoreSession createIdentityStoreSession()
{
-
- return new LDAPIdentityStoreSessionImpl(
- "com.sun.jndi.ldap.LdapCtxFactory",
- configuration.getProviderURL(),
- "simple",
- configuration.getAdminDN(),
- configuration.getAdminPassword());
-
+ return new LDAPIdentityStoreSessionImpl(configuration);
}
public String getId()
@@ -498,7 +492,7 @@
for (String typeCtx : typeCtxs)
{
- if (dn.endsWith(typeCtx))
+ if (dn.toLowerCase().endsWith(typeCtx.toLowerCase()))
{
type = possibleType;
break;
@@ -729,14 +723,14 @@
// If parent simply look for all its members
if (parent)
{
- if (typeConfig.getMembershipAttributeName() == null)
+ if (typeConfig.getParentMembershipAttributeName() == null)
{
throw new IdentityException("Membership attribute name not configured. Given IdentityObjectType cannot have" +
"members: " + identity.getIdentityType().getName());
}
Attributes attrs = ldapContext.getAttributes(ldapFromIO.getDn());
- Attribute member = attrs.get(typeConfig.getMembershipAttributeName());
+ Attribute member = attrs.get(typeConfig.getParentMembershipAttributeName());
if (member != null)
{
@@ -745,7 +739,7 @@
{
String memberRef = memberValues.nextElement().toString();
- if (typeConfig.isMembershipAttributeDN())
+ if (typeConfig.isParentMembershipAttributeDN())
{
//TODO: use direct LDAP query instaed of other find method and add attributesFilter
@@ -829,9 +823,9 @@
// Add filter to search only parents of the given entry
af.append("(")
- .append(parentTypeConfiguration.getMembershipAttributeName())
+ .append(parentTypeConfiguration.getParentMembershipAttributeName())
.append("=");
- if (parentTypeConfiguration.isMembershipAttributeDN())
+ if (parentTypeConfiguration.isParentMembershipAttributeDN())
{
af.append(ldapFromIO.getDn());
}
@@ -938,7 +932,7 @@
if (parent)
{
Attributes attrs = ldapContext.getAttributes(ldapIO.getDn());
- Attribute member = attrs.get(typeConfig.getMembershipAttributeName());
+ Attribute member = attrs.get(typeConfig.getParentMembershipAttributeName());
if (member != null)
{
@@ -947,7 +941,7 @@
{
String memberRef = memberValues.nextElement().toString();
- if (typeConfig.isMembershipAttributeDN())
+ if (typeConfig.isParentMembershipAttributeDN())
{
//TODO: use direct LDAP query instaed of other find method and add attributesFilter
@@ -996,9 +990,9 @@
// Add filter to search only parents of the given entry
af.append("(")
- .append(parentTypeConfiguration.getMembershipAttributeName())
+ .append(parentTypeConfiguration.getParentMembershipAttributeName())
.append("=");
- if (parentTypeConfiguration.isMembershipAttributeDN())
+ if (parentTypeConfiguration.isParentMembershipAttributeDN())
{
af.append(ldapIO.getDn());
}
@@ -1116,9 +1110,9 @@
// Construct new member attribute values
Attributes attrs = new BasicAttributes(true);
- Attribute member = new BasicAttribute(fromTypeConfig.getMembershipAttributeName());
+ Attribute member = new BasicAttribute(fromTypeConfig.getParentMembershipAttributeName());
- if (fromTypeConfig.isMembershipAttributeDN())
+ if (fromTypeConfig.isParentMembershipAttributeDN())
{
member.add(ldapToIO.getDn());
}
@@ -1195,9 +1189,9 @@
//construct new member attribute values
Attributes attrs = new BasicAttributes(true);
- Attribute member = new BasicAttribute(fromTypeConfig.getMembershipAttributeName());
+ Attribute member = new BasicAttribute(fromTypeConfig.getParentMembershipAttributeName());
- if (fromTypeConfig.isMembershipAttributeDN())
+ if (fromTypeConfig.isParentMembershipAttributeDN())
{
member.add(ldapToIO.getDn());
}
@@ -1277,7 +1271,7 @@
try
{
Attributes attrs = ldapContext.getAttributes(ldapFromIO.getDn());
- Attribute member = attrs.get(fromTypeConfig.getMembershipAttributeName());
+ Attribute member = attrs.get(fromTypeConfig.getParentMembershipAttributeName());
if (member != null)
{
@@ -1286,8 +1280,8 @@
{
String memberRef = memberValues.nextElement().toString();
- if ((fromTypeConfig.isMembershipAttributeDN() && memberRef.equals(ldapToIO.getDn())) ||
- (!fromTypeConfig.isMembershipAttributeDN() && memberRef.equals(ldapToIO.getName())))
+ if ((fromTypeConfig.isParentMembershipAttributeDN() && memberRef.equals(ldapToIO.getDn())) ||
+ (!fromTypeConfig.isParentMembershipAttributeDN() && memberRef.equals(ldapToIO.getName())))
{
//TODO: impl lacks support for rel type
relationships.add(new LDAPIdentityObjectRelationshipImpl(null, ldapFromIO, ldapToIO));
@@ -1402,10 +1396,18 @@
{
//TODO: support for empty password should be configurable
passwordString = credential.getValue().toString();
+ if (passwordString.length() == 0 && !getTypeConfiguration(ctx, identityObject.getIdentityType()).isAllowEmptyPassword())
+ {
+ return false;
+ }
}
else
{
- throw new IdentityException("Null password value");
+ if (!getTypeConfiguration(ctx, identityObject.getIdentityType()).isAllowEmptyPassword())
+ {
+ new IdentityException("Null password value");
+ }
+ passwordString = "";
}
LdapContext ldapContext = getLDAPContext(ctx);
@@ -1468,16 +1470,47 @@
// Handle generic impl
+ LDAPIdentityObjectTypeConfiguration typeConfig = getTypeConfiguration(ctx, identityObject.getIdentityType());
+
if (credential.getValue() != null)
{
//TODO: support for empty password should be configurable
passwordString = credential.getValue().toString();
+ if (passwordString.length() == 0 && !typeConfig.isAllowEmptyPassword())
+ {
+ new IdentityException("Empty password is not allowed by configuration");;
+ }
}
else
{
- throw new IdentityException("Null password value");
+ if (!typeConfig.isAllowEmptyPassword())
+ {
+ new IdentityException("Null password value");
+ }
+ passwordString = "";
}
+ if (typeConfig.getEnclosePasswordWith() != null)
+ {
+ String enc = typeConfig.getEnclosePasswordWith();
+ passwordString = enc + passwordString + enc;
+ }
+
+ byte[] encodedPassword = null;
+
+ if (typeConfig.getPasswordEncoding() != null)
+ {
+ try
+ {
+ encodedPassword = passwordString.getBytes(typeConfig.getPasswordEncoding());
+ }
+ catch (UnsupportedEncodingException e)
+ {
+ throw new IdentityException("Error while encoding password with configured setting: " + typeConfig.getPasswordEncoding(),
+ e);
+ }
+ }
+
String attributeName = getTypeConfiguration(ctx, ldapIO.getIdentityType()).getPasswordAttributeName();
if (attributeName == null)
@@ -1494,9 +1527,32 @@
Attributes attrs = new BasicAttributes(true);
Attribute attr = new BasicAttribute(attributeName);
- attr.add(passwordString);
+
+ if (encodedPassword != null)
+ {
+ attr.add(encodedPassword);
+ }
+ else
+ {
+ attr.add(passwordString);
+ }
+
attrs.put(attr);
+ if(typeConfig.getUpdatePasswordAttributeValues().size() > 0)
+ {
+ Map<String, String[]> attributesToAdd = typeConfig.getUpdatePasswordAttributeValues();
+ for (Map.Entry<String, String[]> entry : attributesToAdd.entrySet())
+ {
+ Attribute additionalAttr = new BasicAttribute(entry.getKey());
+ for (String val : entry.getValue())
+ {
+ additionalAttr.add(val);
+ }
+ }
+ attrs.put(attr);
+ }
+
ldapContext.modifyAttributes(ldapIO.getDn(), DirContext.REPLACE_ATTRIBUTE,attrs);
}
catch (NamingException e)
Modified: idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreSessionImpl.java
===================================================================
--- idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreSessionImpl.java 2009-08-07 21:17:36 UTC (rev 680)
+++ idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreSessionImpl.java 2009-08-07 22:56:43 UTC (rev 681)
@@ -22,14 +22,17 @@
package org.jboss.identity.idm.impl.store.ldap;
+import org.jboss.identity.idm.common.exception.IdentityException;
import org.jboss.identity.idm.spi.store.IdentityStoreSession;
-import org.jboss.identity.idm.common.exception.IdentityException;
-import javax.naming.ldap.LdapContext;
-import javax.naming.ldap.InitialLdapContext;
-import javax.naming.Context;
import java.util.Hashtable;
+import java.util.Map;
+import javax.naming.Context;
+import javax.naming.InitialContext;
+import javax.naming.ldap.InitialLdapContext;
+import javax.naming.ldap.LdapContext;
+
/**
* Session around LDAP store. Exposes LDAP connection (LdapContext) and does nothing for transaction related methods
*
@@ -38,40 +41,72 @@
*/
public class LDAPIdentityStoreSessionImpl implements IdentityStoreSession
{
+ private final LDAPIdentityStoreConfiguration storeConfig;
- private final String INITIAL_CONTEXT_FACTORY;
+ public LDAPIdentityStoreSessionImpl(LDAPIdentityStoreConfiguration storeConfig)
+ {
+ this.storeConfig = storeConfig;
- private final String PROVIDER_URL;
+ }
- private final String SECURITY_AUTHENTICATION;
- private final String SECURITY_PRINCIPAL;
+ public LdapContext getLdapContext() throws Exception
+ {
- private final String SECURITY_CREDENTIALS;
+ if (storeConfig.getExternalJNDIContext() != null)
+ {
+ InitialContext iniCtx = new InitialContext();
+ return (LdapContext)iniCtx.lookup(storeConfig.getExternalJNDIContext());
+ }
+ if (storeConfig.getCustomSystemProperties() != null &&
+ storeConfig.getCustomSystemProperties().size() > 0)
+ {
- public LDAPIdentityStoreSessionImpl(String INITIAL_CONTEXT_FACTORY,
- String PROVIDER_URL,
- String SECURITY_AUTHENTICATION,
- String SECURITY_PRINCIPAL,
- String SECURITY_CREDENTIALS)
- {
- this.INITIAL_CONTEXT_FACTORY = INITIAL_CONTEXT_FACTORY;
- this.PROVIDER_URL = PROVIDER_URL;
- this.SECURITY_AUTHENTICATION = SECURITY_AUTHENTICATION;
- this.SECURITY_PRINCIPAL = SECURITY_PRINCIPAL;
- this.SECURITY_CREDENTIALS = SECURITY_CREDENTIALS;
- }
+ Map<String, String> props = storeConfig.getCustomSystemProperties();
- public LdapContext getLdapContext() throws Exception
- {
+ for (String name : props.keySet())
+ {
+ System.setProperty(name, props.get(name));
+ }
+ }
+
Hashtable<String,String> env = new Hashtable<String,String>();
- env.put(Context.INITIAL_CONTEXT_FACTORY, INITIAL_CONTEXT_FACTORY);
- env.put(Context.PROVIDER_URL, PROVIDER_URL);
- env.put(Context.SECURITY_AUTHENTICATION, SECURITY_AUTHENTICATION);
- env.put(Context.SECURITY_PRINCIPAL, SECURITY_PRINCIPAL);
- env.put(Context.SECURITY_CREDENTIALS, SECURITY_CREDENTIALS);
+
+ env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
+
+ if (storeConfig.getProviderURL() != null)
+ {
+ env.put(Context.PROVIDER_URL, storeConfig.getProviderURL());
+
+ }
+ if (storeConfig.getAdminDN() != null)
+ {
+ env.put(Context.SECURITY_PRINCIPAL, storeConfig.getAdminDN());
+
+ }
+ if (storeConfig.getAdminPassword() != null)
+ {
+ env.put(Context.SECURITY_CREDENTIALS, storeConfig.getAdminPassword());
+
+ }
+
+ env.put(Context.SECURITY_AUTHENTICATION, "simple");
+
+ if (storeConfig.getCustomJNDIConnectionParameters() != null &&
+ storeConfig.getCustomJNDIConnectionParameters().size() > 0)
+ {
+
+ Map<String, String> params = storeConfig.getCustomJNDIConnectionParameters();
+
+ for (String name : params.keySet())
+ {
+ env.put(name, params.get(name));
+ }
+ }
+
+
return new InitialLdapContext(env, null);
}
Modified: idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityObjectTypeConfiguration.java
===================================================================
--- idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityObjectTypeConfiguration.java 2009-08-07 21:17:36 UTC (rev 680)
+++ idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityObjectTypeConfiguration.java 2009-08-07 22:56:43 UTC (rev 681)
@@ -47,21 +47,37 @@
private final String entrySearchFilter;
+ private final String entrySearchScope;
+
private final boolean allowCreateEntry;
private final Map<String, String[]> createEntryAttributeValues;
private final String[] allowedMembershipTypes;
- private final String membershipAttributeName;
+ private final String parentMembershipAttributeName;
- private final boolean isMembershipAttributeDN;
+ private final boolean isParentMembershipAttributeDN;
private final boolean allowEmptyMemberships;
private final Map<String, String> attributeNames;
+ private final String childMembershipAttributeName;
+ private final boolean isChildMembershipAttributeDN;
+
+ private final boolean allowEmptyPassword;
+
+ private final String enclosePasswordWith;
+
+ private final String passwordEncoding;
+
+ private final Map<String, String[]> updatePasswordAttributeValues;
+
+ private final boolean subentryMembershipLookup;
+
+
//Consts
public static final String ID_ATTRIBUTE_NAME = "idAttributeName";
@@ -72,24 +88,45 @@
public static final String ENTRY_SEARCH_FILTER = "entrySearchFilter";
+ public static final String ENTRY_SEARCH_SCOPE = "entrySearchScope";
+
public static final String ALLOW_CREATE_ENTRY = "allowCreateEntry";
- public static final String MEMBERSHIP_ATTRIBUTE_NAME = "membershipAttributeName";
+ public static final String PARENT_MEMBERSHIP_ATTRIBUTE_NAME = "parentMembershipAttributeName";
- public static final String IS_MEMBERSHIP_ATTRIBUTE_DN = "isMembershipAttributeDN";
+ public static final String IS_PARENT_MEMBERSHIP_ATTRIBUTE_DN = "isParentMembershipAttributeDN";
- public static final String ALLOW_EMPTY_MEMBERSHIPS = "allowEmptyMemberships";
+ public static final String ALLOW_EMPTY_MEMBERSHIPS = "isAllowEmptyMemberships";
public static final String CREATE_ENTRY_ATTRIBUTE_VALUES = "createEntryAttributeValues";
+ public static final String CHILD_MEMBERSHIP_ATTRIBUTE_NAME = "childMembershipAttributeName";
+ public static final String CHILD_MEMBERSHIP_ATTRIBUTE_DN = "childMembershipAttributeDN";
+ public static final String ALLOW_EMPTY_PASSWORD = "allowEmptyPassword";
+
+ public static final String ENCLOSE_PASSWORD_WITH = "enclosePasswordWith";
+
+ public static final String PASSWORD_ENCODIGN = "passwordEncoding";
+
+ public static final String SUBENTRY_MEMBERSHIP_LOOKUP = "subentryMembershipLookup";
+
+ public static final String PASSWORD_UPDATE_ATTRIBUTE_VALUES = "passwordUpdateAttributeValues";
+
+
public SimpleLDAPIdentityObjectTypeConfiguration(IdentityObjectTypeMetaData objectTypeMD)
{
this.idAttributeName = objectTypeMD.getOptionSingleValue(ID_ATTRIBUTE_NAME);
this.passwordAttributeName = objectTypeMD.getOptionSingleValue(PASSWORD_ATTRIBUTE_NAME);
this.entrySearchFilter = objectTypeMD.getOptionSingleValue(ENTRY_SEARCH_FILTER);
- this.membershipAttributeName = objectTypeMD.getOptionSingleValue(MEMBERSHIP_ATTRIBUTE_NAME);
+ this.entrySearchScope = objectTypeMD.getOptionSingleValue(ENTRY_SEARCH_SCOPE);
+ this.parentMembershipAttributeName = objectTypeMD.getOptionSingleValue(PARENT_MEMBERSHIP_ATTRIBUTE_NAME);
+ this.childMembershipAttributeName = objectTypeMD.getOptionSingleValue(CHILD_MEMBERSHIP_ATTRIBUTE_NAME);
+ this.enclosePasswordWith = objectTypeMD.getOptionSingleValue(ENCLOSE_PASSWORD_WITH);
+ this.passwordEncoding = objectTypeMD.getOptionSingleValue(PASSWORD_ENCODIGN);
+
+
String allowCreateEntry = objectTypeMD.getOptionSingleValue(ALLOW_CREATE_ENTRY);
if (allowCreateEntry != null && allowCreateEntry.equalsIgnoreCase("true"))
{
@@ -100,14 +137,14 @@
this.allowCreateEntry = false;
}
- String isMembershipAttributeDN = objectTypeMD.getOptionSingleValue(IS_MEMBERSHIP_ATTRIBUTE_DN);
+ String isMembershipAttributeDN = objectTypeMD.getOptionSingleValue(IS_PARENT_MEMBERSHIP_ATTRIBUTE_DN);
if (isMembershipAttributeDN != null && isMembershipAttributeDN.equalsIgnoreCase("true"))
{
- this.isMembershipAttributeDN = true;
+ this.isParentMembershipAttributeDN = true;
}
else
{
- this.isMembershipAttributeDN = false;
+ this.isParentMembershipAttributeDN = false;
}
String allowEmptyMemberships = objectTypeMD.getOptionSingleValue(ALLOW_EMPTY_MEMBERSHIPS);
@@ -120,6 +157,36 @@
this.allowEmptyMemberships = false;
}
+ String isChildMembershipAttributeDN = objectTypeMD.getOptionSingleValue(CHILD_MEMBERSHIP_ATTRIBUTE_DN);
+ if (isChildMembershipAttributeDN != null && isChildMembershipAttributeDN.equalsIgnoreCase("true"))
+ {
+ this.isChildMembershipAttributeDN = true;
+ }
+ else
+ {
+ this.isChildMembershipAttributeDN = false;
+ }
+
+ String allowEmptyPassword = objectTypeMD.getOptionSingleValue(ALLOW_EMPTY_PASSWORD);
+ if (allowEmptyPassword != null && allowEmptyPassword.equalsIgnoreCase("true"))
+ {
+ this.allowEmptyPassword = true;
+ }
+ else
+ {
+ this.allowEmptyPassword = false;
+ }
+
+ String subentryMembershipLookup = objectTypeMD.getOptionSingleValue(SUBENTRY_MEMBERSHIP_LOOKUP);
+ if (subentryMembershipLookup != null && subentryMembershipLookup.equalsIgnoreCase("true"))
+ {
+ this.subentryMembershipLookup = true;
+ }
+ else
+ {
+ this.subentryMembershipLookup = false;
+ }
+
List<String> relationships = new LinkedList<String>();
if (objectTypeMD.getRelationships() != null)
@@ -194,39 +261,59 @@
this.createEntryAttributeValues = Collections.unmodifiableMap(new HashMap<String, String[]>());
}
+
+
+ Map<String, List<String>> updatePasswordAttributesMap = new HashMap<String, List<String>>();
+
+ List<String> passwordUpdateAttributes = objectTypeMD.getOption(PASSWORD_UPDATE_ATTRIBUTE_VALUES);
+
+ if (passwordUpdateAttributes != null && passwordUpdateAttributes.size() > 0 )
+ {
+ for (String attribute : passwordUpdateAttributes)
+ {
+ String[] parts = attribute.split("=", 2);
+ if (parts.length != 2)
+ {
+ continue;
+ }
+
+ String name = parts[0];
+ String value = parts[1];
+
+ if (!updatePasswordAttributesMap.containsKey(name))
+ {
+ List<String> list = new LinkedList<String>();
+ list.add(value);
+ updatePasswordAttributesMap.put(name, list);
+ }
+ else
+ {
+ updatePasswordAttributesMap.get(name).add(value);
+ }
+ }
+
+ Map<String, String[]> createEntryAttributesArray = new HashMap<String, String[]>();
+
+ for (Map.Entry<String, List<String>> entry : updatePasswordAttributesMap.entrySet())
+ {
+ createEntryAttributesArray.put(entry.getKey(), entry.getValue().toArray(new String[entry.getValue().size()]));
+ }
+
+ this.updatePasswordAttributeValues = Collections.unmodifiableMap(createEntryAttributesArray);
+ }
+ else
+ {
+ this.updatePasswordAttributeValues = Collections.unmodifiableMap(new HashMap<String, String[]>());
+ }
+
//TODO: validate all required options - throw exception for missing ones and set defaults for others
}
- public SimpleLDAPIdentityObjectTypeConfiguration(String idAttributeName,
- String passwordAttributeName,
- String[] ctxDNs,
- String entrySearchFilter,
- boolean allowCreateEntry,
- Map<String, String[]> createEntryAttributeValues,
- String[] allowedMembershipTypes,
- String membershipAttributeName,
- boolean membershipAttributeDN,
- boolean allowEmptyMemberships,
- Map<String, String> attributeNames)
- {
- this.idAttributeName = idAttributeName;
- this.passwordAttributeName = passwordAttributeName;
- this.ctxDNs = ctxDNs.clone();
- this.entrySearchFilter = entrySearchFilter;
- this.allowCreateEntry = allowCreateEntry;
- this.createEntryAttributeValues = Collections.unmodifiableMap(createEntryAttributeValues);
- this.allowedMembershipTypes = allowedMembershipTypes.clone();
- this.membershipAttributeName = membershipAttributeName;
- isMembershipAttributeDN = membershipAttributeDN;
- this.allowEmptyMemberships = allowEmptyMemberships;
- this.attributeNames = Collections.unmodifiableMap(attributeNames);
- }
-
public String getIdAttributeName()
{
return idAttributeName;
@@ -257,17 +344,17 @@
return allowedMembershipTypes.clone();
}
- public String getMembershipAttributeName()
+ public String getParentMembershipAttributeName()
{
- return membershipAttributeName;
+ return parentMembershipAttributeName;
}
- public boolean isMembershipAttributeDN()
+ public boolean isParentMembershipAttributeDN()
{
- return isMembershipAttributeDN;
+ return isParentMembershipAttributeDN;
}
- public boolean allowEmptyMemberships()
+ public boolean isAllowEmptyMemberships()
{
return allowEmptyMemberships;
}
@@ -282,58 +369,54 @@
return passwordAttributeName;
}
- // public void setIdAttributeName(String idAttributeName)
-// {
-// this.idAttributeName = idAttributeName;
-// }
-//
-// public void setCtxDNs(String[] ctxDNs)
-// {
-// this.ctxDNs = ctxDNs;
-// }
-//
-// public void setEntrySearchFilter(String entrySearchFilter)
-// {
-// this.entrySearchFilter = entrySearchFilter;
-// }
-//
-// public void setAllowCreateEntry(boolean allowCreateEntry)
-// {
-// this.allowCreateEntry = allowCreateEntry;
-// }
-//
-// public void setCreateEntryAttributeValues(Map<String, String[]> createEntryAttributeValues)
-// {
-// this.createEntryAttributeValues = createEntryAttributeValues;
-// }
-//
-// public void setAllowedMembershipTypes(String[] allowedMembershipTypes)
-// {
-// this.allowedMembershipTypes = allowedMembershipTypes;
-// }
-//
-// public void setMembershipAttributeName(String membershipAttributeName)
-// {
-// this.membershipAttributeName = membershipAttributeName;
-// }
-//
-// public void setMembershipAttributeDN(boolean membershipAttributeDN)
-// {
-// isMembershipAttributeDN = membershipAttributeDN;
-// }
-//
-// public void setAllowEmptyMemberships(boolean allowEmptyMemberships)
-// {
-// this.allowEmptyMemberships = allowEmptyMemberships;
-// }
-//
-// public void setAttributeNames(Map<String, String> attributeNames)
-// {
-// this.attributeNames = attributeNames;
-// }
-
+
public Set<String> getMappedAttributesNames()
{
return Collections.unmodifiableSet(attributeNames.keySet());
}
+
+ public String getEntrySearchScope()
+ {
+ return entrySearchScope;
+ }
+
+ public Map<String, String> getAttributeNames()
+ {
+ return attributeNames;
+ }
+
+ public String getChildMembershipAttributeName()
+ {
+ return childMembershipAttributeName;
+ }
+
+ public boolean isChildMembershipAttributeDN()
+ {
+ return isChildMembershipAttributeDN;
+ }
+
+ public boolean isAllowEmptyPassword()
+ {
+ return allowEmptyPassword;
+ }
+
+ public String getEnclosePasswordWith()
+ {
+ return enclosePasswordWith;
+ }
+
+ public String getPasswordEncoding()
+ {
+ return passwordEncoding;
+ }
+
+ public Map<String, String[]> getUpdatePasswordAttributeValues()
+ {
+ return updatePasswordAttributeValues;
+ }
+
+ public boolean isSubentryMembershipLookup()
+ {
+ return subentryMembershipLookup;
+ }
}
Modified: idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityStoreConfiguration.java
===================================================================
--- idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityStoreConfiguration.java 2009-08-07 21:17:36 UTC (rev 680)
+++ idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityStoreConfiguration.java 2009-08-07 22:56:43 UTC (rev 681)
@@ -29,13 +29,19 @@
import java.util.Map;
import java.util.HashMap;
+import java.util.List;
+import java.util.LinkedList;
+import java.util.Collections;
/**
* @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw Dawidowicz</a>
* @version : 0.1 $
*/
-public class SimpleLDAPIdentityStoreConfiguration implements LDAPIdentityStoreConfiguration
+public class SimpleLDAPIdentityStoreConfiguration
+ implements LDAPIdentityStoreConfiguration
{
+ private final IdentityStoreConfigurationMetaData configurationMetaData;
+
private final String providerURL;
private final String adminDN;
@@ -46,7 +52,35 @@
private final Map<String, LDAPIdentityObjectTypeConfiguration> typesConfiguration;
+ private final Map<String, String> customJNDIConnectionParameters;
+ private final Map<String, String> customSystemProperties;
+
+ private final String externalJNDIContext;
+
+ private final String membershipToRelationshipTypeMapping;
+
+ private final boolean supportNamedRelationships;
+
+ private final String[] relationshipNamesCtxDNs;
+
+ private final String relationshipNameSearchFilter;
+
+ private final String relationshipNameSearchScope;
+
+ private final Map<String, String[]> relationshipNameCreateEntryAttributeValues;
+
+ private final String relationshipNameAttributeName;
+
+ private final String namedRelationshipSearchFilter;
+
+ private final Map<String, String[]> namedRelationshipCreateEntryAttributeValues;
+
+ private final String namedRelationshipNameAttributeName;
+
+ private final String namedRelationshipMemberAttributeName;
+
+
// Consts
public static final String PROVIDER_URL = "providerURL";
@@ -59,6 +93,34 @@
public static final int SEARCH_TIME_LIMIT_DEFAULT = 10000;
+ public static final String CUSTOM_JNDI_CONNECTION_PARAMETERS = "customJNDIConnectionParameters";
+
+ public static final String CUSTOM_SYSTEM_PROPERTIES = "customSystemProperties";
+
+ public static final String EXTERNAL_JNDI_CONTEXT = "externalJNDIContext";
+
+ public static final String MEMBERSHIP_TO_RELATIONSHIP_TYPE_MAPPING = "membershipToRelationshipTypeMapping";
+
+ public static final String SUPPORT_NAMED_RELATIONSHIPS = "supportNamedRelationships";
+
+ public static final String RELATIONSHIP_NAMES_CTX_DNS = "relationshipNamesCtxDNs";
+
+ public static final String RELATIONSHIP_NAME_SEARCH_FILTER = "relationshipNameSearchFilter";
+
+ public static final String RELATIONSHIP_NAME_SEARCH_SCOPE = "relationshipNameSearchScope";
+
+ public static final String RELATIONSHOP_NAME_CREATE_ENTRY_ATTRIBUTE_VALUES = "relationshipNameCreateEntryAttributeValues";
+
+ public static final String RELATIONSHIP_NAME_ATTRIBUTE_NAME = "relationshipNameAttributeName";
+
+ public static final String NAMED_RELATIONSHIP_SEARCH_FILTER = "namedRelationshipSearchFilter";
+
+ public static final String NAMED_RELATIONSHIP_CREATE_ENTRY_ATTRIBUTE_VALUES = "namedRelationshipCreateEntryAttributeValues";
+
+ public static final String NAMED_RELATIONSHIP_NAME_ATTRIBUTE_NAME = "namedRelationshipNameAttributeName";
+
+ public static final String NAMED_RELATIONSHIP_MEMBER_ATTRIBUTE_NAME = "namedRelationshipMemberAttributeName";
+
public SimpleLDAPIdentityStoreConfiguration(IdentityStoreConfigurationMetaData storeMD)
{
if (storeMD == null)
@@ -66,20 +128,41 @@
throw new IllegalArgumentException();
}
- providerURL = storeMD.getOptionSingleValue(PROVIDER_URL);
- adminDN = storeMD.getOptionSingleValue(ADMIN_DN);
- adminPassword = storeMD.getOptionSingleValue(ADMIN_PASSWORD);
+
+ this.configurationMetaData = storeMD;
+ this.providerURL = storeMD.getOptionSingleValue(PROVIDER_URL);
+ this.adminDN = storeMD.getOptionSingleValue(ADMIN_DN);
+ this.adminPassword = storeMD.getOptionSingleValue(ADMIN_PASSWORD);
+ this.externalJNDIContext = storeMD.getOptionSingleValue(EXTERNAL_JNDI_CONTEXT);
+ this.membershipToRelationshipTypeMapping = storeMD.getOptionSingleValue(MEMBERSHIP_TO_RELATIONSHIP_TYPE_MAPPING);
+ this.relationshipNameSearchFilter = storeMD.getOptionSingleValue(RELATIONSHIP_NAME_SEARCH_FILTER);
+ this.relationshipNameSearchScope = storeMD.getOptionSingleValue(RELATIONSHIP_NAME_SEARCH_SCOPE);
+ this.relationshipNameAttributeName = storeMD.getOptionSingleValue(RELATIONSHIP_NAME_ATTRIBUTE_NAME);
+ this.namedRelationshipSearchFilter = storeMD.getOptionSingleValue(NAMED_RELATIONSHIP_SEARCH_FILTER);
+ this.namedRelationshipNameAttributeName = storeMD.getOptionSingleValue(NAMED_RELATIONSHIP_NAME_ATTRIBUTE_NAME);
+ this.namedRelationshipMemberAttributeName = storeMD.getOptionSingleValue(NAMED_RELATIONSHIP_MEMBER_ATTRIBUTE_NAME);
String searchTL = storeMD.getOptionSingleValue(SEARCH_TIME_LIMIT);
if (searchTL != null)
{
- searchTimeLimit = Integer.valueOf(searchTL);
+ this.searchTimeLimit = Integer.valueOf(searchTL);
}
else
{
- searchTimeLimit = SEARCH_TIME_LIMIT_DEFAULT;
+ this.searchTimeLimit = SEARCH_TIME_LIMIT_DEFAULT;
}
+ String supportNamedRelationships = storeMD.getOptionSingleValue(SUPPORT_NAMED_RELATIONSHIPS);
+ if (supportNamedRelationships != null && supportNamedRelationships.equalsIgnoreCase("true"))
+ {
+ this.supportNamedRelationships = true;
+ }
+ else
+ {
+ this.supportNamedRelationships = false;
+ }
+
+
Map<String, LDAPIdentityObjectTypeConfiguration> types = new HashMap<String, LDAPIdentityObjectTypeConfiguration>();
for (IdentityObjectTypeMetaData identityObjectTypeMetaData : storeMD.getSupportedIdentityTypes())
@@ -89,8 +172,161 @@
}
- typesConfiguration = types;
+ List<String> dns = storeMD.getOption(RELATIONSHIP_NAMES_CTX_DNS);
+ if (dns != null)
+ {
+ this.relationshipNamesCtxDNs = dns.toArray(new String[dns.size()]);
+ }
+ else
+ {
+ this.relationshipNamesCtxDNs = null;
+ }
+ this.typesConfiguration = types;
+
+
+ Map<String, List<String>> createNamedRelationshipEntryAttributesMap = new HashMap<String, List<String>>();
+
+ List<String> createNamedRelationshipAttributes = storeMD.getOption(NAMED_RELATIONSHIP_CREATE_ENTRY_ATTRIBUTE_VALUES);
+
+ if (createNamedRelationshipAttributes != null && createNamedRelationshipAttributes.size() > 0)
+ {
+ for (String attribute : createNamedRelationshipAttributes)
+ {
+ String[] parts = attribute.split("=", 2);
+ if (parts.length != 2)
+ {
+ continue;
+ }
+
+ String name = parts[0];
+ String value = parts[1];
+
+ if (!createNamedRelationshipEntryAttributesMap.containsKey(name))
+ {
+ List<String> list = new LinkedList<String>();
+ list.add(value);
+ createNamedRelationshipEntryAttributesMap.put(name, list);
+ }
+ else
+ {
+ createNamedRelationshipEntryAttributesMap.get(name).add(value);
+ }
+ }
+
+ Map<String, String[]> createEntryAttributesArray = new HashMap<String, String[]>();
+
+ for (Map.Entry<String, List<String>> entry : createNamedRelationshipEntryAttributesMap.entrySet())
+ {
+ createEntryAttributesArray.put(entry.getKey(), entry.getValue().toArray(new String[entry.getValue().size()]));
+ }
+
+ this.namedRelationshipCreateEntryAttributeValues = Collections.unmodifiableMap(createEntryAttributesArray);
+ }
+ else
+ {
+ this.namedRelationshipCreateEntryAttributeValues = Collections.unmodifiableMap(new HashMap<String, String[]>());
+ }
+
+ Map<String, List<String>> createRelationshipNameEntryAttributesMap = new HashMap<String, List<String>>();
+
+ List<String> createRelationshipNameAttributes = storeMD.getOption(RELATIONSHOP_NAME_CREATE_ENTRY_ATTRIBUTE_VALUES);
+
+ if (createRelationshipNameAttributes != null && createRelationshipNameAttributes.size() > 0 )
+ {
+ for (String attribute : createRelationshipNameAttributes)
+ {
+ String[] parts = attribute.split("=", 2);
+ if (parts.length != 2)
+ {
+ continue;
+ }
+
+ String name = parts[0];
+ String value = parts[1];
+
+ if (!createRelationshipNameEntryAttributesMap.containsKey(name))
+ {
+ List<String> list = new LinkedList<String>();
+ list.add(value);
+ createRelationshipNameEntryAttributesMap.put(name, list);
+ }
+ else
+ {
+ createRelationshipNameEntryAttributesMap.get(name).add(value);
+ }
+ }
+
+ Map<String, String[]> createEntryAttributesArray = new HashMap<String, String[]>();
+
+ for (Map.Entry<String, List<String>> entry : createRelationshipNameEntryAttributesMap.entrySet())
+ {
+ createEntryAttributesArray.put(entry.getKey(), entry.getValue().toArray(new String[entry.getValue().size()]));
+ }
+
+ this.relationshipNameCreateEntryAttributeValues = Collections.unmodifiableMap(createEntryAttributesArray);
+ }
+ else
+ {
+ this.relationshipNameCreateEntryAttributeValues = Collections.unmodifiableMap(new HashMap<String, String[]>());
+ }
+
+ List<String> customJndiParams = storeMD.getOption(CUSTOM_JNDI_CONNECTION_PARAMETERS);
+
+ Map<String, String> customJndiParamsMap = new HashMap<String, String>();
+
+ if (customJndiParams != null && customJndiParams.size() > 0 )
+ {
+ for (String param : customJndiParams)
+ {
+ String[] parts = param.split("=", 2);
+ if (parts.length != 2)
+ {
+ continue;
+ }
+
+ String name = parts[0];
+ String value = parts[1];
+
+ customJndiParamsMap.put(name, value);
+
+ }
+
+ this.customJNDIConnectionParameters = Collections.unmodifiableMap(customJndiParamsMap);
+ }
+ else
+ {
+ this.customJNDIConnectionParameters = Collections.unmodifiableMap(new HashMap<String, String>());
+ }
+
+ List<String> customSystemProps = storeMD.getOption(CUSTOM_SYSTEM_PROPERTIES);
+
+ Map<String, String> customSystemProperties = new HashMap<String, String>();
+
+ if (customSystemProps != null && customSystemProps.size() > 0 )
+ {
+ for (String param : customSystemProps)
+ {
+ String[] parts = param.split("=", 2);
+ if (parts.length != 2)
+ {
+ continue;
+ }
+
+ String name = parts[0];
+ String value = parts[1];
+
+ customSystemProperties.put(name, value);
+
+ }
+
+ this.customSystemProperties = Collections.unmodifiableMap(customSystemProperties);
+ }
+ else
+ {
+ this.customSystemProperties = Collections.unmodifiableMap(new HashMap<String, String>());
+ }
+
//TODO: validate if critical values are present
@@ -134,5 +370,84 @@
return types;
}
-
+
+ public IdentityStoreConfigurationMetaData getConfigurationMetaData()
+ {
+ return configurationMetaData;
+ }
+
+ public Map<String, LDAPIdentityObjectTypeConfiguration> getTypesConfiguration()
+ {
+ return typesConfiguration;
+ }
+
+ public Map<String, String> getCustomJNDIConnectionParameters()
+ {
+ return customJNDIConnectionParameters;
+ }
+
+ public Map<String, String> getCustomSystemProperties()
+ {
+ return customSystemProperties;
+ }
+
+ public String getExternalJNDIContext()
+ {
+ return externalJNDIContext;
+ }
+
+ public String getMembershipToRelationshipTypeMapping()
+ {
+ return membershipToRelationshipTypeMapping;
+ }
+
+ public boolean isSupportNamedRelationships()
+ {
+ return supportNamedRelationships;
+ }
+
+ public String[] getRelationshipNamesCtxDNs()
+ {
+ return relationshipNamesCtxDNs;
+ }
+
+ public String getRelationshipNameSearchFilter()
+ {
+ return relationshipNameSearchFilter;
+ }
+
+ public String getRelationshipNameSearchScope()
+ {
+ return relationshipNameSearchScope;
+ }
+
+ public Map<String, String[]> getRelationshipNameCreateEntryAttributeValues()
+ {
+ return relationshipNameCreateEntryAttributeValues;
+ }
+
+ public String getRelationshipNameAttributeName()
+ {
+ return relationshipNameAttributeName;
+ }
+
+ public String getNamedRelationshipSearchFilter()
+ {
+ return namedRelationshipSearchFilter;
+ }
+
+ public Map<String, String[]> getNamedRelationshipCreateEntryAttributeValues()
+ {
+ return namedRelationshipCreateEntryAttributeValues;
+ }
+
+ public String getNamedRelationshipNameAttributeName()
+ {
+ return namedRelationshipNameAttributeName;
+ }
+
+ public String getNamedRelationshipMemberAttributeName()
+ {
+ return namedRelationshipMemberAttributeName;
+ }
}
Modified: idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/IdentityTestPOJO.java
===================================================================
--- idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/IdentityTestPOJO.java 2009-08-07 21:17:36 UTC (rev 680)
+++ idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/IdentityTestPOJO.java 2009-08-07 22:56:43 UTC (rev 681)
@@ -22,32 +22,31 @@
package org.jboss.identity.idm.impl;
-import org.jboss.unit.api.pojo.annotations.Parameter;
-import static org.jboss.unit.api.Assert.assertTrue;
-import org.jboss.portal.test.framework.embedded.JNDISupport;
-import org.jboss.portal.test.framework.embedded.ConnectionManagerSupport;
-import org.jboss.portal.test.framework.embedded.TransactionManagerSupport;
-import org.jboss.portal.test.framework.embedded.DataSourceSupport;
-import org.jboss.portal.test.framework.embedded.HibernateSupport;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObject;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectAttribute;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttribute;
-import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectTextAttribute;
+import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttributeValue;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectCredential;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectCredentialType;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectRelationship;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectRelationshipName;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectRelationshipType;
+import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectTextAttribute;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectType;
import org.jboss.identity.idm.impl.model.hibernate.HibernateRealm;
-import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttributeValue;
import org.jboss.identity.idm.test.HibernateAnnotationsSupport;
-import org.hibernate.SessionFactory;
+import org.jboss.portal.test.framework.embedded.ConnectionManagerSupport;
+import org.jboss.portal.test.framework.embedded.DataSourceSupport;
+import org.jboss.portal.test.framework.embedded.HibernateSupport;
+import org.jboss.portal.test.framework.embedded.JNDISupport;
+import org.jboss.portal.test.framework.embedded.TransactionManagerSupport;
+import org.jboss.unit.api.pojo.annotations.Parameter;
-import java.util.List;
import java.util.LinkedList;
+import java.util.List;
import junit.framework.TestCase;
+import org.hibernate.SessionFactory;
/**
@@ -57,7 +56,7 @@
public class IdentityTestPOJO extends TestCase
{
- private String identityConfig = "test-identity-config.xml";
+ protected String identityConfig = "test-identity-config.xml";
private String realmName;
@@ -141,7 +140,7 @@
public void overrideFromProperties() throws Exception
{
- String dsName =System.getProperties().getProperty("dataSourceName");
+ String dsName = System.getProperties().getProperty("dataSourceName");
if (dsName != null && !dsName.startsWith("$"))
{
Modified: idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/LDAPTestPOJO.java
===================================================================
--- idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/LDAPTestPOJO.java 2009-08-07 21:17:36 UTC (rev 680)
+++ idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/LDAPTestPOJO.java 2009-08-07 22:56:43 UTC (rev 681)
@@ -23,20 +23,21 @@
package org.jboss.identity.idm.impl;
import org.jboss.identity.idm.opends.OpenDSService;
+import org.jboss.portal.test.framework.embedded.DSConfig;
import org.jboss.unit.api.pojo.annotations.Parameter;
-import org.opends.server.tools.LDAPModify;
+import java.net.URL;
+import java.util.Hashtable;
+
+import javax.naming.Binding;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
-import javax.naming.Binding;
import javax.naming.directory.DirContext;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
-import java.util.Hashtable;
-import java.io.File;
-import java.net.URL;
-import java.net.URISyntaxException;
+import org.opends.server.tools.LDAPModify;
+
/**
* @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw Dawidowicz</a>
* @version : 0.1 $
@@ -44,49 +45,55 @@
public class LDAPTestPOJO extends IdentityTestPOJO
{
- private String directoryName = "EmbeddedOpenDS";
+ private String EMBEDDED_OPEN_DS_DIRECTORY_NAME = "EmbeddedOpenDS";
- public static final String LDAP_HOST = "localhost";
+ protected DSConfig directoryConfig;
- public static final String LDAP_PORT = "10389";
+ private String directories = "datasources/directories.xml";
- public static final String LDAP_PROVIDER_URL = "ldap://" + LDAP_HOST + ":" + LDAP_PORT;
+ //By default use embedded OpenDS
+ private String directoryName = EMBEDDED_OPEN_DS_DIRECTORY_NAME;
- public static final String LDAP_PRINCIPAL = "cn=Directory Manager";
-
- public static final String LDAP_CREDENTIALS = "password";
-
public static Hashtable<String,String> env = new Hashtable<String,String>();
- static
- {
- env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
- env.put(Context.PROVIDER_URL, LDAP_PROVIDER_URL);
- env.put(Context.SECURITY_AUTHENTICATION, "simple");
- env.put(Context.SECURITY_PRINCIPAL, LDAP_PRINCIPAL);
- env.put(Context.SECURITY_CREDENTIALS, LDAP_CREDENTIALS);
- }
-
OpenDSService openDSService = new OpenDSService(null);
@Override
public void start() throws Exception
{
+
+ overrideFromProperties();
+
+ directoryConfig = DSConfig.obtainConfig(directories, directoryName);
+
+ identityConfig = directoryConfig.getConfigFile();
+
super.start();
+ env.put(Context.INITIAL_CONTEXT_FACTORY, directoryConfig.getContextFactory());
+ //Use description to store URL to be able to prefix with "ldaps://"
+ env.put(Context.PROVIDER_URL, directoryConfig.getDescription());
+ env.put(Context.SECURITY_AUTHENTICATION, "simple");
+ env.put(Context.SECURITY_PRINCIPAL, directoryConfig.getAdminDN());
+ env.put(Context.SECURITY_CREDENTIALS, directoryConfig.getAdminPassword());
- openDSService.start();
-
-
+ if (directoryName.equals(EMBEDDED_OPEN_DS_DIRECTORY_NAME))
+ {
+ openDSService.start();
+ }
}
@Override
public void stop() throws Exception
{
+ cleanUp(new InitialLdapContext(env, null));
+
super.stop();
- cleanUp(new InitialLdapContext(env, null));
- openDSService.stop();
+ if (directoryName.equals(EMBEDDED_OPEN_DS_DIRECTORY_NAME))
+ {
+ openDSService.stop();
+ }
}
@@ -114,14 +121,14 @@
return directoryName;
}
- public void populate() throws Exception
- {
- populateLDIF("ldap/initial-opends.ldif");
- }
+// public void populate() throws Exception
+// {
+// populateLDIF("ldap/initial-opends.ldif");
+// }
public void populateClean() throws Exception
{
- populateLDIF("ldap/initial-empty-opends.ldif");
+ populateLDIF(directoryConfig.getPopulateLdif());
}
public void populateLDIF(String ldif) throws Exception
@@ -131,13 +138,14 @@
System.out.println("LDIF: " + ldifURL.toURI().getPath());
- String[] cmd = new String[] {"-h", LDAP_HOST,
- "-p", LDAP_PORT,
- "-D", LDAP_PRINCIPAL,
- "-w", LDAP_CREDENTIALS,
+ String[] cmd = new String[] {"-h", directoryConfig.getHost(),
+ "-p", directoryConfig.getPort(),
+ "-D", directoryConfig.getAdminDN(),
+ "-w", directoryConfig.getAdminPassword(),
"-a", "-f", ldifURL.toURI().getPath()};
- System.out.println("Populate success: " + (LDAPModify.mainModify(cmd, false, System.out, System.err) == 0));
+// System.out.println("Populate success: " + (LDAPModify.mainModify(cmd, false, System.out, System.err) == 0));
+ System.out.println("Populate success: " + (LDAPModify.mainModify(cmd) == 0));
}
@@ -145,7 +153,7 @@
{
try
{
- String dn = "dc=portal,dc=example,dc=com";
+ String dn = directoryConfig.getCleanUpDN();
System.out.println("Removing: " + dn);
Modified: idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreTestCase.java
===================================================================
--- idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreTestCase.java 2009-08-07 21:17:36 UTC (rev 680)
+++ idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreTestCase.java 2009-08-07 22:56:43 UTC (rev 681)
@@ -22,34 +22,30 @@
package org.jboss.identity.idm.impl.store.ldap;
+import org.jboss.identity.idm.common.exception.IdentityException;
+import org.jboss.identity.idm.impl.LDAPTestPOJO;
+import org.jboss.identity.idm.impl.configuration.IdentityConfigurationImpl;
+import org.jboss.identity.idm.impl.configuration.IdentityStoreConfigurationContextImpl;
+import org.jboss.identity.idm.impl.configuration.jaxb2.JAXB2IdentityConfiguration;
+import org.jboss.identity.idm.impl.store.CommonIdentityStoreTest;
+import org.jboss.identity.idm.impl.store.IdentityStoreTestContext;
+import org.jboss.identity.idm.spi.configuration.IdentityConfigurationContextRegistry;
+import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext;
+import org.jboss.identity.idm.spi.configuration.metadata.IdentityConfigurationMetaData;
+import org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData;
import org.jboss.identity.idm.spi.store.IdentityStore;
import org.jboss.identity.idm.spi.store.IdentityStoreInvocationContext;
import org.jboss.identity.idm.spi.store.IdentityStoreSession;
-import org.jboss.identity.idm.spi.model.IdentityObject;
-import org.jboss.identity.idm.spi.model.IdentityObjectAttribute;
-import org.jboss.identity.idm.spi.configuration.metadata.IdentityConfigurationMetaData;
-import org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData;
-import org.jboss.identity.idm.spi.configuration.IdentityConfigurationContextRegistry;
-import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext;
-import org.jboss.identity.idm.impl.store.IdentityTypeEnum;
-import org.jboss.identity.idm.impl.store.CommonIdentityStoreTest;
-import org.jboss.identity.idm.impl.store.IdentityStoreTestContext;
-import org.jboss.identity.idm.impl.configuration.jaxb2.JAXB2IdentityConfiguration;
-import org.jboss.identity.idm.impl.configuration.IdentityConfigurationImpl;
-import org.jboss.identity.idm.impl.configuration.IdentityStoreConfigurationContextImpl;
-import org.jboss.identity.idm.impl.api.SimpleAttribute;
-import org.jboss.identity.idm.impl.LDAPTestPOJO;
-import org.jboss.identity.idm.common.exception.IdentityException;
import org.jboss.unit.api.pojo.annotations.Create;
import org.jboss.unit.api.pojo.annotations.Destroy;
import org.jboss.unit.api.pojo.annotations.Test;
+import java.util.Hashtable;
+
import javax.naming.Context;
import javax.naming.NamingException;
-import javax.naming.ldap.LdapContext;
import javax.naming.ldap.InitialLdapContext;
-import java.util.Hashtable;
-import java.util.Map;
+import javax.naming.ldap.LdapContext;
/**
@@ -75,7 +71,7 @@
{
super.start();
- setIdentityConfig("store-test-config.xml");
+// setIdentityConfig("store-test-config.xml");
commonTest = new CommonIdentityStoreTest(this);
@@ -89,7 +85,7 @@
for (IdentityStoreConfigurationMetaData metaData : configurationMD.getIdentityStores())
{
- if (metaData.getId().equals("LDAPTestStore"))
+ if (metaData.getId().equals("LDAP Identity Store"))
{
storeMD = metaData;
break;
@@ -171,7 +167,7 @@
//populate();
- store = new LDAPIdentityStoreImpl("LDAPTestStore");
+ store = new LDAPIdentityStoreImpl("LDAP Identity Store");
store.bootstrap(context);
}
@@ -205,14 +201,14 @@
@Test
public void testSimple() throws Exception
{
- populate();
+ populateClean();
Hashtable<String,String> env = new Hashtable<String,String>();
- env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
- env.put(Context.PROVIDER_URL, LDAP_PROVIDER_URL);
+ env.put(Context.INITIAL_CONTEXT_FACTORY, directoryConfig.getContextFactory());
+ env.put(Context.PROVIDER_URL, directoryConfig.getDescription());
env.put(Context.SECURITY_AUTHENTICATION, "simple");
- env.put(Context.SECURITY_PRINCIPAL, LDAP_PRINCIPAL);
- env.put(Context.SECURITY_CREDENTIALS, LDAP_CREDENTIALS);
+ env.put(Context.SECURITY_PRINCIPAL, directoryConfig.getAdminDN());
+ env.put(Context.SECURITY_CREDENTIALS, directoryConfig.getAdminPassword());
LdapContext ldapCtx = null;
try
@@ -220,7 +216,7 @@
ldapCtx = new InitialLdapContext(env, null);
// Do something ...
- System.out.println("Attributes: " + ldapCtx.getAttributes("o=test,dc=portal,dc=example,dc=com"));
+ System.out.println("Attributes: " + ldapCtx.getAttributes(directoryConfig.getCleanUpDN()));
}
catch (NamingException e)
@@ -243,147 +239,147 @@
}
}
- @Test
- public void testIdentityObjectCount() throws Exception
- {
- populate();
+// @Test
+// public void testIdentityObjectCount() throws Exception
+// {
+// populate();
+//
+// assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER));
+// assertEquals(5, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.ROLE));
+// assertEquals(2, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP));
+// }
+//
+// @Test
+// public void testFindCreateRemove() throws Exception
+// {
+// populate();
+//
+// assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER));
+//
+// IdentityObject io = store.findIdentityObject(ctx, "admin", IdentityTypeEnum.USER);
+// assertEquals("admin", io.getName());
+// assertEquals("uid=admin,ou=People,o=test,dc=portal,dc=example,dc=com", io.getId().toString());
+//
+// //
+//
+// store.removeIdentityObject(ctx, io);
+//
+// assertEquals(6, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER));
+//
+// store.createIdentityObject(ctx, "newUserA", IdentityTypeEnum.USER);
+//
+// assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER));
+//
+// //
+//
+// assertEquals(2, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP));
+//
+// store.createIdentityObject(ctx, "newGroupA", IdentityTypeEnum.GROUP);
+//
+// assertEquals(3, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP));
+//
+// //
+//
+// io = store.findIdentityObject(ctx, "cn=newGroupA,ou=Groups,o=test,dc=portal,dc=example,dc=com");
+// assertEquals("newGroupA", io.getName());
+//
+// }
- assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER));
- assertEquals(5, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.ROLE));
- assertEquals(2, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP));
- }
+// @Test
+// public void testAttributes() throws Exception{
+//
+// populate();
+//
+// IdentityObject user1 = store.createIdentityObject(ctx, "Adam", IdentityTypeEnum.USER);
+// IdentityObject user2 = store.createIdentityObject(ctx, "Eva", IdentityTypeEnum.USER);
+//
+// //
+//
+// IdentityObjectAttribute[] attrs = new IdentityObjectAttribute[]{
+// new SimpleAttribute("phone", new String[]{"val1"}),
+// new SimpleAttribute("description", new String[]{"val1", "val2", "val3", "val4"}),
+//
+// };
+//
+// store.addAttributes(ctx, user1, attrs);
+//
+// //
+//
+// Map<String, IdentityObjectAttribute> persistedAttrs = store.getAttributes(ctx, user1);
+//
+// assertEquals(2, persistedAttrs.keySet().size());
+//
+// assertTrue(persistedAttrs.containsKey("phone"));
+// assertEquals(1, persistedAttrs.get("phone").getSize());
+//
+// assertTrue(persistedAttrs.containsKey("description"));
+// assertEquals(4, persistedAttrs.get("description").getSize());
+//
+// //
+//
+// attrs = new IdentityObjectAttribute[]{
+// new SimpleAttribute("carLicense", new String[]{"val1"})
+// };
+//
+// store.addAttributes(ctx, user1, attrs);
+//
+// //
+//
+// persistedAttrs = store.getAttributes(ctx, user1);
+//
+// assertEquals(3, persistedAttrs.keySet().size());
+//
+// assertTrue(persistedAttrs.containsKey("phone"));
+// assertEquals(1, persistedAttrs.get("phone").getSize());
+//
+// assertTrue(persistedAttrs.containsKey("description"));
+// assertEquals(4, persistedAttrs.get("description").getSize());
+//
+// assertTrue(persistedAttrs.containsKey("carLicense"));
+// assertEquals(1, persistedAttrs.get("carLicense").getSize());
+//
+// attrs = new IdentityObjectAttribute[]{
+// new SimpleAttribute("carLicense", new String[]{"val2"})
+// };
+//
+// store.addAttributes(ctx, user1, attrs);
+//
+// //
+//
+// persistedAttrs = store.getAttributes(ctx, user1);
+//
+// assertEquals(3, persistedAttrs.keySet().size());
+//
+// assertTrue(persistedAttrs.containsKey("carLicense"));
+// assertEquals(2, persistedAttrs.get("carLicense").getSize());
+//
+// //
+//
+// store.updateAttributes(ctx, user1, attrs);
+//
+// //
+//
+// persistedAttrs = store.getAttributes(ctx, user1);
+//
+// assertEquals(3, persistedAttrs.keySet().size());
+//
+// assertTrue(persistedAttrs.containsKey("carLicense"));
+// assertEquals(1, persistedAttrs.get("carLicense").getSize());
+//
+// //
+//
+// String[] names = new String[]{"carLicense"};
+// store.removeAttributes(ctx, user1, names);
+//
+// //
+//
+// persistedAttrs = store.getAttributes(ctx, user1);
+//
+// assertEquals(2, persistedAttrs.keySet().size());
+//
+// }
@Test
- public void testFindCreateRemove() throws Exception
- {
- populate();
-
- assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER));
-
- IdentityObject io = store.findIdentityObject(ctx, "admin", IdentityTypeEnum.USER);
- assertEquals("admin", io.getName());
- assertEquals("uid=admin,ou=People,o=test,dc=portal,dc=example,dc=com", io.getId().toString());
-
- //
-
- store.removeIdentityObject(ctx, io);
-
- assertEquals(6, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER));
-
- store.createIdentityObject(ctx, "newUserA", IdentityTypeEnum.USER);
-
- assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER));
-
- //
-
- assertEquals(2, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP));
-
- store.createIdentityObject(ctx, "newGroupA", IdentityTypeEnum.GROUP);
-
- assertEquals(3, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP));
-
- //
-
- io = store.findIdentityObject(ctx, "cn=newGroupA,ou=Groups,o=test,dc=portal,dc=example,dc=com");
- assertEquals("newGroupA", io.getName());
-
- }
-
- @Test
- public void testAttributes() throws Exception{
-
- populate();
-
- IdentityObject user1 = store.createIdentityObject(ctx, "Adam", IdentityTypeEnum.USER);
- IdentityObject user2 = store.createIdentityObject(ctx, "Eva", IdentityTypeEnum.USER);
-
- //
-
- IdentityObjectAttribute[] attrs = new IdentityObjectAttribute[]{
- new SimpleAttribute("phone", new String[]{"val1", "val2", "val3"}),
- new SimpleAttribute("description", new String[]{"val1", "val2", "val3", "val4"}),
-
- };
-
- store.addAttributes(ctx, user1, attrs);
-
- //
-
- Map<String, IdentityObjectAttribute> persistedAttrs = store.getAttributes(ctx, user1);
-
- assertEquals(2, persistedAttrs.keySet().size());
-
- assertTrue(persistedAttrs.containsKey("phone"));
- assertEquals(3, persistedAttrs.get("phone").getSize());
-
- assertTrue(persistedAttrs.containsKey("description"));
- assertEquals(4, persistedAttrs.get("description").getSize());
-
- //
-
- attrs = new IdentityObjectAttribute[]{
- new SimpleAttribute("carLicense", new String[]{"val1"})
- };
-
- store.addAttributes(ctx, user1, attrs);
-
- //
-
- persistedAttrs = store.getAttributes(ctx, user1);
-
- assertEquals(3, persistedAttrs.keySet().size());
-
- assertTrue(persistedAttrs.containsKey("phone"));
- assertEquals(3, persistedAttrs.get("phone").getSize());
-
- assertTrue(persistedAttrs.containsKey("description"));
- assertEquals(4, persistedAttrs.get("description").getSize());
-
- assertTrue(persistedAttrs.containsKey("carLicense"));
- assertEquals(1, persistedAttrs.get("carLicense").getSize());
-
- attrs = new IdentityObjectAttribute[]{
- new SimpleAttribute("carLicense", new String[]{"val2"})
- };
-
- store.addAttributes(ctx, user1, attrs);
-
- //
-
- persistedAttrs = store.getAttributes(ctx, user1);
-
- assertEquals(3, persistedAttrs.keySet().size());
-
- assertTrue(persistedAttrs.containsKey("carLicense"));
- assertEquals(2, persistedAttrs.get("carLicense").getSize());
-
- //
-
- store.updateAttributes(ctx, user1, attrs);
-
- //
-
- persistedAttrs = store.getAttributes(ctx, user1);
-
- assertEquals(3, persistedAttrs.keySet().size());
-
- assertTrue(persistedAttrs.containsKey("carLicense"));
- assertEquals(1, persistedAttrs.get("carLicense").getSize());
-
- //
-
- String[] names = new String[]{"carLicense"};
- store.removeAttributes(ctx, user1, names);
-
- //
-
- persistedAttrs = store.getAttributes(ctx, user1);
-
- assertEquals(2, persistedAttrs.keySet().size());
-
- }
-
- @Test
public void testRelationships() throws Exception
{
populateClean();
Added: idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml (rev 0)
+++ idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml 2009-08-07 22:56:43 UTC (rev 681)
@@ -0,0 +1,116 @@
+<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ ~ JBoss, a division of Red Hat ~
+ ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~
+ ~ contributors as indicated by the @authors tag. See the ~
+ ~ copyright.txt in the distribution for a full listing of ~
+ ~ individual contributors. ~
+ ~ ~
+ ~ This is free software; you can redistribute it and/or modify it ~
+ ~ under the terms of the GNU Lesser General Public License as ~
+ ~ published by the Free Software Foundation; either version 2.1 of ~
+ ~ the License, or (at your option) any later version. ~
+ ~ ~
+ ~ This software is distributed in the hope that it will be useful, ~
+ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~
+ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~
+ ~ Lesser General Public License for more details. ~
+ ~ ~
+ ~ You should have received a copy of the GNU Lesser General Public ~
+ ~ License along with this software; if not, write to the Free ~
+ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~
+ ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org. ~
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~-->
+
+<directories>
+ <directory>
+ <directory-name>EmbeddedOpenDS</directory-name>
+ <description>ldap://localhost:10389</description>
+ <!--identity configuration file-->
+ <config-file>test-identity-config.xml</config-file>
+ <host>localhost</host>
+ <port>10389</port>
+ <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory>
+ <admin-dn>cn=Directory Manager</admin-dn>
+ <admin-password>password</admin-password>
+ <!--ldif from which LDAP will be populated before each test-->
+ <populate-ldif>ldap/initial-empty-opends.ldif</populate-ldif>
+ <!--DN that will be removed to perform cleanup after each test-->
+ <cleanup-dn>o=jbid,dc=example,dc=com</cleanup-dn>
+ </directory>
+ <directory>
+ <directory-name>SunDS</directory-name>
+ <description>ldap://dev39.qa.atl.jboss.com:1389</description>
+ <!--identity configuration file-->
+ <config-file>test-identity-config-sunds.xml</config-file>
+ <host>dev39.qa.atl.jboss.com</host>
+ <port>1389</port>
+ <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory>
+ <admin-dn>cn=Directory Manager</admin-dn>
+ <admin-password>testldap</admin-password>
+ <!--ldif from which LDAP will be populated before each test-->
+ <populate-ldif>ldap/initial-empty-sunds.ldif</populate-ldif>
+ <!--DN that will be removed to perform cleanup after each test-->
+ <cleanup-dn>dc=example,dc=com</cleanup-dn>
+ </directory>
+ <directory>
+ <directory-name>RedHatDS</directory-name>
+ <description>ldap://dev39.qa.atl.jboss.com:10389</description>
+
+ <config-file>test-identity-config-redhatds.xml</config-file>
+ <host>dev39.qa.atl.jboss.com</host>
+ <port>10389</port>
+ <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory>
+ <admin-dn>cn=Directory Manager</admin-dn>
+ <admin-password>qpq123qpq</admin-password>
+
+ <populate-ldif>ldap/initial-empty-redhatds.ldif</populate-ldif>
+
+ <cleanup-dn>o=jbid,dc=example,dc=com</cleanup-dn>
+ </directory>
+ <directory>
+ <directory-name>OpenLDAP</directory-name>
+ <description>ldap://dev39.qa.atl.jboss.com:389</description>
+
+ <config-file>test-identity-config-openldapds.xml</config-file>
+ <host>dev39.qa.atl.jboss.com</host>
+ <port>389</port>
+ <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory>
+ <admin-dn>cn=Manager,dc=my-domain,dc=com</admin-dn>
+ <admin-password>jbossqa</admin-password>
+
+ <populate-ldif>ldap/initial-empty-openldapds.ldif</populate-ldif>
+
+ <cleanup-dn>o=jbid,dc=my-domain,dc=com</cleanup-dn>
+ </directory>
+ <directory>
+ <directory-name>MSAD</directory-name>
+ <description>Microsoft Active Directory in QA Labs (need vpn access)</description>
+
+ <config-file>test-identity-config-msad.xml</config-file>
+ <host>dev44.qa.atl.jboss.com</host>
+ <port>389</port>
+ <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory>
+ <admin-dn>JBOSS\jbossqa</admin-dn>
+ <admin-password>jboss42</admin-password>
+
+ <populate-ldif>ldap/initial-empty-msad.ldif</populate-ldif>
+
+ <cleanup-dn>o=jbid,dc=test,dc=domain</cleanup-dn>
+ </directory>
+ <directory>
+ <directory-name>MSAD-local</directory-name>
+ <description>ldap://192.168.56.101:389</description>
+
+ <config-file>test-identity-config-msad.xml</config-file>
+ <host>192.168.56.101</host>
+ <port>389</port>
+ <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory>
+ <admin-dn>TEST\Administrator</admin-dn>
+ <admin-password>!Q2w3e4r</admin-password>
+
+ <populate-ldif>ldap/initial-empty-msad.ldif</populate-ldif>
+
+ <cleanup-dn>o=jbid,dc=test,dc=domain</cleanup-dn>
+ </directory>
+
+</directories>
Copied: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif (from rev 676, idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif)
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif (rev 0)
+++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif 2009-08-07 22:56:43 UTC (rev 681)
@@ -0,0 +1,55 @@
+dn: o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organization
+o: jbid
+
+dn: ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: idm
+
+dn: ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: trunk
+
+dn: ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: test
+
+dn: ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: People
+
+dn: ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: Roles
+
+dn: ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: Groups
+
+dn: ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: Organizations
+
+dn: ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: OrganizationUnits
+
+dn: ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: Departments
+
+dn: ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: Offices
+
Modified: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif 2009-08-07 21:17:36 UTC (rev 680)
+++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif 2009-08-07 22:56:43 UTC (rev 681)
@@ -1,46 +1,54 @@
-dn: dc=portal,dc=example,dc=com
+dn: o=jbid,dc=example,dc=com
objectclass: top
-objectclass: dcObject
objectclass: organization
-o: portal
-dc: portal
+o: jbid
-dn: o=test,dc=portal,dc=example,dc=com
+dn: o=idm,o=jbid,dc=example,dc=com
objectclass: top
objectclass: organization
+o: idm
+
+dn: o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: trunk
+
+dn: o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
o: test
-dn: ou=People,o=test,dc=portal,dc=example,dc=com
+dn: ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
objectclass: top
objectclass: organizationalUnit
ou: People
-dn: ou=Roles,o=test,dc=portal,dc=example,dc=com
+dn: ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
objectclass: top
objectclass: organizationalUnit
ou: Roles
-dn: ou=Groups,o=test,dc=portal,dc=example,dc=com
+dn: ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
objectclass: top
objectclass: organizationalUnit
ou: Groups
-dn: ou=Organizations,o=test,dc=portal,dc=example,dc=com
+dn: ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
objectclass: top
objectclass: organizationalUnit
ou: Organizations
-dn: ou=OrganizationUnits,o=test,dc=portal,dc=example,dc=com
+dn: ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
objectclass: top
objectclass: organizationalUnit
ou: OrganizationUnits
-dn: ou=Departments,o=test,dc=portal,dc=example,dc=com
+dn: ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
objectclass: top
objectclass: organizationalUnit
ou: Departments
-dn: ou=Offices,o=test,dc=portal,dc=example,dc=com
+dn: ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
objectclass: top
objectclass: organizationalUnit
ou: Offices
Copied: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-openldapds.ldif (from rev 676, idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif)
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-openldapds.ldif (rev 0)
+++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-openldapds.ldif 2009-08-07 22:56:43 UTC (rev 681)
@@ -0,0 +1,55 @@
+dn: o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organization
+o: jbid
+
+dn: o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organization
+o: idm
+
+dn: o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organization
+o: trunk
+
+dn: o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organization
+o: test
+
+dn: ou=People,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: People
+
+dn: ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Roles
+
+dn: ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Groups
+
+dn: ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Organizations
+
+dn: ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: OrganizationUnits
+
+dn: ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Departments
+
+dn: ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Offices
+
Copied: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-redhatds.ldif (from rev 676, idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif)
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-redhatds.ldif (rev 0)
+++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-redhatds.ldif 2009-08-07 22:56:43 UTC (rev 681)
@@ -0,0 +1,55 @@
+dn: o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: jbid
+
+dn: o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: idm
+
+dn: o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: trunk
+
+dn: o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: test
+
+dn: ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: People
+
+dn: ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Roles
+
+dn: ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Groups
+
+dn: ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Organizations
+
+dn: ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: OrganizationUnits
+
+dn: ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Departments
+
+dn: ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Offices
+
Copied: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-sunds.ldif (from rev 676, idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif)
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-sunds.ldif (rev 0)
+++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-sunds.ldif 2009-08-07 22:56:43 UTC (rev 681)
@@ -0,0 +1,60 @@
+dn: dc=example,dc=com
+objectclass: top
+objectclass: dcObject
+dc: example
+
+dn: o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: jbid
+
+dn: o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: idm
+
+dn: o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: trunk
+
+dn: o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: test
+
+dn: ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: People
+
+dn: ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Roles
+
+dn: ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Groups
+
+dn: ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Organizations
+
+dn: ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: OrganizationUnits
+
+dn: ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Departments
+
+dn: ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Offices
+
Copied: idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml (from rev 676, idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml)
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml (rev 0)
+++ idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml 2009-08-07 22:56:43 UTC (rev 681)
@@ -0,0 +1,931 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-identity xmlns="urn:jboss:identity:idm:config:v1_0_beta"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:identity:idm:config:v1_0_beta identity-config.xsd">
+ <realms>
+ <realm>
+ <id>realm://RedHat/DB</id>
+ <repository-id-ref>RedHat Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB</id>
+ <repository-id-ref>Sample Portal Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://RedHat/DB_LDAP</id>
+ <repository-id-ref>RedHat Repository DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB_LDAP</id>
+ <repository-id-ref>Sample Portal Repository DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ </realms>
+ <repositories>
+ <repository>
+ <id>RedHat Repository DB</id>
+ <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB</id>
+ <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>RedHat Repository DB+LDAP</id>
+ <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>PROJECT</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+ <identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+ <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB+LDAP</id>
+ <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>SYSTEM</identity-object-type>
+ <identity-object-type>ADMINISTRATION</identity-object-type>
+ <identity-object-type>COMMUNITY</identity-object-type>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>SECURITY</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+ <identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>OFFICE</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+ <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ </repositories>
+ <stores>
+ <attribute-stores/>
+ <identity-stores>
+ <identity-store>
+ <id>Hibernate Identity Store</id>
+ <class>org.jboss.identity.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+ <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships>
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>COMMUNITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>OFFICE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>SECURITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>PROJECT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>PEOPLE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ </relationships>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>picture</name>
+ <mapping>user.picture</mapping>
+ <type>binary</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>PEOPLE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>PROJECT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DIVISION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PROJECT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PEOPLE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ADMINISTRATION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>COMMUNITY</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SECURITY</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SYSTEM</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>SECURITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>COMMUNITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <!--<option>-->
+ <!--<name>hibernateConfiguration</name>-->
+ <!--<value>hibernate-jboss-identity.cfg.xml</value>-->
+ <!--</option>-->
+ <option>
+ <name>hibernateSessionFactoryJNDIName</name>
+ <value>java:/jbossidentity/HibernateStoreSessionFactory</value>
+ </option>
+ <option>
+ <name>populateRelationshipTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>populateIdentityObjectTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>isRealmAware</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </identity-store>
+ <identity-store>
+ <id>LDAP Identity Store</id>
+ <class>org.jboss.identity.idm.impl.store.ldap.LDAPIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+ <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships/>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>phone</name>
+ <mapping>telephoneNumber</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>carLicense</name>
+ <mapping>carLicense</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>passwordAttributeName</name>
+ <value>unicodePwd</value>
+ </option>
+ <option>
+ <name>enclosePasswordWith</name>
+ <value>"</value>
+ </option>
+ <option>
+ <name>passwordEncoding</name>
+ <value>UTF-16LE</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=inetOrgPerson</value>
+ <value>sn= </value>
+ <!--<value>cn= </value>-->
+ </option>
+ <option>
+ <name>passwordUpdateAttributeValues</name>
+ <value>userAccountControl=512</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>GROUP</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ROLE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <option>
+ <name>providerURL</name>
+ <value>ldap://192.168.56.101:636</value>
+ </option>
+ <option>
+ <name>adminDN</name>
+ <value>TEST\Administrator</value>
+ </option>
+ <option>
+ <name>adminPassword</name>
+ <value>!Q2w3e4r</value>
+ </option>
+ <option>
+ <name>customJNDIConnectionParameters</name>
+ <value>java.naming.security.protocol=ssl</value>
+ </option>
+ <option>
+ <name>customSystemProperties</name>
+ <value>javax.net.ssl.trustStore=d:\Workshop\msad.truststore</value>
+ <value>javax.net.ssl.trustStorePassword=password</value>
+ </option>
+ <option>
+ <name>searchTimeLimit</name>
+ <value>10000</value>
+ </option>
+ </options>
+ </identity-store>
+ </identity-stores>
+ </stores>
+</jboss-identity>
\ No newline at end of file
Added: idm/trunk/idm-testsuite/src/test/resources/test-identity-config-openldapds.xml
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/test-identity-config-openldapds.xml (rev 0)
+++ idm/trunk/idm-testsuite/src/test/resources/test-identity-config-openldapds.xml 2009-08-07 22:56:43 UTC (rev 681)
@@ -0,0 +1,910 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-identity xmlns="urn:jboss:identity:idm:config:v1_0_beta"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:identity:idm:config:v1_0_beta identity-config.xsd">
+ <realms>
+ <realm>
+ <id>realm://RedHat/DB</id>
+ <repository-id-ref>RedHat Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB</id>
+ <repository-id-ref>Sample Portal Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://RedHat/DB_LDAP</id>
+ <repository-id-ref>RedHat Repository DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB_LDAP</id>
+ <repository-id-ref>Sample Portal Repository DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ </realms>
+ <repositories>
+ <repository>
+ <id>RedHat Repository DB</id>
+ <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB</id>
+ <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>RedHat Repository DB+LDAP</id>
+ <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>PROJECT</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+ <identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+ <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB+LDAP</id>
+ <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>SYSTEM</identity-object-type>
+ <identity-object-type>ADMINISTRATION</identity-object-type>
+ <identity-object-type>COMMUNITY</identity-object-type>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>SECURITY</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+ <identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>OFFICE</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+ <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ </repositories>
+ <stores>
+ <attribute-stores/>
+ <identity-stores>
+ <identity-store>
+ <id>Hibernate Identity Store</id>
+ <class>org.jboss.identity.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+ <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships>
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>COMMUNITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>OFFICE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>SECURITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>PROJECT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>PEOPLE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ </relationships>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>picture</name>
+ <mapping>user.picture</mapping>
+ <type>binary</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>PEOPLE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>PROJECT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DIVISION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PROJECT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PEOPLE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ADMINISTRATION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>COMMUNITY</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SECURITY</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SYSTEM</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>SECURITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>COMMUNITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <!--<option>-->
+ <!--<name>hibernateConfiguration</name>-->
+ <!--<value>hibernate-jboss-identity.cfg.xml</value>-->
+ <!--</option>-->
+ <option>
+ <name>hibernateSessionFactoryJNDIName</name>
+ <value>java:/jbossidentity/HibernateStoreSessionFactory</value>
+ </option>
+ <option>
+ <name>populateRelationshipTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>populateIdentityObjectTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>isRealmAware</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </identity-store>
+ <identity-store>
+ <id>LDAP Identity Store</id>
+ <class>org.jboss.identity.idm.impl.store.ldap.LDAPIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+ <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships/>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>phone</name>
+ <mapping>telephoneNumber</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>carLicense</name>
+ <mapping>carLicense</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>uid</value>
+ </option>
+ <option>
+ <name>passwordAttributeName</name>
+ <value>userPassword</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=People,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value>
+ </option>
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=inetOrgPerson</value>
+ <value>sn= </value>
+ <value>cn= </value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>GROUP</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ROLE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <option>
+ <name>providerURL</name>
+ <value>ldap://dev39.qa.atl.jboss.com:389</value>
+ </option>
+ <option>
+ <name>adminDN</name>
+ <value>cn=Manager,dc=my-domain,dc=com</value>
+ </option>
+ <option>
+ <name>adminPassword</name>
+ <value>jbossqa</value>
+ </option>
+ <option>
+ <name>searchTimeLimit</name>
+ <value>10000</value>
+ </option>
+ </options>
+ </identity-store>
+ </identity-stores>
+ </stores>
+</jboss-identity>
\ No newline at end of file
Added: idm/trunk/idm-testsuite/src/test/resources/test-identity-config-redhatds.xml
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/test-identity-config-redhatds.xml (rev 0)
+++ idm/trunk/idm-testsuite/src/test/resources/test-identity-config-redhatds.xml 2009-08-07 22:56:43 UTC (rev 681)
@@ -0,0 +1,910 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-identity xmlns="urn:jboss:identity:idm:config:v1_0_beta"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:identity:idm:config:v1_0_beta identity-config.xsd">
+ <realms>
+ <realm>
+ <id>realm://RedHat/DB</id>
+ <repository-id-ref>RedHat Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB</id>
+ <repository-id-ref>Sample Portal Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://RedHat/DB_LDAP</id>
+ <repository-id-ref>RedHat Repository DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB_LDAP</id>
+ <repository-id-ref>Sample Portal Repository DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ </realms>
+ <repositories>
+ <repository>
+ <id>RedHat Repository DB</id>
+ <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB</id>
+ <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>RedHat Repository DB+LDAP</id>
+ <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>PROJECT</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+ <identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+ <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB+LDAP</id>
+ <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>SYSTEM</identity-object-type>
+ <identity-object-type>ADMINISTRATION</identity-object-type>
+ <identity-object-type>COMMUNITY</identity-object-type>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>SECURITY</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+ <identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>OFFICE</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+ <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ </repositories>
+ <stores>
+ <attribute-stores/>
+ <identity-stores>
+ <identity-store>
+ <id>Hibernate Identity Store</id>
+ <class>org.jboss.identity.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+ <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships>
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>COMMUNITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>OFFICE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>SECURITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>PROJECT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>PEOPLE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ </relationships>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>picture</name>
+ <mapping>user.picture</mapping>
+ <type>binary</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>PEOPLE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>PROJECT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DIVISION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PROJECT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PEOPLE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ADMINISTRATION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>COMMUNITY</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SECURITY</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SYSTEM</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>SECURITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>COMMUNITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <!--<option>-->
+ <!--<name>hibernateConfiguration</name>-->
+ <!--<value>hibernate-jboss-identity.cfg.xml</value>-->
+ <!--</option>-->
+ <option>
+ <name>hibernateSessionFactoryJNDIName</name>
+ <value>java:/jbossidentity/HibernateStoreSessionFactory</value>
+ </option>
+ <option>
+ <name>populateRelationshipTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>populateIdentityObjectTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>isRealmAware</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </identity-store>
+ <identity-store>
+ <id>LDAP Identity Store</id>
+ <class>org.jboss.identity.idm.impl.store.ldap.LDAPIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+ <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships/>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>phone</name>
+ <mapping>telephoneNumber</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>carLicense</name>
+ <mapping>carLicense</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>uid</value>
+ </option>
+ <option>
+ <name>passwordAttributeName</name>
+ <value>userPassword</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=inetOrgPerson</value>
+ <value>sn= </value>
+ <value>cn= </value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>GROUP</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ROLE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <option>
+ <name>providerURL</name>
+ <value>ldap://dev39.qa.atl.jboss.com:10389</value>
+ </option>
+ <option>
+ <name>adminDN</name>
+ <value>cn=Directory Manager</value>
+ </option>
+ <option>
+ <name>adminPassword</name>
+ <value>qpq123qpq</value>
+ </option>
+ <option>
+ <name>searchTimeLimit</name>
+ <value>10000</value>
+ </option>
+ </options>
+ </identity-store>
+ </identity-stores>
+ </stores>
+</jboss-identity>
\ No newline at end of file
Copied: idm/trunk/idm-testsuite/src/test/resources/test-identity-config-sunds.xml (from rev 676, idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml)
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/test-identity-config-sunds.xml (rev 0)
+++ idm/trunk/idm-testsuite/src/test/resources/test-identity-config-sunds.xml 2009-08-07 22:56:43 UTC (rev 681)
@@ -0,0 +1,910 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-identity xmlns="urn:jboss:identity:idm:config:v1_0_beta"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:identity:idm:config:v1_0_beta identity-config.xsd">
+ <realms>
+ <realm>
+ <id>realm://RedHat/DB</id>
+ <repository-id-ref>RedHat Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB</id>
+ <repository-id-ref>Sample Portal Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://RedHat/DB_LDAP</id>
+ <repository-id-ref>RedHat Repository DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB_LDAP</id>
+ <repository-id-ref>Sample Portal Repository DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ </realms>
+ <repositories>
+ <repository>
+ <id>RedHat Repository DB</id>
+ <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB</id>
+ <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>RedHat Repository DB+LDAP</id>
+ <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>PROJECT</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+ <identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+ <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB+LDAP</id>
+ <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>SYSTEM</identity-object-type>
+ <identity-object-type>ADMINISTRATION</identity-object-type>
+ <identity-object-type>COMMUNITY</identity-object-type>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>SECURITY</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+ <identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>OFFICE</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+ <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ </repositories>
+ <stores>
+ <attribute-stores/>
+ <identity-stores>
+ <identity-store>
+ <id>Hibernate Identity Store</id>
+ <class>org.jboss.identity.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+ <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships>
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>COMMUNITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>OFFICE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>SECURITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>PROJECT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+ <!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+ <!--<identity-object-type-ref>PEOPLE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ </relationships>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>picture</name>
+ <mapping>user.picture</mapping>
+ <type>binary</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>PEOPLE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>PROJECT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DIVISION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PROJECT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PEOPLE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ADMINISTRATION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>COMMUNITY</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SECURITY</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SYSTEM</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>SECURITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>COMMUNITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <!--<option>-->
+ <!--<name>hibernateConfiguration</name>-->
+ <!--<value>hibernate-jboss-identity.cfg.xml</value>-->
+ <!--</option>-->
+ <option>
+ <name>hibernateSessionFactoryJNDIName</name>
+ <value>java:/jbossidentity/HibernateStoreSessionFactory</value>
+ </option>
+ <option>
+ <name>populateRelationshipTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>populateIdentityObjectTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>isRealmAware</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </identity-store>
+ <identity-store>
+ <id>LDAP Identity Store</id>
+ <class>org.jboss.identity.idm.impl.store.ldap.LDAPIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+ <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships/>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>phone</name>
+ <mapping>telephoneNumber</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>carLicense</name>
+ <mapping>carLicense</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>uid</value>
+ </option>
+ <option>
+ <name>passwordAttributeName</name>
+ <value>userPassword</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=inetOrgPerson</value>
+ <value>sn= </value>
+ <value>cn= </value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>GROUP</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ROLE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <option>
+ <name>providerURL</name>
+ <value>ldap://dev39.qa.atl.jboss.com:1389</value>
+ </option>
+ <option>
+ <name>adminDN</name>
+ <value>cn=Directory Manager</value>
+ </option>
+ <option>
+ <name>adminPassword</name>
+ <value>testldap</value>
+ </option>
+ <option>
+ <name>searchTimeLimit</name>
+ <value>10000</value>
+ </option>
+ </options>
+ </identity-store>
+ </identity-stores>
+ </stores>
+</jboss-identity>
\ No newline at end of file
Modified: idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml 2009-08-07 21:17:36 UTC (rev 680)
+++ idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml 2009-08-07 22:56:43 UTC (rev 681)
@@ -558,7 +558,7 @@
</option>
<option>
<name>ctxDNs</name>
- <value>ou=People,o=test,dc=portal,dc=example,dc=com</value>
+ <value>ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
</option>
<option>
<name>allowCreateEntry</name>
@@ -606,7 +606,7 @@
</option>
<option>
<name>ctxDNs</name>
- <value>ou=Organizations,o=test,dc=portal,dc=example,dc=com</value>
+ <value>ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
</option>
<!--<option>-->
<!--<name>entrySearchFilter</name>-->
@@ -617,11 +617,11 @@
<value>true</value>
</option>
<option>
- <name>membershipAttributeName</name>
+ <name>parentMembershipAttributeName</name>
<value>member</value>
</option>
<option>
- <name>isMembershipAttributeDN</name>
+ <name>isParentMembershipAttributeDN</name>
<value>true</value>
</option>
<option>
@@ -664,7 +664,7 @@
</option>
<option>
<name>ctxDNs</name>
- <value>ou=OrganizationUnits,o=test,dc=portal,dc=example,dc=com</value>
+ <value>ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
</option>
<!--<option>-->
<!--<name>entrySearchFilter</name>-->
@@ -675,11 +675,11 @@
<value>true</value>
</option>
<option>
- <name>membershipAttributeName</name>
+ <name>parentMembershipAttributeName</name>
<value>member</value>
</option>
<option>
- <name>isMembershipAttributeDN</name>
+ <name>isParentMembershipAttributeDN</name>
<value>true</value>
</option>
<option>
@@ -718,7 +718,7 @@
</option>
<option>
<name>ctxDNs</name>
- <value>ou=Departments,o=test,dc=portal,dc=example,dc=com</value>
+ <value>ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
</option>
<!--<option>-->
<!--<name>entrySearchFilter</name>-->
@@ -729,11 +729,11 @@
<value>true</value>
</option>
<option>
- <name>membershipAttributeName</name>
+ <name>parentMembershipAttributeName</name>
<value>member</value>
</option>
<option>
- <name>isMembershipAttributeDN</name>
+ <name>isParentMembershipAttributeDN</name>
<value>true</value>
</option>
<option>
@@ -764,7 +764,7 @@
</option>
<option>
<name>ctxDNs</name>
- <value>ou=Offices,o=test,dc=portal,dc=example,dc=com</value>
+ <value>ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
</option>
<!--<option>-->
<!--<name>entrySearchFilter</name>-->
@@ -775,11 +775,11 @@
<value>true</value>
</option>
<option>
- <name>membershipAttributeName</name>
+ <name>parentMembershipAttributeName</name>
<value>member</value>
</option>
<option>
- <name>isMembershipAttributeDN</name>
+ <name>isParentMembershipAttributeDN</name>
<value>true</value>
</option>
<option>
@@ -793,6 +793,98 @@
</option>
</options>
</identity-object-type>
+ <identity-object-type>
+ <name>GROUP</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ROLE</name>
+ <relationships>
+ <relationship>
+ <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+ <identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+ <value>ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
</supported-identity-object-types>
<options>
<option>
14 years, 9 months
JBoss Identity SVN: r680 - in identity-federation/trunk/jboss-identity-webapps: sales-post-sig and 1 other directory.
by jboss-identity-commits@lists.jboss.org
Author: marcelkolsteren
Date: 2009-08-07 17:17:36 -0400 (Fri, 07 Aug 2009)
New Revision: 680
Removed:
identity-federation/trunk/jboss-identity-webapps/idp-sig/.classpath
identity-federation/trunk/jboss-identity-webapps/idp-sig/.project
identity-federation/trunk/jboss-identity-webapps/idp-sig/.settings/
identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.classpath
identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.project
identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.settings/
Log:
For modules "idp-sig" and "sales-post-sig", removed files that shouldn't be in the repository (.project, .classpath, .settings).
Deleted: identity-federation/trunk/jboss-identity-webapps/idp-sig/.classpath
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/idp-sig/.classpath 2009-08-04 07:53:08 UTC (rev 679)
+++ identity-federation/trunk/jboss-identity-webapps/idp-sig/.classpath 2009-08-07 21:17:36 UTC (rev 680)
@@ -1,4 +0,0 @@
-<classpath>
- <classpathentry kind="output" path="target/classes"/>
- <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
-</classpath>
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-webapps/idp-sig/.project
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/idp-sig/.project 2009-08-04 07:53:08 UTC (rev 679)
+++ identity-federation/trunk/jboss-identity-webapps/idp-sig/.project 2009-08-07 21:17:36 UTC (rev 680)
@@ -1,13 +0,0 @@
-<projectDescription>
- <name>idp</name>
- <comment>JBoss Identity Samples contains the samples for Federated Identity Needs.</comment>
- <projects/>
- <buildSpec>
- <buildCommand>
- <name>org.eclipse.jdt.core.javabuilder</name>
- </buildCommand>
- </buildSpec>
- <natures>
- <nature>org.eclipse.jdt.core.javanature</nature>
- </natures>
-</projectDescription>
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.classpath
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.classpath 2009-08-04 07:53:08 UTC (rev 679)
+++ identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.classpath 2009-08-07 21:17:36 UTC (rev 680)
@@ -1,4 +0,0 @@
-<classpath>
- <classpathentry kind="output" path="target/classes"/>
- <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
-</classpath>
\ No newline at end of file
Deleted: identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.project
===================================================================
--- identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.project 2009-08-04 07:53:08 UTC (rev 679)
+++ identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.project 2009-08-07 21:17:36 UTC (rev 680)
@@ -1,13 +0,0 @@
-<projectDescription>
- <name>sales</name>
- <comment>JBoss Identity Samples contains the samples for Federated Identity Needs.</comment>
- <projects/>
- <buildSpec>
- <buildCommand>
- <name>org.eclipse.jdt.core.javabuilder</name>
- </buildCommand>
- </buildSpec>
- <natures>
- <nature>org.eclipse.jdt.core.javanature</nature>
- </natures>
-</projectDescription>
\ No newline at end of file
14 years, 9 months
JBoss Identity SVN: r679 - in consolidated-build/trunk: identity-build-idm and 1 other directory.
by jboss-identity-commits@lists.jboss.org
Author: jeff.yuchang
Date: 2009-08-04 03:53:08 -0400 (Tue, 04 Aug 2009)
New Revision: 679
Added:
consolidated-build/trunk/identity-build-idm/
consolidated-build/trunk/identity-build-idm/bin.xml
consolidated-build/trunk/identity-build-idm/pom.xml
Modified:
consolidated-build/trunk/pom.xml
Log:
[JBID-155] add the depedency pack for idm.
Added: consolidated-build/trunk/identity-build-idm/bin.xml
===================================================================
--- consolidated-build/trunk/identity-build-idm/bin.xml (rev 0)
+++ consolidated-build/trunk/identity-build-idm/bin.xml 2009-08-04 07:53:08 UTC (rev 679)
@@ -0,0 +1,25 @@
+<assembly>
+ <formats>
+ <format>zip</format>
+ </formats>
+ <includeBaseDirectory>false</includeBaseDirectory>
+ <dependencySets>
+ <dependencySet>
+ <outputFileNameMapping>${artifact.artifactId}${dashClassifier?}-${artifact.version}.${artifact.extension}</outputFileNameMapping>
+ <unpack>false</unpack>
+ <scope>compile</scope>
+ <excludes>
+ <exclude>org.jboss.identity.idm.integration:idm-jboss5</exclude>
+ <exclude>org.jboss.identity.idm:idm-cache</exclude>
+ <exclude>org.jboss.identity.idm:idm-ldap</exclude>
+ <exclude>org.jboss.identity.idm:idm-hibernate</exclude>
+ <exclude>org.jboss.identity.idm:idm-core</exclude>
+ <exclude>org.jboss.identity.idm:idm-api</exclude>
+ <exclude>org.jboss.identity.idm:idm-common</exclude>
+ <exclude>org.jboss.identity.idm:idm-spi</exclude>
+ <exclude>org.jboss.identity.idm:idm-assembly</exclude>
+ </excludes>
+ <outputDirectory>/</outputDirectory>
+ </dependencySet>
+ </dependencySets>
+</assembly>
Added: consolidated-build/trunk/identity-build-idm/pom.xml
===================================================================
--- consolidated-build/trunk/identity-build-idm/pom.xml (rev 0)
+++ consolidated-build/trunk/identity-build-idm/pom.xml 2009-08-04 07:53:08 UTC (rev 679)
@@ -0,0 +1,166 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+ <parent>
+ <groupId>org.jboss.identity</groupId>
+ <artifactId>jboss-identity-build-parent</artifactId>
+ <version>1.0.0.alpha5-SNAPSHOT</version>
+ <relativePath>../parent</relativePath>
+ </parent>
+ <modelVersion>4.0.0</modelVersion>
+ <artifactId>jboss-identity-build-idm</artifactId>
+ <packaging>pom</packaging>
+ <name>JBoss Identity dependency pack for IDM</name>
+ <url>http://www.jboss.org/jbossidentity/</url>
+ <description>JBoss Identity build provides a collection of individual projects as a unified solution.</description>
+ <licenses>
+ <license>
+ <name>lgpl</name>
+ <url>http://repository.jboss.com/licenses/lgpl.txt</url>
+ </license>
+ </licenses>
+ <organization>
+ <name>JBoss Inc.</name>
+ <url>http://www.jboss.org</url>
+ </organization>
+
+
+ <properties>
+ <hibernate-commons-annotations>3.0.0.ga</hibernate-commons-annotations>
+ <hibernate-tools-version>3.2.0.ga</hibernate-tools-version>
+ <hsqldb-version>1.8.0.7</hsqldb-version>
+ <idm.version>1.0.0.Beta1</idm.version>
+ <apache.ant.version>1.7.0</apache.ant.version>
+ <mysql.connector.version>5.0.8</mysql.connector.version>
+ <postgresql.version>8.3-603.jdbc3</postgresql.version>
+ <jtds.version>1.2.2</jtds.version>
+ </properties>
+
+ <dependencies>
+ <dependency>
+ <groupId>org.jboss.identity.idm</groupId>
+ <artifactId>idm-api</artifactId>
+ <version>${idm.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.identity.idm</groupId>
+ <artifactId>idm-common</artifactId>
+ <version>${idm.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.identity.idm</groupId>
+ <artifactId>idm-spi</artifactId>
+ <version>${idm.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.identity.idm</groupId>
+ <artifactId>idm-core</artifactId>
+ <version>${idm.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.identity.idm</groupId>
+ <artifactId>idm-hibernate</artifactId>
+ <version>${idm.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.identity.idm</groupId>
+ <artifactId>idm-ldap</artifactId>
+ <version>${idm.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.identity.idm</groupId>
+ <artifactId>idm-cache</artifactId>
+ <version>${idm.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.identity.idm.integration</groupId>
+ <artifactId>idm-jboss5</artifactId>
+ <version>${idm.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.identity.idm.integration</groupId>
+ <artifactId>idm-jboss5-deployer</artifactId>
+ <classifier>config</classifier>
+ <type>zip</type>
+ <version>${idm.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.jboss.identity.idm.integration</groupId>
+ <artifactId>idm-jboss5-deployer</artifactId>
+ <classifier>deployer</classifier>
+ <type>zip</type>
+ <version>${idm.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate-commons-annotations</artifactId>
+ <version>${hibernate-commons-annotations}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate-tools</artifactId>
+ <version>${hibernate-tools-version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>hsqldb</groupId>
+ <artifactId>hsqldb</artifactId>
+ <version>${hsqldb-version}</version>
+ </dependency>
+
+ <dependency>
+ <groupId>org.apache.ant</groupId>
+ <artifactId>ant</artifactId>
+ <version>${apache.ant.version}</version>
+ </dependency>
+
+ <!-- Database Drivers -->
+ <dependency>
+ <groupId>mysql</groupId>
+ <artifactId>mysql-connector-java</artifactId>
+ <version>${mysql.connector.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>postgresql</groupId>
+ <artifactId>postgresql</artifactId>
+ <version>${postgresql.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>net.sourceforge.jtds</groupId>
+ <artifactId>jtds</artifactId>
+ <version>${jtds.version}</version>
+ </dependency>
+ </dependencies>
+
+ <build>
+ <plugins>
+ <plugin>
+ <artifactId>maven-assembly-plugin</artifactId>
+ <version>2.2-beta-3</version>
+ <executions>
+ <execution>
+ <id>bundle-project-sources</id>
+ <phase>package</phase>
+ <goals>
+ <goal>single</goal>
+ </goals>
+ <configuration>
+ <archive>
+ <manifestEntries>
+ <Specification-Title>JBoss Identity</Specification-Title>
+ <Specification-Version>${project.version}</Specification-Version>
+ <Specification-Vendor>Red Hat Middleware LLC</Specification-Vendor>
+ <Implementation-Title>JBoss Identity</Implementation-Title>
+ <Implementation-Version>${project.version}</Implementation-Version>
+ <Implementation-VendorId>org.jboss.security</Implementation-VendorId>
+ <Implementation-Vendor>Red Hat Middleware LLC</Implementation-Vendor>
+ </manifestEntries>
+ </archive>
+ <descriptors>
+ <descriptor>bin.xml</descriptor>
+ </descriptors>
+ </configuration>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+</project>
Modified: consolidated-build/trunk/pom.xml
===================================================================
--- consolidated-build/trunk/pom.xml 2009-08-03 17:05:39 UTC (rev 678)
+++ consolidated-build/trunk/pom.xml 2009-08-04 07:53:08 UTC (rev 679)
@@ -18,5 +18,6 @@
<module>identity-build-tomcat</module>
<module>identity-build-jbas</module>
<module>identity-build-openid</module>
+ <module>identity-build-idm</module>
</modules>
</project>
14 years, 9 months
JBoss Identity SVN: r678 - in identity-federation/trunk: jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util and 6 other directories.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-08-03 13:05:39 -0400 (Mon, 03 Aug 2009)
New Revision: 678
Modified:
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java
identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/XMLSignatureUtil.java
identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustJAXBFactory.java
identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/DocumentUtil.java
Log:
Use DOM rather than JAXB
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2009-08-03 16:19:12 UTC (rev 677)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2009-08-03 17:05:39 UTC (rev 678)
@@ -240,19 +240,7 @@
SAML2Response saml2Response = new SAML2Response();
- ResponseType responseType;
- try
- {
- responseType = saml2Response.getResponseType(is);
- }
- catch (JAXBException e)
- {
- throw new ParsingException(e);
- }
- catch (SAXException e)
- {
- throw new ParsingException(e);
- }
+ ResponseType responseType = saml2Response.getResponseType(is);
this.isTrusted(responseType.getIssuer().getValue());
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2009-08-03 16:19:12 UTC (rev 677)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2009-08-03 17:05:39 UTC (rev 678)
@@ -48,7 +48,6 @@
import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
-import org.xml.sax.SAXException;
/**
* Tomcat Authenticator for the HTTP/Redirect binding with Signature support
@@ -174,11 +173,7 @@
catch (JAXBException e)
{
throw new ConfigurationException(e);
- }
- catch (SAXException e)
- {
- throw new ParsingException(e);
- }
+ }
catch (TransformerFactoryConfigurationError e)
{
throw new ConfigurationException(e);
Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java 2009-08-03 16:19:12 UTC (rev 677)
+++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java 2009-08-03 17:05:39 UTC (rev 678)
@@ -28,12 +28,20 @@
import java.security.PrivateKey;
import javax.xml.bind.JAXBException;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactoryConfigurationError;
import org.jboss.identity.federation.api.saml.v2.request.SAML2Request;
import org.jboss.identity.federation.api.saml.v2.response.SAML2Response;
+import org.jboss.identity.federation.core.exceptions.ConfigurationException;
+import org.jboss.identity.federation.core.exceptions.ParsingException;
+import org.jboss.identity.federation.core.exceptions.ProcessingException;
+import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
import org.jboss.identity.federation.core.saml.v2.util.SignatureUtil;
import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType;
import org.jboss.identity.federation.saml.v2.protocol.ResponseType;
+import org.w3c.dom.Document;
import org.xml.sax.SAXException;
@@ -82,23 +90,46 @@
* @param responseType
* @param relayState
* @param signingKey
- * @return
- * @throws SAXException
- * @throws JAXBException
+ * @return
* @throws IOException
* @throws GeneralSecurityException
*/
public static String getSAMLResponseURLWithSignature(ResponseType responseType, String relayState,
- PrivateKey signingKey) throws JAXBException, SAXException, IOException, GeneralSecurityException
+ PrivateKey signingKey) throws IOException, GeneralSecurityException
{
SAML2Response saml2Response = new SAML2Response();
- // Deal with the original request
- StringWriter sw = new StringWriter();
- saml2Response.marshall(responseType, sw);
+ Document responseDoc = null;
+
+ try
+ {
+ responseDoc = saml2Response.convert(responseType);
+ }
+ catch (JAXBException e)
+ {
+ throw new ParsingException(e);
+ }
+ catch (ParserConfigurationException e)
+ {
+ throw new ParsingException(e);
+ }
//URL Encode the Request
- String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(sw.toString());
+ String responseString;
+ try
+ {
+ responseString = DocumentUtil.getDocumentAsString(responseDoc);
+ }
+ catch (TransformerFactoryConfigurationError e)
+ {
+ throw new ConfigurationException(e);
+ }
+ catch (TransformerException e)
+ {
+ throw new ProcessingException(e);
+ }
+
+ String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(responseString);
String urlEncodedRelayState = null;
if(relayState != null && relayState.length() > 0 )
@@ -109,6 +140,7 @@
//Now construct the URL
return getResponseRedirectURLWithSignature(urlEncodedResponse, urlEncodedRelayState, sigValue, signingKey.getAlgorithm());
}
+
/**
* Given an url-encoded saml request and relay state and a private key, compute the url
* @param urlEncodedRequest
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-08-03 16:19:12 UTC (rev 677)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-08-03 17:05:39 UTC (rev 678)
@@ -21,6 +21,7 @@
*/
package org.jboss.identity.federation.api.saml.v2.response;
+import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.Writer;
@@ -34,8 +35,11 @@
import javax.xml.bind.Unmarshaller;
import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.Source;
import org.jboss.identity.federation.core.exceptions.ConfigurationException;
+import org.jboss.identity.federation.core.exceptions.ParsingException;
+import org.jboss.identity.federation.core.exceptions.ProcessingException;
import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants;
import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException;
import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory;
@@ -68,6 +72,8 @@
*/
public class SAML2Response
{
+ private Document responseDocument = null;
+
/**
* Create an assertion
* @param id
@@ -204,21 +210,65 @@
* Read a ResponseType from an input stream
* @param is
* @return
- * @throws SAXException
- * @throws JAXBException
+ * @throws ParsingException
+ * @throws ConfigurationException
*/
@SuppressWarnings("unchecked")
- public ResponseType getResponseType(InputStream is) throws JAXBException, SAXException
+ public ResponseType getResponseType(InputStream is) throws ParsingException, ConfigurationException
{
if(is == null)
throw new IllegalArgumentException("inputstream is null");
- Unmarshaller un = JBossSAMLAuthnResponseFactory.getUnmarshaller();
- JAXBElement<ResponseType> jaxbAuthnRequestType = (JAXBElement<ResponseType>) un.unmarshal(is);
- return jaxbAuthnRequestType.getValue();
+ //Read the DOM
+ try
+ {
+ responseDocument = DocumentUtil.getDocument(is);
+ }
+ catch (ParserConfigurationException e)
+ {
+ throw new ConfigurationException(e);
+ }
+ catch (IOException e)
+ {
+ throw new ParsingException(e);
+ }
+ catch (SAXException e)
+ {
+ throw new ParsingException(e);
+ }
+
+ Source domSource = DocumentUtil.getXMLSource(responseDocument);
+
+ Unmarshaller un;
+ try
+ {
+ un = JBossSAMLAuthnResponseFactory.getUnmarshaller();
+ JAXBElement<ResponseType> jaxbAuthnRequestType = (JAXBElement<ResponseType>) un.unmarshal(domSource);
+ return jaxbAuthnRequestType.getValue();
+ }
+ catch (JAXBException e)
+ {
+ throw new ParsingException(e);
+ }
+ catch (SAXException e)
+ {
+ throw new ParsingException(e);
+ }
}
/**
+ * Return the Parsed Document
+ * @return
+ * @throws ProcessingException if there is no parsed DOM
+ */
+ public Document getResponseDocument() throws ProcessingException
+ {
+ if(responseDocument == null)
+ throw new ProcessingException("Response Document is null");
+ return responseDocument;
+ }
+
+ /**
* Convert an EncryptedElement into a Document
* @param encryptedElementType
* @return
@@ -259,9 +309,9 @@
JAXBContext jaxb = JAXBContext.newInstance(ResponseType.class);
Binder<Node> binder = jaxb.createBinder();
- Document doc = DocumentUtil.createDocument();
- binder.marshal(JAXBElementMappingUtil.get(responseType), doc);
- return doc;
+ responseDocument = DocumentUtil.createDocument();
+ binder.marshal(JAXBElementMappingUtil.get(responseType), responseDocument);
+ return responseDocument;
}
/**
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java 2009-08-03 16:19:12 UTC (rev 677)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java 2009-08-03 17:05:39 UTC (rev 678)
@@ -153,8 +153,8 @@
KeyPair keypair,
String referenceURI) throws JAXBException, ParserConfigurationException, XPathException, TransformerFactoryConfigurationError, TransformerException, GeneralSecurityException, MarshalException, XMLSignatureException
{
- SAML2Response saml2Request = new SAML2Response();
- Document doc = saml2Request.convert(response);
+ SAML2Response saml2Response = new SAML2Response();
+ Document doc = saml2Response.convert(response);
Node assertionNode = DocumentUtil.getNodeWithAttribute(doc,
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/XMLSignatureUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/XMLSignatureUtil.java 2009-08-03 16:19:12 UTC (rev 677)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/XMLSignatureUtil.java 2009-08-03 17:05:39 UTC (rev 678)
@@ -55,7 +55,6 @@
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
-import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil;
@@ -269,6 +268,6 @@
{
TransformerFactory tf = TransformerFactory.newInstance();
Transformer trans = tf.newTransformer();
- trans.transform(new DOMSource(signedDocument), new StreamResult(os));
+ trans.transform(DocumentUtil.getXMLSource(signedDocument), new StreamResult(os));
}
}
\ No newline at end of file
Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustJAXBFactory.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustJAXBFactory.java 2009-08-03 16:19:12 UTC (rev 677)
+++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustJAXBFactory.java 2009-08-03 17:05:39 UTC (rev 678)
@@ -259,7 +259,7 @@
throw new RuntimeException("Failed to marshall security token request", e);
}
- return new DOMSource(result);
+ return DocumentUtil.getXMLSource(result);
}
/**
@@ -306,7 +306,7 @@
{
throw new RuntimeException("Failed to marshall security token response", e);
}
- return new DOMSource(result);
+ return DocumentUtil.getXMLSource(result);
}
/**
Modified: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java 2009-08-03 16:19:12 UTC (rev 677)
+++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java 2009-08-03 17:05:39 UTC (rev 678)
@@ -167,8 +167,7 @@
Node importedSignedNode = validatingDoc.importNode(signedNode, true);
validatingDoc.appendChild(importedSignedNode);
- // Validate the signature
- System.out.println(DocumentUtil.getDocumentAsString(validatingDoc));
+ // Validate the signature
boolean isValid = XMLSignatureUtil.validate(validatingDoc, kp.getPublic());
assertTrue("Signature is valid:", isValid);
@@ -189,8 +188,7 @@
importedSignedNode = validatingDoc.importNode(signedNode, true);
validatingDoc.appendChild(importedSignedNode);
- // The client re-validates the signature.
- System.out.println(DocumentUtil.getDocumentAsString(validatingDoc));
+ // The client re-validates the signature.
assertTrue("Signature is valid:", XMLSignatureUtil.validate(validatingDoc, kp.getPublic()));
JAXBElement<ResponseType> jaxbresponseType = (JAXBElement<ResponseType>) binder.unmarshal(readDoc);
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/DocumentUtil.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/DocumentUtil.java 2009-08-03 16:19:12 UTC (rev 677)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/DocumentUtil.java 2009-08-03 17:05:39 UTC (rev 678)
@@ -218,15 +218,6 @@
return bis;
}
-
- private static Transformer getTransformer() throws TransformerConfigurationException,
- TransformerFactoryConfigurationError
- {
- Transformer transformer = TransformerFactory.newInstance().newTransformer();
- transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
- transformer.setOutputProperty(OutputKeys.INDENT, "no");
- return transformer;
- }
/**
* Stream a DOM Node as a String
@@ -288,6 +279,16 @@
}
/**
+ * Get a {@link Source} given a {@link Document}
+ * @param doc
+ * @return
+ */
+ public static Source getXMLSource(Document doc)
+ {
+ return new DOMSource(doc);
+ }
+
+ /**
* Log the nodes in the document
* @param doc
*/
@@ -320,5 +321,14 @@
factory.setNamespaceAware(true);
factory.setXIncludeAware(true);
return factory;
- }
+ }
+
+ private static Transformer getTransformer() throws TransformerConfigurationException,
+ TransformerFactoryConfigurationError
+ {
+ Transformer transformer = TransformerFactory.newInstance().newTransformer();
+ transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
+ transformer.setOutputProperty(OutputKeys.INDENT, "no");
+ return transformer;
+ }
}
\ No newline at end of file
14 years, 9 months
JBoss Identity SVN: r677 - identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util.
by jboss-identity-commits@lists.jboss.org
Author: anil.saldhana(a)jboss.com
Date: 2009-08-03 12:19:12 -0400 (Mon, 03 Aug 2009)
New Revision: 677
Modified:
identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/IDFedLSInputResolver.java
Log:
JBID-158: IDFedLSInputResolver updated with ws-t schemas
Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/IDFedLSInputResolver.java
===================================================================
--- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/IDFedLSInputResolver.java 2009-07-31 19:17:02 UTC (rev 676)
+++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/IDFedLSInputResolver.java 2009-08-03 16:19:12 UTC (rev 677)
@@ -42,15 +42,34 @@
static
{
+ //SAML
schemaLocationMap.put("saml-schema-assertion-2.0.xsd", "schema/saml/v2/saml-schema-assertion-2.0.xsd");
+
+ //WS-T
+ schemaLocationMap.put("http://docs.oasis-open.org/ws-sx/ws-trust/200512/",
+ "schema/wstrust/v1_3/ws-trust-1.3.xsd");
+ schemaLocationMap.put("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext...",
+ "schema/wstrust/v1_3/oasis-200401-wss-wssecurity-secext-1.0.xsd");
+ schemaLocationMap.put("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit...",
+ "schema/wstrust/v1_3/oasis-200401-wss-wssecurity-utility-1.0.xsd");
+ schemaLocationMap.put("http://schemas.xmlsoap.org/ws/2004/09/policy",
+ "schema/wstrust/v1_3/ws-policy.xsd");
+ schemaLocationMap.put("http://www.w3.org/2005/08/addressing",
+ "schema/wstrust/v1_3/ws-addr.xsd");
+
+ //XML DSIG
schemaLocationMap.put("http://www.w3.org/2000/09/xmldsig#",
"schema/w3c/xmldsig/xmldsig-core-schema.xsd");
schemaLocationMap.put("http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd",
"schema/w3c/xmldsig/xmldsig-core-schema.xsd");
+
+ //XML Enc
schemaLocationMap.put("http://www.w3.org/2001/04/xmlenc#",
"schema/w3c/xmlenc/xenc-schema.xsd");
schemaLocationMap.put("http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd",
"schema/w3c/xmlenc/xenc-schema.xsd");
+
+ //XML Schema/DTD
schemaLocationMap.put("datatypes.dtd",
"schema/w3c/xmlschema/datatypes.dtd");
schemaLocationMap.put("http://www.w3.org/2001/XMLSchema.dtd",
14 years, 9 months