August 2009 - jboss-identity-commits

JBoss Identity SVN: r684 - identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp.

by jboss-identity-commits＠lists.jboss.org

Author: marcelkolsteren Date: 2009-08-08 07:15:22 -0400 (Sat, 08 Aug 2009) New Revision: 684 Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java Log: IDPWebBrowserSSOValve: by default sign outgoing messages and ignore incoming signatures Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java =================================================================== --- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2009-08-07 23:52:12 UTC (rev 683) +++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/idp/IDPWebBrowserSSOValve.java 2009-08-08 11:15:22 UTC (rev 684) @@ -75,17 +75,29 @@ private TrustKeyManager keyManager; - private Boolean supportSignature = false; - - public Boolean getSupportSignature() + private Boolean ignoreIncomingSignatures = true; + + private Boolean signOutgoingMessages = true; + + public Boolean getIgnoreIncomingSignatures() { - return supportSignature; + return ignoreIncomingSignatures; } - public void setSupportSignature(Boolean supportSignature) + public void setIgnoreIncomingSignatures(Boolean ignoreIncomingSignature) { - this.supportSignature = supportSignature; - } + this.ignoreIncomingSignatures = ignoreIncomingSignature; + } + + public Boolean getSignOutgoingMessages() + { + return signOutgoingMessages; + } + + public void setSignOutgoingMessages(Boolean signOutgoingMessages) + { + this.signOutgoingMessages = signOutgoingMessages; + } @Override public void invoke(Request request, Response response) throws IOException, ServletException @@ -142,7 +154,7 @@ JBossSAMLURIConstants.STATUS_AUTHNFAILED.get(), this.identityURL); - if(this.supportSignature) + if(this.signOutgoingMessages) webRequestUtil.send(errorResponseType, relayState, response, true, this.keyManager.getSigningKey()); else @@ -254,7 +266,7 @@ { try { - if(this.supportSignature) + if(this.signOutgoingMessages) webRequestUtil.send(responseType, relayState, response, true, this.keyManager.getSigningKey()); else @@ -298,7 +310,7 @@ this.identityURL); try { - if(this.supportSignature) + if(this.signOutgoingMessages) webRequestUtil.send(errorResponseType, relayState, response, true, this.keyManager.getSigningKey()); else @@ -317,25 +329,29 @@ protected boolean validate(String remoteAddress, SessionHolder holder) throws IOException, GeneralSecurityException { - if(!supportSignature) + if (holder.samlRequest == null || holder.samlRequest.length() == 0) { - return holder.samlRequest != null && holder.samlRequest.length() > 0; + return false; } - - String sig = holder.signature; - if(sig == null || sig.length() == 0) + + if (!this.ignoreIncomingSignatures) { - log.error("Signature received from SP is null:" + remoteAddress); - return false; + String sig = holder.signature; + if (sig == null || sig.length() == 0) + { + log.error("Signature received from SP is null:" + remoteAddress); + return false; + } + + return PostBindingUtil.validateSignature(holder.samlRequest.getBytes("UTF-8"), sig, keyManager + .getValidatingKey(remoteAddress)); } - - return PostBindingUtil.validateSignature(holder.samlRequest.getBytes("UTF-8"), - sig, keyManager.getValidatingKey(remoteAddress)); + else + { + return true; + } } - - - //***************Lifecycle /** * The lifecycle event support for this component. @@ -413,7 +429,7 @@ throw new RuntimeException(e); } - if(this.supportSignature) + if(this.signOutgoingMessages) { KeyProviderType keyProvider = this.idpConfiguration.getKeyProvider(); try

14 years, 9 months

1
0
0 / 0

JBoss Identity SVN: r683 - in identity-federation/trunk: jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories and 1 other directory.

by jboss-identity-commits＠lists.jboss.org

Author: marcelkolsteren Date: 2009-08-07 19:52:12 -0400 (Fri, 07 Aug 2009) New Revision: 683 Added: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SecurityActions.java Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java Log: JBID-159: Disable JAXB Schema validation when marshalling SAML2Response Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-08-07 23:09:26 UTC (rev 682) +++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-08-07 23:52:12 UTC (rev 683) @@ -37,6 +37,7 @@ import javax.xml.parsers.ParserConfigurationException; import javax.xml.transform.Source; +import org.jboss.identity.federation.core.constants.JBossIdentityFederationConstants; import org.jboss.identity.federation.core.exceptions.ConfigurationException; import org.jboss.identity.federation.core.exceptions.ParsingException; import org.jboss.identity.federation.core.exceptions.ProcessingException; @@ -327,9 +328,15 @@ */ public void marshall(ResponseType responseType, OutputStream os) throws JAXBException, SAXException { - Marshaller marshaller = JBossSAMLAuthnResponseFactory.getValidatingMarshaller(); - JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory().createResponse(responseType); - marshaller.marshal(jaxb, os); + String key = JBossIdentityFederationConstants.JAXB_SCHEMA_VALIDATION; + boolean validate = Boolean.parseBoolean(SecurityActions + .getSystemProperty(key, "false")); + + Marshaller marshaller = JBossSAMLAuthnResponseFactory + .getValidatingMarshaller(validate); + JAXBElement<ResponseType> jaxb = SAMLProtocolFactory.getObjectFactory() + .createResponse(responseType); + marshaller.marshal(jaxb, os); } /** Added: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SecurityActions.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SecurityActions.java (rev 0) +++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SecurityActions.java 2009-08-07 23:52:12 UTC (rev 683) @@ -0,0 +1,59 @@ +/* + * JBoss, Home of Professional Open Source. + * Copyright 2008, Red Hat Middleware LLC, and individual contributors + * as indicated by the @author tags. See the copyright.txt file in the + * distribution for a full listing of individual contributors. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ +package org.jboss.identity.federation.api.saml.v2.response; + +import java.security.AccessController; +import java.security.PrivilegedAction; + +/** + * Privileged Blocks + */ +class SecurityActions { + /** + * Get the Thread Context ClassLoader + * + * @return + */ + static ClassLoader getContextClassLoader() { + return AccessController + .doPrivileged(new PrivilegedAction<ClassLoader>() { + public ClassLoader run() { + return Thread.currentThread().getContextClassLoader(); + } + }); + } + + /** + * Get the system property + * + * @param key + * @param defaultValue + * @return + */ + static String getSystemProperty(final String key, final String defaultValue) { + return AccessController.doPrivileged(new PrivilegedAction<String>() { + public String run() { + return System.getProperty(key, defaultValue); + } + }); + } +} Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java 2009-08-07 23:09:26 UTC (rev 682) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/factories/JBossSAMLAuthnResponseFactory.java 2009-08-07 23:52:12 UTC (rev 683) @@ -197,14 +197,19 @@ } /** - * Get the JAXB2 marshaller - * @return - * @throws JAXBException - * @throws SAXException + * Get the validating marshaller + * + * @param schemaValidation Whether schema validation is needed + * @return + * @throws JAXBException + * @throws SAXException */ - public static Marshaller getValidatingMarshaller() throws SAXException, JAXBException + public static Marshaller getValidatingMarshaller(boolean schemaValidation) throws SAXException, JAXBException { - return JAXBUtil.getValidatingMarshaller(pkgName, schemaLocation); + if (schemaValidation) + return JAXBUtil.getValidatingMarshaller(pkgName, schemaLocation); + else + return JAXBUtil.getMarshaller(pkgName); } /**

14 years, 9 months

1
0
0 / 0

JBoss Identity SVN: r682 - in idm/trunk/idm-testsuite/src/test/resources: datasources and 1 other directories.

by jboss-identity-commits＠lists.jboss.org

Author: bdaw Date: 2009-08-07 19:09:26 -0400 (Fri, 07 Aug 2009) New Revision: 682 Added: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad-local.ldif idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad-local.xml Modified: idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml Log: MSAD test configuration fix Modified: idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml =================================================================== --- idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml 2009-08-07 22:56:43 UTC (rev 681) +++ idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml 2009-08-07 23:09:26 UTC (rev 682) @@ -84,7 +84,7 @@ </directory> <directory> <directory-name>MSAD</directory-name> - <description>Microsoft Active Directory in QA Labs (need vpn access)</description> + <description>ldap://dev44.qa.atl.jboss.com:389</description> <config-file>test-identity-config-msad.xml</config-file> <host>dev44.qa.atl.jboss.com</host> @@ -95,20 +95,20 @@ <populate-ldif>ldap/initial-empty-msad.ldif</populate-ldif> - <cleanup-dn>o=jbid,dc=test,dc=domain</cleanup-dn> + <cleanup-dn>o=jbid,dc=jboss,dc=test</cleanup-dn> </directory> <directory> <directory-name>MSAD-local</directory-name> <description>ldap://192.168.56.101:389</description> - <config-file>test-identity-config-msad.xml</config-file> + <config-file>test-identity-config-msad-local.xml</config-file> <host>192.168.56.101</host> <port>389</port> <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory> <admin-dn>TEST\Administrator</admin-dn> <admin-password>!Q2w3e4r</admin-password> - <populate-ldif>ldap/initial-empty-msad.ldif</populate-ldif> + <populate-ldif>ldap/initial-empty-msad-local.ldif</populate-ldif> <cleanup-dn>o=jbid,dc=test,dc=domain</cleanup-dn> </directory> Copied: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad-local.ldif (from rev 681, idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif) =================================================================== --- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad-local.ldif (rev 0) +++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad-local.ldif 2009-08-07 23:09:26 UTC (rev 682) @@ -0,0 +1,55 @@ +dn: o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organization +o: jbid + +dn: ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: idm + +dn: ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: trunk + +dn: ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: test + +dn: ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: People + +dn: ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: Roles + +dn: ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: Groups + +dn: ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: Organizations + +dn: ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: OrganizationUnits + +dn: ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: Departments + +dn: ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: Offices + Modified: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif =================================================================== --- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif 2009-08-07 22:56:43 UTC (rev 681) +++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif 2009-08-07 23:09:26 UTC (rev 682) @@ -1,54 +1,54 @@ -dn: o=jbid,dc=test,dc=domain +dn: o=jbid,dc=jboss,dc=test objectclass: top objectclass: organization o: jbid -dn: ou=idm,o=jbid,dc=test,dc=domain +dn: ou=idm,o=jbid,dc=jboss,dc=test objectclass: top objectclass: organizationalUnit ou: idm -dn: ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +dn: ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test objectclass: top objectclass: organizationalUnit ou: trunk -dn: ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +dn: ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test objectclass: top objectclass: organizationalUnit ou: test -dn: ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +dn: ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test objectclass: top objectclass: organizationalUnit ou: People -dn: ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +dn: ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test objectclass: top objectclass: organizationalUnit ou: Roles -dn: ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +dn: ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test objectclass: top objectclass: organizationalUnit ou: Groups -dn: ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +dn: ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test objectclass: top objectclass: organizationalUnit ou: Organizations -dn: ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +dn: ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test objectclass: top objectclass: organizationalUnit ou: OrganizationUnits -dn: ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +dn: ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test objectclass: top objectclass: organizationalUnit ou: Departments -dn: ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +dn: ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test objectclass: top objectclass: organizationalUnit ou: Offices Copied: idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad-local.xml (from rev 681, idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml) =================================================================== --- idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad-local.xml (rev 0) +++ idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad-local.xml 2009-08-07 23:09:26 UTC (rev 682) @@ -0,0 +1,931 @@ +<?xml version="1.0" encoding="UTF-8"?> +<jboss-identity xmlns="urn:jboss:identity:idm:config:v1_0_beta" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="urn:jboss:identity:idm:config:v1_0_beta identity-config.xsd"> + <realms> + <realm> + <id>realm://RedHat/DB</id> + <repository-id-ref>RedHat Repository DB</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + <realm> + <id>realm://portal/SamplePortal/DB</id> + <repository-id-ref>Sample Portal Repository DB</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + <realm> + <id>realm://RedHat/DB_LDAP</id> + <repository-id-ref>RedHat Repository DB+LDAP</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + <realm> + <id>realm://portal/SamplePortal/DB_LDAP</id> + <repository-id-ref>Sample Portal Repository DB+LDAP</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + </realms> + <repositories> + <repository> + <id>RedHat Repository DB</id> + <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + <repository> + <id>Sample Portal Repository DB</id> + <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + <repository> + <id>RedHat Repository DB+LDAP</id> + <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <identity-store-mappings> + <identity-store-mapping> + <identity-store-id>Hibernate Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>DIVISION</identity-object-type> + <identity-object-type>PROJECT</identity-object-type> + <identity-object-type>PEOPLE</identity-object-type> + </identity-object-types> + <options/> + </identity-store-mapping> + <identity-store-mapping> + <identity-store-id>LDAP Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>USER</identity-object-type> + <identity-object-type>ORGANIZATION</identity-object-type> + <identity-object-type>ORGANIZATION_UNIT</identity-object-type> + <identity-object-type>DEPARTMENT</identity-object-type> + </identity-object-types> + <options> + <option> + <name>cache</name> + <value>false</value> + </option> + <option> + <name>cache.provider.class</name> + <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value> + </option> + <option> + <name>cache.config-file</name> + <value>jboss-cache-config.xml</value> + </option> + </options> + </identity-store-mapping> + </identity-store-mappings> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + <repository> + <id>Sample Portal Repository DB+LDAP</id> + <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <identity-store-mappings> + <identity-store-mapping> + <identity-store-id>Hibernate Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>SYSTEM</identity-object-type> + <identity-object-type>ADMINISTRATION</identity-object-type> + <identity-object-type>COMMUNITY</identity-object-type> + <identity-object-type>DIVISION</identity-object-type> + <identity-object-type>SECURITY</identity-object-type> + <identity-object-type>PEOPLE</identity-object-type> + </identity-object-types> + <options/> + </identity-store-mapping> + <identity-store-mapping> + <identity-store-id>LDAP Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>USER</identity-object-type> + <identity-object-type>DEPARTMENT</identity-object-type> + <identity-object-type>ORGANIZATION</identity-object-type> + <identity-object-type>ORGANIZATION_UNIT</identity-object-type> + <identity-object-type>OFFICE</identity-object-type> + </identity-object-types> + <options> + <option> + <name>cache</name> + <value>false</value> + </option> + <option> + <name>cache.provider.class</name> + <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value> + </option> + <option> + <name>cache.config-file</name> + <value>jboss-cache-config.xml</value> + </option> + </options> + </identity-store-mapping> + </identity-store-mappings> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + </repositories> + <stores> + <attribute-stores/> + <identity-stores> + <identity-store> + <id>Hibernate Identity Store</id> + <class>org.jboss.identity.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class> + <external-config/> + <supported-relationship-types> + <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type> + <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type> + </supported-relationship-types> + <supported-identity-object-types> + <identity-object-type> + <name>USER</name> + <relationships> +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  + </relationships> + <credentials> + <credential-type>PASSWORD</credential-type> + </credentials> + <attributes> + <attribute> + <name>picture</name> + <mapping>user.picture</mapping> + <type>binary</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>email</name> + <mapping>mail</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + <isUnique>true</isUnique> + </attribute> + </attributes> + <options/> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DIVISION</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION_UNIT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DIVISION</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>OFFICE</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>PEOPLE</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>PROJECT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>DIVISION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>DEPARTMENT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>PROJECT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>PEOPLE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>ADMINISTRATION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>COMMUNITY</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>OFFICE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>SECURITY</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>SYSTEM</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>SECURITY</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>COMMUNITY</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + </supported-identity-object-types> + <options> +  +  +  +  + <option> + <name>hibernateSessionFactoryJNDIName</name> + <value>java:/jbossidentity/HibernateStoreSessionFactory</value> + </option> + <option> + <name>populateRelationshipTypes</name> + <value>true</value> + </option> + <option> + <name>populateIdentityObjectTypes</name> + <value>true</value> + </option> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + <option> + <name>isRealmAware</name> + <value>true</value> + </option> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </identity-store> + <identity-store> + <id>LDAP Identity Store</id> + <class>org.jboss.identity.idm.impl.store.ldap.LDAPIdentityStoreImpl</class> + <external-config/> + <supported-relationship-types> + <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type> + </supported-relationship-types> + <supported-identity-object-types> + <identity-object-type> + <name>USER</name> + <relationships/> + <credentials> + <credential-type>PASSWORD</credential-type> + </credentials> + <attributes> + <attribute> + <name>phone</name> + <mapping>telephoneNumber</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>description</name> + <mapping>description</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>carLicense</name> + <mapping>carLicense</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>email</name> + <mapping>mail</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + <isUnique>true</isUnique> + </attribute> + </attributes> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>passwordAttributeName</name> + <value>unicodePwd</value> + </option> + <option> + <name>enclosePasswordWith</name> + <value>"</value> + </option> + <option> + <name>passwordEncoding</name> + <value>UTF-16LE</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + </option> + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=inetOrgPerson</value> + <value>sn= </value> +  + </option> + <option> + <name>passwordUpdateAttributeValues</name> + <value>userAccountControl=512</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>OFFICE</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=group</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION_UNIT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>OFFICE</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=group</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>DEPARTMENT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=group</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>OFFICE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=group</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>GROUP</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=group</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>ROLE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=group</value> + </option> + </options> + </identity-object-type> + </supported-identity-object-types> + <options> + <option> + <name>providerURL</name> + <value>ldap://192.168.56.101:636</value> + </option> + <option> + <name>adminDN</name> + <value>TEST\Administrator</value> + </option> + <option> + <name>adminPassword</name> + <value>!Q2w3e4r</value> + </option> + <option> + <name>customJNDIConnectionParameters</name> + <value>java.naming.security.protocol=ssl</value> + </option> + <option> + <name>customSystemProperties</name> + <value>javax.net.ssl.trustStore=d:\Workshop\msad.truststore</value> + <value>javax.net.ssl.trustStorePassword=password</value> + </option> + <option> + <name>searchTimeLimit</name> + <value>10000</value> + </option> + </options> + </identity-store> + </identity-stores> + </stores> +</jboss-identity> \ No newline at end of file Modified: idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml =================================================================== --- idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml 2009-08-07 22:56:43 UTC (rev 681) +++ idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml 2009-08-07 23:09:26 UTC (rev 682) @@ -566,7 +566,7 @@ </option> <option> <name>ctxDNs</name> - <value>ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + <value>ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test</value> </option> <option> <name>allowCreateEntry</name> @@ -618,7 +618,7 @@ </option> <option> <name>ctxDNs</name> - <value>ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + <value>ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test</value> </option>   @@ -676,7 +676,7 @@ </option> <option> <name>ctxDNs</name> - <value>ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + <value>ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test</value> </option>   @@ -730,7 +730,7 @@ </option> <option> <name>ctxDNs</name> - <value>ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + <value>ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test</value> </option>   @@ -776,7 +776,7 @@ </option> <option> <name>ctxDNs</name> - <value>ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + <value>ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test</value> </option>   @@ -822,7 +822,7 @@ </option> <option> <name>ctxDNs</name> - <value>ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + <value>ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test</value> </option>   @@ -868,7 +868,7 @@ </option> <option> <name>ctxDNs</name> - <value>ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + <value>ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=jboss,dc=test</value> </option>   @@ -901,26 +901,26 @@ <options> <option> <name>providerURL</name> - <value>ldap://192.168.56.101:636</value> + <value>ldap://dev44.qa.atl.jboss.com:389</value> </option> <option> <name>adminDN</name> - <value>TEST\Administrator</value> + <value>JBOSS\jbossqa</value> </option> <option> <name>adminPassword</name> - <value>!Q2w3e4r</value> + <value>jboss42</value> </option> +  +  +  +  +  +  +  +  +  <option> - <name>customJNDIConnectionParameters</name> - <value>java.naming.security.protocol=ssl</value> - </option> - <option> - <name>customSystemProperties</name> - <value>javax.net.ssl.trustStore=d:\Workshop\msad.truststore</value> - <value>javax.net.ssl.trustStorePassword=password</value> - </option> - <option> <name>searchTimeLimit</name> <value>10000</value> </option>

14 years, 9 months

1
0
0 / 0

JBoss Identity SVN: r681 - in idm/trunk: idm-hibernate/src/main/java/org/jboss/identity/idm/impl/store/hibernate and 6 other directories.

by jboss-identity-commits＠lists.jboss.org

Author: bdaw Date: 2009-08-07 18:56:43 -0400 (Fri, 07 Aug 2009) New Revision: 681 Added: idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-openldapds.ldif idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-redhatds.ldif idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-sunds.ldif idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml idm/trunk/idm-testsuite/src/test/resources/test-identity-config-openldapds.xml idm/trunk/idm-testsuite/src/test/resources/test-identity-config-redhatds.xml idm/trunk/idm-testsuite/src/test/resources/test-identity-config-sunds.xml Modified: idm/trunk/assembly/scripts/assembly-distro.xml idm/trunk/idm-hibernate/src/main/java/org/jboss/identity/idm/impl/store/hibernate/HibernateIdentityStoreImpl.java idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityObjectTypeConfiguration.java idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreConfiguration.java idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreImpl.java idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreSessionImpl.java idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityObjectTypeConfiguration.java idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityStoreConfiguration.java idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/IdentityTestPOJO.java idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/LDAPTestPOJO.java idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreTestCase.java idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml Log: LDAP support improvements Modified: idm/trunk/assembly/scripts/assembly-distro.xml =================================================================== --- idm/trunk/assembly/scripts/assembly-distro.xml 2009-08-07 21:17:36 UTC (rev 680) +++ idm/trunk/assembly/scripts/assembly-distro.xml 2009-08-07 22:56:43 UTC (rev 681) @@ -14,7 +14,7 @@  <dependencySets> <dependencySet> - <outputFileNameMapping>${artifact.artifactId}${dashClassifier?}.${artifact.extension}</outputFileNameMapping> +   <unpack>false</unpack> <scope>test</scope> Modified: idm/trunk/idm-hibernate/src/main/java/org/jboss/identity/idm/impl/store/hibernate/HibernateIdentityStoreImpl.java =================================================================== --- idm/trunk/idm-hibernate/src/main/java/org/jboss/identity/idm/impl/store/hibernate/HibernateIdentityStoreImpl.java 2009-08-07 21:17:36 UTC (rev 680) +++ idm/trunk/idm-hibernate/src/main/java/org/jboss/identity/idm/impl/store/hibernate/HibernateIdentityStoreImpl.java 2009-08-07 22:56:43 UTC (rev 681) @@ -22,30 +22,11 @@ package org.jboss.identity.idm.impl.store.hibernate; -import java.io.Serializable; -import java.util.Arrays; -import java.util.Collection; -import java.util.Collections; -import java.util.HashMap; -import java.util.HashSet; -import java.util.Iterator; -import java.util.LinkedList; -import java.util.List; -import java.util.Map; -import java.util.Set; - -import org.hibernate.Criteria; -import org.hibernate.HibernateException; -import org.hibernate.Session; -import org.hibernate.Query; -import org.hibernate.SessionFactory; -import org.hibernate.cfg.AnnotationConfiguration; -import org.hibernate.criterion.Restrictions; -import org.hibernate.criterion.MatchMode; import org.jboss.identity.idm.common.exception.IdentityException; import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObject; import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectAttribute; import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttribute; +import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttributeValue; import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectCredential; import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectCredentialType; import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectRelationship; @@ -54,12 +35,11 @@ import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectTextAttribute; import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectType; import org.jboss.identity.idm.impl.model.hibernate.HibernateRealm; -import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttributeValue; import org.jboss.identity.idm.impl.store.FeaturesMetaDataImpl; +import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext; import org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectAttributeMetaData; import org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectTypeMetaData; import org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData; -import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext; import org.jboss.identity.idm.spi.exception.OperationNotSupportedException; import org.jboss.identity.idm.spi.model.IdentityObject; import org.jboss.identity.idm.spi.model.IdentityObjectAttribute; @@ -68,16 +48,35 @@ import org.jboss.identity.idm.spi.model.IdentityObjectRelationship; import org.jboss.identity.idm.spi.model.IdentityObjectRelationshipType; import org.jboss.identity.idm.spi.model.IdentityObjectType; +import org.jboss.identity.idm.spi.search.IdentityObjectSearchCriteria; import org.jboss.identity.idm.spi.store.FeaturesMetaData; +import org.jboss.identity.idm.spi.store.IdentityObjectSearchCriteriaType; import org.jboss.identity.idm.spi.store.IdentityStore; import org.jboss.identity.idm.spi.store.IdentityStoreInvocationContext; import org.jboss.identity.idm.spi.store.IdentityStoreSession; -import org.jboss.identity.idm.spi.store.IdentityObjectSearchCriteriaType; -import org.jboss.identity.idm.spi.search.IdentityObjectSearchCriteria; -//import javax.persistence.Persistence; +import java.io.Serializable; +import java.util.Arrays; +import java.util.Collection; +import java.util.Collections; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Iterator; +import java.util.LinkedList; +import java.util.List; +import java.util.Map; +import java.util.Set; + import javax.naming.InitialContext; import javax.naming.NamingException; + +import org.hibernate.Criteria; +import org.hibernate.HibernateException; +import org.hibernate.Query; +import org.hibernate.Session; +import org.hibernate.SessionFactory; +import org.hibernate.cfg.AnnotationConfiguration; +import org.hibernate.criterion.Restrictions; //import javax.persistence.Persistence; /** @@ -1552,9 +1551,19 @@ HibernateIdentityObject hibernateObject = safeGet(ctx, identity); - Set<HibernateIdentityObjectAttribute> storeAttributes = hibernateObject.getAttributes(); + + Map<String, IdentityObjectAttribute> result = new HashMap<String, IdentityObjectAttribute>(); + if (hibernateObject == null) + { + return result; + } + + Set<HibernateIdentityObjectAttribute> storeAttributes = hibernateObject.getAttributes(); + + + // Remap the names for (HibernateIdentityObjectAttribute attribute : storeAttributes) { @@ -1607,13 +1616,12 @@ } } - IdentityObjectAttributeMetaData amd = mdMap.get(attribute.getName()); - if (amd != null) + if (mdMap != null && mdMap.containsKey(attribute.getName())) { + IdentityObjectAttributeMetaData amd = mdMap.get(attribute.getName()); - if (!amd.isMultivalued() && attribute.getSize() > 1) { throw new IdentityException("Cannot assigned multiply values to single valued attribute: " + attribute.getName()); @@ -1663,8 +1671,13 @@ { IdentityObjectAttribute attribute = mappedAttributes.get(name); - IdentityObjectAttributeMetaData amd = mdMap.get(attribute.getName()); + IdentityObjectAttributeMetaData amd = null; + if (mdMap != null) + { + amd = mdMap.get(attribute.getName()); + } + // Default to text String type = amd != null ? amd.getType() : IdentityObjectAttributeMetaData.TEXT_TYPE; Modified: idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityObjectTypeConfiguration.java =================================================================== --- idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityObjectTypeConfiguration.java 2009-08-07 21:17:36 UTC (rev 680) +++ idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityObjectTypeConfiguration.java 2009-08-07 22:56:43 UTC (rev 681) @@ -41,19 +41,36 @@ String getEntrySearchFilter(); + String getEntrySearchScope(); + boolean isAllowCreateEntry(); Map<String, String[]> getCreateEntryAttributeValues(); String[] getAllowedMembershipTypes(); - String getMembershipAttributeName(); + String getParentMembershipAttributeName(); - boolean isMembershipAttributeDN(); + boolean isParentMembershipAttributeDN(); - boolean allowEmptyMemberships(); + boolean isAllowEmptyMemberships(); String getAttributeMapping(String identityAttribute); Set<String> getMappedAttributesNames(); + + String getChildMembershipAttributeName(); + + boolean isChildMembershipAttributeDN(); + + boolean isAllowEmptyPassword(); + + String getEnclosePasswordWith(); + + String getPasswordEncoding(); + + Map<String, String[]> getUpdatePasswordAttributeValues(); + + boolean isSubentryMembershipLookup(); + } Modified: idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreConfiguration.java =================================================================== --- idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreConfiguration.java 2009-08-07 21:17:36 UTC (rev 680) +++ idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreConfiguration.java 2009-08-07 22:56:43 UTC (rev 681) @@ -23,7 +23,10 @@ package org.jboss.identity.idm.impl.store.ldap; import org.jboss.identity.idm.spi.model.IdentityObjectType; +import org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData; +import java.util.Map; + /** * Helper interface to expose LDAP IdentityStore configuration in a different way * @@ -32,6 +35,8 @@ */ public interface LDAPIdentityStoreConfiguration { + + IdentityStoreConfigurationMetaData getConfigurationMetaData(); String getProviderURL(); @@ -45,4 +50,34 @@ IdentityObjectType[] getConfiguredTypes(); + Map<String, LDAPIdentityObjectTypeConfiguration> getTypesConfiguration(); + + Map<String, String> getCustomJNDIConnectionParameters(); + + Map<String, String> getCustomSystemProperties(); + + String getExternalJNDIContext(); + + String getMembershipToRelationshipTypeMapping(); + + boolean isSupportNamedRelationships(); + + String[] getRelationshipNamesCtxDNs(); + + String getRelationshipNameSearchFilter(); + + String getRelationshipNameSearchScope(); + + Map<String, String[]> getRelationshipNameCreateEntryAttributeValues(); + + String getRelationshipNameAttributeName(); + + String getNamedRelationshipSearchFilter(); + + Map<String, String[]> getNamedRelationshipCreateEntryAttributeValues(); + + String getNamedRelationshipNameAttributeName(); + + String getNamedRelationshipMemberAttributeName(); + } Modified: idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreImpl.java =================================================================== --- idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreImpl.java 2009-08-07 21:17:36 UTC (rev 680) +++ idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreImpl.java 2009-08-07 22:56:43 UTC (rev 681) @@ -22,6 +22,31 @@ package org.jboss.identity.idm.impl.store.ldap; +import org.jboss.identity.idm.common.exception.IdentityException; +import org.jboss.identity.idm.impl.NotYetImplementedException; +import org.jboss.identity.idm.impl.api.SimpleAttribute; +import org.jboss.identity.idm.impl.helper.Tools; +import org.jboss.identity.idm.impl.model.ldap.LDAPIdentityObjectImpl; +import org.jboss.identity.idm.impl.model.ldap.LDAPIdentityObjectRelationshipImpl; +import org.jboss.identity.idm.impl.store.FeaturesMetaDataImpl; +import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext; +import org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectAttributeMetaData; +import org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectTypeMetaData; +import org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData; +import org.jboss.identity.idm.spi.exception.OperationNotSupportedException; +import org.jboss.identity.idm.spi.model.IdentityObject; +import org.jboss.identity.idm.spi.model.IdentityObjectAttribute; +import org.jboss.identity.idm.spi.model.IdentityObjectCredential; +import org.jboss.identity.idm.spi.model.IdentityObjectRelationship; +import org.jboss.identity.idm.spi.model.IdentityObjectRelationshipType; +import org.jboss.identity.idm.spi.model.IdentityObjectType; +import org.jboss.identity.idm.spi.search.IdentityObjectSearchCriteria; +import org.jboss.identity.idm.spi.store.FeaturesMetaData; +import org.jboss.identity.idm.spi.store.IdentityObjectSearchCriteriaType; +import org.jboss.identity.idm.spi.store.IdentityStore; +import org.jboss.identity.idm.spi.store.IdentityStoreInvocationContext; +import org.jboss.identity.idm.spi.store.IdentityStoreSession; + import java.util.Arrays; import java.util.Collection; import java.util.Collections; @@ -38,6 +63,7 @@ import java.util.logging.Level; import java.util.logging.Logger; import java.util.regex.Pattern; +import java.io.UnsupportedEncodingException; import javax.naming.Context; import javax.naming.InitialContext; @@ -56,31 +82,6 @@ import javax.naming.ldap.LdapName; import javax.naming.ldap.SortControl; -import org.jboss.identity.idm.common.exception.IdentityException; -import org.jboss.identity.idm.impl.NotYetImplementedException; -import org.jboss.identity.idm.impl.api.SimpleAttribute; -import org.jboss.identity.idm.impl.helper.Tools; -import org.jboss.identity.idm.impl.model.ldap.LDAPIdentityObjectImpl; -import org.jboss.identity.idm.impl.model.ldap.LDAPIdentityObjectRelationshipImpl; -import org.jboss.identity.idm.impl.store.FeaturesMetaDataImpl; -import org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectAttributeMetaData; -import org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectTypeMetaData; -import org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData; -import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext; -import org.jboss.identity.idm.spi.exception.OperationNotSupportedException; -import org.jboss.identity.idm.spi.model.IdentityObject; -import org.jboss.identity.idm.spi.model.IdentityObjectAttribute; -import org.jboss.identity.idm.spi.model.IdentityObjectCredential; -import org.jboss.identity.idm.spi.model.IdentityObjectRelationship; -import org.jboss.identity.idm.spi.model.IdentityObjectRelationshipType; -import org.jboss.identity.idm.spi.model.IdentityObjectType; -import org.jboss.identity.idm.spi.store.FeaturesMetaData; -import org.jboss.identity.idm.spi.store.IdentityStore; -import org.jboss.identity.idm.spi.store.IdentityStoreInvocationContext; -import org.jboss.identity.idm.spi.store.IdentityStoreSession; -import org.jboss.identity.idm.spi.store.IdentityObjectSearchCriteriaType; -import org.jboss.identity.idm.spi.search.IdentityObjectSearchCriteria; - /** * @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw Dawidowicz</a> * @version : 0.1 $ @@ -163,14 +164,7 @@ public IdentityStoreSession createIdentityStoreSession() { - - return new LDAPIdentityStoreSessionImpl( - "com.sun.jndi.ldap.LdapCtxFactory", - configuration.getProviderURL(), - "simple", - configuration.getAdminDN(), - configuration.getAdminPassword()); - + return new LDAPIdentityStoreSessionImpl(configuration); } public String getId() @@ -498,7 +492,7 @@ for (String typeCtx : typeCtxs) { - if (dn.endsWith(typeCtx)) + if (dn.toLowerCase().endsWith(typeCtx.toLowerCase())) { type = possibleType; break; @@ -729,14 +723,14 @@ // If parent simply look for all its members if (parent) { - if (typeConfig.getMembershipAttributeName() == null) + if (typeConfig.getParentMembershipAttributeName() == null) { throw new IdentityException("Membership attribute name not configured. Given IdentityObjectType cannot have" + "members: " + identity.getIdentityType().getName()); } Attributes attrs = ldapContext.getAttributes(ldapFromIO.getDn()); - Attribute member = attrs.get(typeConfig.getMembershipAttributeName()); + Attribute member = attrs.get(typeConfig.getParentMembershipAttributeName()); if (member != null) { @@ -745,7 +739,7 @@ { String memberRef = memberValues.nextElement().toString(); - if (typeConfig.isMembershipAttributeDN()) + if (typeConfig.isParentMembershipAttributeDN()) { //TODO: use direct LDAP query instaed of other find method and add attributesFilter @@ -829,9 +823,9 @@ // Add filter to search only parents of the given entry af.append("(") - .append(parentTypeConfiguration.getMembershipAttributeName()) + .append(parentTypeConfiguration.getParentMembershipAttributeName()) .append("="); - if (parentTypeConfiguration.isMembershipAttributeDN()) + if (parentTypeConfiguration.isParentMembershipAttributeDN()) { af.append(ldapFromIO.getDn()); } @@ -938,7 +932,7 @@ if (parent) { Attributes attrs = ldapContext.getAttributes(ldapIO.getDn()); - Attribute member = attrs.get(typeConfig.getMembershipAttributeName()); + Attribute member = attrs.get(typeConfig.getParentMembershipAttributeName()); if (member != null) { @@ -947,7 +941,7 @@ { String memberRef = memberValues.nextElement().toString(); - if (typeConfig.isMembershipAttributeDN()) + if (typeConfig.isParentMembershipAttributeDN()) { //TODO: use direct LDAP query instaed of other find method and add attributesFilter @@ -996,9 +990,9 @@ // Add filter to search only parents of the given entry af.append("(") - .append(parentTypeConfiguration.getMembershipAttributeName()) + .append(parentTypeConfiguration.getParentMembershipAttributeName()) .append("="); - if (parentTypeConfiguration.isMembershipAttributeDN()) + if (parentTypeConfiguration.isParentMembershipAttributeDN()) { af.append(ldapIO.getDn()); } @@ -1116,9 +1110,9 @@ // Construct new member attribute values Attributes attrs = new BasicAttributes(true); - Attribute member = new BasicAttribute(fromTypeConfig.getMembershipAttributeName()); + Attribute member = new BasicAttribute(fromTypeConfig.getParentMembershipAttributeName()); - if (fromTypeConfig.isMembershipAttributeDN()) + if (fromTypeConfig.isParentMembershipAttributeDN()) { member.add(ldapToIO.getDn()); } @@ -1195,9 +1189,9 @@ //construct new member attribute values Attributes attrs = new BasicAttributes(true); - Attribute member = new BasicAttribute(fromTypeConfig.getMembershipAttributeName()); + Attribute member = new BasicAttribute(fromTypeConfig.getParentMembershipAttributeName()); - if (fromTypeConfig.isMembershipAttributeDN()) + if (fromTypeConfig.isParentMembershipAttributeDN()) { member.add(ldapToIO.getDn()); } @@ -1277,7 +1271,7 @@ try { Attributes attrs = ldapContext.getAttributes(ldapFromIO.getDn()); - Attribute member = attrs.get(fromTypeConfig.getMembershipAttributeName()); + Attribute member = attrs.get(fromTypeConfig.getParentMembershipAttributeName()); if (member != null) { @@ -1286,8 +1280,8 @@ { String memberRef = memberValues.nextElement().toString(); - if ((fromTypeConfig.isMembershipAttributeDN() && memberRef.equals(ldapToIO.getDn())) || - (!fromTypeConfig.isMembershipAttributeDN() && memberRef.equals(ldapToIO.getName()))) + if ((fromTypeConfig.isParentMembershipAttributeDN() && memberRef.equals(ldapToIO.getDn())) || + (!fromTypeConfig.isParentMembershipAttributeDN() && memberRef.equals(ldapToIO.getName()))) { //TODO: impl lacks support for rel type relationships.add(new LDAPIdentityObjectRelationshipImpl(null, ldapFromIO, ldapToIO)); @@ -1402,10 +1396,18 @@ { //TODO: support for empty password should be configurable passwordString = credential.getValue().toString(); + if (passwordString.length() == 0 && !getTypeConfiguration(ctx, identityObject.getIdentityType()).isAllowEmptyPassword()) + { + return false; + } } else { - throw new IdentityException("Null password value"); + if (!getTypeConfiguration(ctx, identityObject.getIdentityType()).isAllowEmptyPassword()) + { + new IdentityException("Null password value"); + } + passwordString = ""; } LdapContext ldapContext = getLDAPContext(ctx); @@ -1468,16 +1470,47 @@ // Handle generic impl + LDAPIdentityObjectTypeConfiguration typeConfig = getTypeConfiguration(ctx, identityObject.getIdentityType()); + if (credential.getValue() != null) { //TODO: support for empty password should be configurable passwordString = credential.getValue().toString(); + if (passwordString.length() == 0 && !typeConfig.isAllowEmptyPassword()) + { + new IdentityException("Empty password is not allowed by configuration");; + } } else { - throw new IdentityException("Null password value"); + if (!typeConfig.isAllowEmptyPassword()) + { + new IdentityException("Null password value"); + } + passwordString = ""; } + if (typeConfig.getEnclosePasswordWith() != null) + { + String enc = typeConfig.getEnclosePasswordWith(); + passwordString = enc + passwordString + enc; + } + + byte[] encodedPassword = null; + + if (typeConfig.getPasswordEncoding() != null) + { + try + { + encodedPassword = passwordString.getBytes(typeConfig.getPasswordEncoding()); + } + catch (UnsupportedEncodingException e) + { + throw new IdentityException("Error while encoding password with configured setting: " + typeConfig.getPasswordEncoding(), + e); + } + } + String attributeName = getTypeConfiguration(ctx, ldapIO.getIdentityType()).getPasswordAttributeName(); if (attributeName == null) @@ -1494,9 +1527,32 @@ Attributes attrs = new BasicAttributes(true); Attribute attr = new BasicAttribute(attributeName); - attr.add(passwordString); + + if (encodedPassword != null) + { + attr.add(encodedPassword); + } + else + { + attr.add(passwordString); + } + attrs.put(attr); + if(typeConfig.getUpdatePasswordAttributeValues().size() > 0) + { + Map<String, String[]> attributesToAdd = typeConfig.getUpdatePasswordAttributeValues(); + for (Map.Entry<String, String[]> entry : attributesToAdd.entrySet()) + { + Attribute additionalAttr = new BasicAttribute(entry.getKey()); + for (String val : entry.getValue()) + { + additionalAttr.add(val); + } + } + attrs.put(attr); + } + ldapContext.modifyAttributes(ldapIO.getDn(), DirContext.REPLACE_ATTRIBUTE,attrs); } catch (NamingException e) Modified: idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreSessionImpl.java =================================================================== --- idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreSessionImpl.java 2009-08-07 21:17:36 UTC (rev 680) +++ idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreSessionImpl.java 2009-08-07 22:56:43 UTC (rev 681) @@ -22,14 +22,17 @@ package org.jboss.identity.idm.impl.store.ldap; +import org.jboss.identity.idm.common.exception.IdentityException; import org.jboss.identity.idm.spi.store.IdentityStoreSession; -import org.jboss.identity.idm.common.exception.IdentityException; -import javax.naming.ldap.LdapContext; -import javax.naming.ldap.InitialLdapContext; -import javax.naming.Context; import java.util.Hashtable; +import java.util.Map; +import javax.naming.Context; +import javax.naming.InitialContext; +import javax.naming.ldap.InitialLdapContext; +import javax.naming.ldap.LdapContext; + /** * Session around LDAP store. Exposes LDAP connection (LdapContext) and does nothing for transaction related methods * @@ -38,40 +41,72 @@ */ public class LDAPIdentityStoreSessionImpl implements IdentityStoreSession { + private final LDAPIdentityStoreConfiguration storeConfig; - private final String INITIAL_CONTEXT_FACTORY; + public LDAPIdentityStoreSessionImpl(LDAPIdentityStoreConfiguration storeConfig) + { + this.storeConfig = storeConfig; - private final String PROVIDER_URL; + } - private final String SECURITY_AUTHENTICATION; - private final String SECURITY_PRINCIPAL; + public LdapContext getLdapContext() throws Exception + { - private final String SECURITY_CREDENTIALS; + if (storeConfig.getExternalJNDIContext() != null) + { + InitialContext iniCtx = new InitialContext(); + return (LdapContext)iniCtx.lookup(storeConfig.getExternalJNDIContext()); + } + if (storeConfig.getCustomSystemProperties() != null && + storeConfig.getCustomSystemProperties().size() > 0) + { - public LDAPIdentityStoreSessionImpl(String INITIAL_CONTEXT_FACTORY, - String PROVIDER_URL, - String SECURITY_AUTHENTICATION, - String SECURITY_PRINCIPAL, - String SECURITY_CREDENTIALS) - { - this.INITIAL_CONTEXT_FACTORY = INITIAL_CONTEXT_FACTORY; - this.PROVIDER_URL = PROVIDER_URL; - this.SECURITY_AUTHENTICATION = SECURITY_AUTHENTICATION; - this.SECURITY_PRINCIPAL = SECURITY_PRINCIPAL; - this.SECURITY_CREDENTIALS = SECURITY_CREDENTIALS; - } + Map<String, String> props = storeConfig.getCustomSystemProperties(); - public LdapContext getLdapContext() throws Exception - { + for (String name : props.keySet()) + { + System.setProperty(name, props.get(name)); + } + } + Hashtable<String,String> env = new Hashtable<String,String>(); - env.put(Context.INITIAL_CONTEXT_FACTORY, INITIAL_CONTEXT_FACTORY); - env.put(Context.PROVIDER_URL, PROVIDER_URL); - env.put(Context.SECURITY_AUTHENTICATION, SECURITY_AUTHENTICATION); - env.put(Context.SECURITY_PRINCIPAL, SECURITY_PRINCIPAL); - env.put(Context.SECURITY_CREDENTIALS, SECURITY_CREDENTIALS); + + env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); + + if (storeConfig.getProviderURL() != null) + { + env.put(Context.PROVIDER_URL, storeConfig.getProviderURL()); + + } + if (storeConfig.getAdminDN() != null) + { + env.put(Context.SECURITY_PRINCIPAL, storeConfig.getAdminDN()); + + } + if (storeConfig.getAdminPassword() != null) + { + env.put(Context.SECURITY_CREDENTIALS, storeConfig.getAdminPassword()); + + } + + env.put(Context.SECURITY_AUTHENTICATION, "simple"); + + if (storeConfig.getCustomJNDIConnectionParameters() != null && + storeConfig.getCustomJNDIConnectionParameters().size() > 0) + { + + Map<String, String> params = storeConfig.getCustomJNDIConnectionParameters(); + + for (String name : params.keySet()) + { + env.put(name, params.get(name)); + } + } + + return new InitialLdapContext(env, null); } Modified: idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityObjectTypeConfiguration.java =================================================================== --- idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityObjectTypeConfiguration.java 2009-08-07 21:17:36 UTC (rev 680) +++ idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityObjectTypeConfiguration.java 2009-08-07 22:56:43 UTC (rev 681) @@ -47,21 +47,37 @@ private final String entrySearchFilter; + private final String entrySearchScope; + private final boolean allowCreateEntry; private final Map<String, String[]> createEntryAttributeValues; private final String[] allowedMembershipTypes; - private final String membershipAttributeName; + private final String parentMembershipAttributeName; - private final boolean isMembershipAttributeDN; + private final boolean isParentMembershipAttributeDN; private final boolean allowEmptyMemberships; private final Map<String, String> attributeNames; + private final String childMembershipAttributeName; + private final boolean isChildMembershipAttributeDN; + + private final boolean allowEmptyPassword; + + private final String enclosePasswordWith; + + private final String passwordEncoding; + + private final Map<String, String[]> updatePasswordAttributeValues; + + private final boolean subentryMembershipLookup; + + //Consts public static final String ID_ATTRIBUTE_NAME = "idAttributeName"; @@ -72,24 +88,45 @@ public static final String ENTRY_SEARCH_FILTER = "entrySearchFilter"; + public static final String ENTRY_SEARCH_SCOPE = "entrySearchScope"; + public static final String ALLOW_CREATE_ENTRY = "allowCreateEntry"; - public static final String MEMBERSHIP_ATTRIBUTE_NAME = "membershipAttributeName"; + public static final String PARENT_MEMBERSHIP_ATTRIBUTE_NAME = "parentMembershipAttributeName"; - public static final String IS_MEMBERSHIP_ATTRIBUTE_DN = "isMembershipAttributeDN"; + public static final String IS_PARENT_MEMBERSHIP_ATTRIBUTE_DN = "isParentMembershipAttributeDN"; - public static final String ALLOW_EMPTY_MEMBERSHIPS = "allowEmptyMemberships"; + public static final String ALLOW_EMPTY_MEMBERSHIPS = "isAllowEmptyMemberships"; public static final String CREATE_ENTRY_ATTRIBUTE_VALUES = "createEntryAttributeValues"; + public static final String CHILD_MEMBERSHIP_ATTRIBUTE_NAME = "childMembershipAttributeName"; + public static final String CHILD_MEMBERSHIP_ATTRIBUTE_DN = "childMembershipAttributeDN"; + public static final String ALLOW_EMPTY_PASSWORD = "allowEmptyPassword"; + + public static final String ENCLOSE_PASSWORD_WITH = "enclosePasswordWith"; + + public static final String PASSWORD_ENCODIGN = "passwordEncoding"; + + public static final String SUBENTRY_MEMBERSHIP_LOOKUP = "subentryMembershipLookup"; + + public static final String PASSWORD_UPDATE_ATTRIBUTE_VALUES = "passwordUpdateAttributeValues"; + + public SimpleLDAPIdentityObjectTypeConfiguration(IdentityObjectTypeMetaData objectTypeMD) { this.idAttributeName = objectTypeMD.getOptionSingleValue(ID_ATTRIBUTE_NAME); this.passwordAttributeName = objectTypeMD.getOptionSingleValue(PASSWORD_ATTRIBUTE_NAME); this.entrySearchFilter = objectTypeMD.getOptionSingleValue(ENTRY_SEARCH_FILTER); - this.membershipAttributeName = objectTypeMD.getOptionSingleValue(MEMBERSHIP_ATTRIBUTE_NAME); + this.entrySearchScope = objectTypeMD.getOptionSingleValue(ENTRY_SEARCH_SCOPE); + this.parentMembershipAttributeName = objectTypeMD.getOptionSingleValue(PARENT_MEMBERSHIP_ATTRIBUTE_NAME); + this.childMembershipAttributeName = objectTypeMD.getOptionSingleValue(CHILD_MEMBERSHIP_ATTRIBUTE_NAME); + this.enclosePasswordWith = objectTypeMD.getOptionSingleValue(ENCLOSE_PASSWORD_WITH); + this.passwordEncoding = objectTypeMD.getOptionSingleValue(PASSWORD_ENCODIGN); + + String allowCreateEntry = objectTypeMD.getOptionSingleValue(ALLOW_CREATE_ENTRY); if (allowCreateEntry != null && allowCreateEntry.equalsIgnoreCase("true")) { @@ -100,14 +137,14 @@ this.allowCreateEntry = false; } - String isMembershipAttributeDN = objectTypeMD.getOptionSingleValue(IS_MEMBERSHIP_ATTRIBUTE_DN); + String isMembershipAttributeDN = objectTypeMD.getOptionSingleValue(IS_PARENT_MEMBERSHIP_ATTRIBUTE_DN); if (isMembershipAttributeDN != null && isMembershipAttributeDN.equalsIgnoreCase("true")) { - this.isMembershipAttributeDN = true; + this.isParentMembershipAttributeDN = true; } else { - this.isMembershipAttributeDN = false; + this.isParentMembershipAttributeDN = false; } String allowEmptyMemberships = objectTypeMD.getOptionSingleValue(ALLOW_EMPTY_MEMBERSHIPS); @@ -120,6 +157,36 @@ this.allowEmptyMemberships = false; } + String isChildMembershipAttributeDN = objectTypeMD.getOptionSingleValue(CHILD_MEMBERSHIP_ATTRIBUTE_DN); + if (isChildMembershipAttributeDN != null && isChildMembershipAttributeDN.equalsIgnoreCase("true")) + { + this.isChildMembershipAttributeDN = true; + } + else + { + this.isChildMembershipAttributeDN = false; + } + + String allowEmptyPassword = objectTypeMD.getOptionSingleValue(ALLOW_EMPTY_PASSWORD); + if (allowEmptyPassword != null && allowEmptyPassword.equalsIgnoreCase("true")) + { + this.allowEmptyPassword = true; + } + else + { + this.allowEmptyPassword = false; + } + + String subentryMembershipLookup = objectTypeMD.getOptionSingleValue(SUBENTRY_MEMBERSHIP_LOOKUP); + if (subentryMembershipLookup != null && subentryMembershipLookup.equalsIgnoreCase("true")) + { + this.subentryMembershipLookup = true; + } + else + { + this.subentryMembershipLookup = false; + } + List<String> relationships = new LinkedList<String>(); if (objectTypeMD.getRelationships() != null) @@ -194,39 +261,59 @@ this.createEntryAttributeValues = Collections.unmodifiableMap(new HashMap<String, String[]>()); } + + + Map<String, List<String>> updatePasswordAttributesMap = new HashMap<String, List<String>>(); + + List<String> passwordUpdateAttributes = objectTypeMD.getOption(PASSWORD_UPDATE_ATTRIBUTE_VALUES); + + if (passwordUpdateAttributes != null && passwordUpdateAttributes.size() > 0 ) + { + for (String attribute : passwordUpdateAttributes) + { + String[] parts = attribute.split("=", 2); + if (parts.length != 2) + { + continue; + } + + String name = parts[0]; + String value = parts[1]; + + if (!updatePasswordAttributesMap.containsKey(name)) + { + List<String> list = new LinkedList<String>(); + list.add(value); + updatePasswordAttributesMap.put(name, list); + } + else + { + updatePasswordAttributesMap.get(name).add(value); + } + } + + Map<String, String[]> createEntryAttributesArray = new HashMap<String, String[]>(); + + for (Map.Entry<String, List<String>> entry : updatePasswordAttributesMap.entrySet()) + { + createEntryAttributesArray.put(entry.getKey(), entry.getValue().toArray(new String[entry.getValue().size()])); + } + + this.updatePasswordAttributeValues = Collections.unmodifiableMap(createEntryAttributesArray); + } + else + { + this.updatePasswordAttributeValues = Collections.unmodifiableMap(new HashMap<String, String[]>()); + } + //TODO: validate all required options - throw exception for missing ones and set defaults for others } - public SimpleLDAPIdentityObjectTypeConfiguration(String idAttributeName, - String passwordAttributeName, - String[] ctxDNs, - String entrySearchFilter, - boolean allowCreateEntry, - Map<String, String[]> createEntryAttributeValues, - String[] allowedMembershipTypes, - String membershipAttributeName, - boolean membershipAttributeDN, - boolean allowEmptyMemberships, - Map<String, String> attributeNames) - { - this.idAttributeName = idAttributeName; - this.passwordAttributeName = passwordAttributeName; - this.ctxDNs = ctxDNs.clone(); - this.entrySearchFilter = entrySearchFilter; - this.allowCreateEntry = allowCreateEntry; - this.createEntryAttributeValues = Collections.unmodifiableMap(createEntryAttributeValues); - this.allowedMembershipTypes = allowedMembershipTypes.clone(); - this.membershipAttributeName = membershipAttributeName; - isMembershipAttributeDN = membershipAttributeDN; - this.allowEmptyMemberships = allowEmptyMemberships; - this.attributeNames = Collections.unmodifiableMap(attributeNames); - } - public String getIdAttributeName() { return idAttributeName; @@ -257,17 +344,17 @@ return allowedMembershipTypes.clone(); } - public String getMembershipAttributeName() + public String getParentMembershipAttributeName() { - return membershipAttributeName; + return parentMembershipAttributeName; } - public boolean isMembershipAttributeDN() + public boolean isParentMembershipAttributeDN() { - return isMembershipAttributeDN; + return isParentMembershipAttributeDN; } - public boolean allowEmptyMemberships() + public boolean isAllowEmptyMemberships() { return allowEmptyMemberships; } @@ -282,58 +369,54 @@ return passwordAttributeName; } - // public void setIdAttributeName(String idAttributeName) -// { -// this.idAttributeName = idAttributeName; -// } -// -// public void setCtxDNs(String[] ctxDNs) -// { -// this.ctxDNs = ctxDNs; -// } -// -// public void setEntrySearchFilter(String entrySearchFilter) -// { -// this.entrySearchFilter = entrySearchFilter; -// } -// -// public void setAllowCreateEntry(boolean allowCreateEntry) -// { -// this.allowCreateEntry = allowCreateEntry; -// } -// -// public void setCreateEntryAttributeValues(Map<String, String[]> createEntryAttributeValues) -// { -// this.createEntryAttributeValues = createEntryAttributeValues; -// } -// -// public void setAllowedMembershipTypes(String[] allowedMembershipTypes) -// { -// this.allowedMembershipTypes = allowedMembershipTypes; -// } -// -// public void setMembershipAttributeName(String membershipAttributeName) -// { -// this.membershipAttributeName = membershipAttributeName; -// } -// -// public void setMembershipAttributeDN(boolean membershipAttributeDN) -// { -// isMembershipAttributeDN = membershipAttributeDN; -// } -// -// public void setAllowEmptyMemberships(boolean allowEmptyMemberships) -// { -// this.allowEmptyMemberships = allowEmptyMemberships; -// } -// -// public void setAttributeNames(Map<String, String> attributeNames) -// { -// this.attributeNames = attributeNames; -// } - + public Set<String> getMappedAttributesNames() { return Collections.unmodifiableSet(attributeNames.keySet()); } + + public String getEntrySearchScope() + { + return entrySearchScope; + } + + public Map<String, String> getAttributeNames() + { + return attributeNames; + } + + public String getChildMembershipAttributeName() + { + return childMembershipAttributeName; + } + + public boolean isChildMembershipAttributeDN() + { + return isChildMembershipAttributeDN; + } + + public boolean isAllowEmptyPassword() + { + return allowEmptyPassword; + } + + public String getEnclosePasswordWith() + { + return enclosePasswordWith; + } + + public String getPasswordEncoding() + { + return passwordEncoding; + } + + public Map<String, String[]> getUpdatePasswordAttributeValues() + { + return updatePasswordAttributeValues; + } + + public boolean isSubentryMembershipLookup() + { + return subentryMembershipLookup; + } } Modified: idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityStoreConfiguration.java =================================================================== --- idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityStoreConfiguration.java 2009-08-07 21:17:36 UTC (rev 680) +++ idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityStoreConfiguration.java 2009-08-07 22:56:43 UTC (rev 681) @@ -29,13 +29,19 @@ import java.util.Map; import java.util.HashMap; +import java.util.List; +import java.util.LinkedList; +import java.util.Collections; /** * @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw Dawidowicz</a> * @version : 0.1 $ */ -public class SimpleLDAPIdentityStoreConfiguration implements LDAPIdentityStoreConfiguration +public class SimpleLDAPIdentityStoreConfiguration + implements LDAPIdentityStoreConfiguration { + private final IdentityStoreConfigurationMetaData configurationMetaData; + private final String providerURL; private final String adminDN; @@ -46,7 +52,35 @@ private final Map<String, LDAPIdentityObjectTypeConfiguration> typesConfiguration; + private final Map<String, String> customJNDIConnectionParameters; + private final Map<String, String> customSystemProperties; + + private final String externalJNDIContext; + + private final String membershipToRelationshipTypeMapping; + + private final boolean supportNamedRelationships; + + private final String[] relationshipNamesCtxDNs; + + private final String relationshipNameSearchFilter; + + private final String relationshipNameSearchScope; + + private final Map<String, String[]> relationshipNameCreateEntryAttributeValues; + + private final String relationshipNameAttributeName; + + private final String namedRelationshipSearchFilter; + + private final Map<String, String[]> namedRelationshipCreateEntryAttributeValues; + + private final String namedRelationshipNameAttributeName; + + private final String namedRelationshipMemberAttributeName; + + // Consts public static final String PROVIDER_URL = "providerURL"; @@ -59,6 +93,34 @@ public static final int SEARCH_TIME_LIMIT_DEFAULT = 10000; + public static final String CUSTOM_JNDI_CONNECTION_PARAMETERS = "customJNDIConnectionParameters"; + + public static final String CUSTOM_SYSTEM_PROPERTIES = "customSystemProperties"; + + public static final String EXTERNAL_JNDI_CONTEXT = "externalJNDIContext"; + + public static final String MEMBERSHIP_TO_RELATIONSHIP_TYPE_MAPPING = "membershipToRelationshipTypeMapping"; + + public static final String SUPPORT_NAMED_RELATIONSHIPS = "supportNamedRelationships"; + + public static final String RELATIONSHIP_NAMES_CTX_DNS = "relationshipNamesCtxDNs"; + + public static final String RELATIONSHIP_NAME_SEARCH_FILTER = "relationshipNameSearchFilter"; + + public static final String RELATIONSHIP_NAME_SEARCH_SCOPE = "relationshipNameSearchScope"; + + public static final String RELATIONSHOP_NAME_CREATE_ENTRY_ATTRIBUTE_VALUES = "relationshipNameCreateEntryAttributeValues"; + + public static final String RELATIONSHIP_NAME_ATTRIBUTE_NAME = "relationshipNameAttributeName"; + + public static final String NAMED_RELATIONSHIP_SEARCH_FILTER = "namedRelationshipSearchFilter"; + + public static final String NAMED_RELATIONSHIP_CREATE_ENTRY_ATTRIBUTE_VALUES = "namedRelationshipCreateEntryAttributeValues"; + + public static final String NAMED_RELATIONSHIP_NAME_ATTRIBUTE_NAME = "namedRelationshipNameAttributeName"; + + public static final String NAMED_RELATIONSHIP_MEMBER_ATTRIBUTE_NAME = "namedRelationshipMemberAttributeName"; + public SimpleLDAPIdentityStoreConfiguration(IdentityStoreConfigurationMetaData storeMD) { if (storeMD == null) @@ -66,20 +128,41 @@ throw new IllegalArgumentException(); } - providerURL = storeMD.getOptionSingleValue(PROVIDER_URL); - adminDN = storeMD.getOptionSingleValue(ADMIN_DN); - adminPassword = storeMD.getOptionSingleValue(ADMIN_PASSWORD); + + this.configurationMetaData = storeMD; + this.providerURL = storeMD.getOptionSingleValue(PROVIDER_URL); + this.adminDN = storeMD.getOptionSingleValue(ADMIN_DN); + this.adminPassword = storeMD.getOptionSingleValue(ADMIN_PASSWORD); + this.externalJNDIContext = storeMD.getOptionSingleValue(EXTERNAL_JNDI_CONTEXT); + this.membershipToRelationshipTypeMapping = storeMD.getOptionSingleValue(MEMBERSHIP_TO_RELATIONSHIP_TYPE_MAPPING); + this.relationshipNameSearchFilter = storeMD.getOptionSingleValue(RELATIONSHIP_NAME_SEARCH_FILTER); + this.relationshipNameSearchScope = storeMD.getOptionSingleValue(RELATIONSHIP_NAME_SEARCH_SCOPE); + this.relationshipNameAttributeName = storeMD.getOptionSingleValue(RELATIONSHIP_NAME_ATTRIBUTE_NAME); + this.namedRelationshipSearchFilter = storeMD.getOptionSingleValue(NAMED_RELATIONSHIP_SEARCH_FILTER); + this.namedRelationshipNameAttributeName = storeMD.getOptionSingleValue(NAMED_RELATIONSHIP_NAME_ATTRIBUTE_NAME); + this.namedRelationshipMemberAttributeName = storeMD.getOptionSingleValue(NAMED_RELATIONSHIP_MEMBER_ATTRIBUTE_NAME); String searchTL = storeMD.getOptionSingleValue(SEARCH_TIME_LIMIT); if (searchTL != null) { - searchTimeLimit = Integer.valueOf(searchTL); + this.searchTimeLimit = Integer.valueOf(searchTL); } else { - searchTimeLimit = SEARCH_TIME_LIMIT_DEFAULT; + this.searchTimeLimit = SEARCH_TIME_LIMIT_DEFAULT; } + String supportNamedRelationships = storeMD.getOptionSingleValue(SUPPORT_NAMED_RELATIONSHIPS); + if (supportNamedRelationships != null && supportNamedRelationships.equalsIgnoreCase("true")) + { + this.supportNamedRelationships = true; + } + else + { + this.supportNamedRelationships = false; + } + + Map<String, LDAPIdentityObjectTypeConfiguration> types = new HashMap<String, LDAPIdentityObjectTypeConfiguration>(); for (IdentityObjectTypeMetaData identityObjectTypeMetaData : storeMD.getSupportedIdentityTypes()) @@ -89,8 +172,161 @@ } - typesConfiguration = types; + List<String> dns = storeMD.getOption(RELATIONSHIP_NAMES_CTX_DNS); + if (dns != null) + { + this.relationshipNamesCtxDNs = dns.toArray(new String[dns.size()]); + } + else + { + this.relationshipNamesCtxDNs = null; + } + this.typesConfiguration = types; + + + Map<String, List<String>> createNamedRelationshipEntryAttributesMap = new HashMap<String, List<String>>(); + + List<String> createNamedRelationshipAttributes = storeMD.getOption(NAMED_RELATIONSHIP_CREATE_ENTRY_ATTRIBUTE_VALUES); + + if (createNamedRelationshipAttributes != null && createNamedRelationshipAttributes.size() > 0) + { + for (String attribute : createNamedRelationshipAttributes) + { + String[] parts = attribute.split("=", 2); + if (parts.length != 2) + { + continue; + } + + String name = parts[0]; + String value = parts[1]; + + if (!createNamedRelationshipEntryAttributesMap.containsKey(name)) + { + List<String> list = new LinkedList<String>(); + list.add(value); + createNamedRelationshipEntryAttributesMap.put(name, list); + } + else + { + createNamedRelationshipEntryAttributesMap.get(name).add(value); + } + } + + Map<String, String[]> createEntryAttributesArray = new HashMap<String, String[]>(); + + for (Map.Entry<String, List<String>> entry : createNamedRelationshipEntryAttributesMap.entrySet()) + { + createEntryAttributesArray.put(entry.getKey(), entry.getValue().toArray(new String[entry.getValue().size()])); + } + + this.namedRelationshipCreateEntryAttributeValues = Collections.unmodifiableMap(createEntryAttributesArray); + } + else + { + this.namedRelationshipCreateEntryAttributeValues = Collections.unmodifiableMap(new HashMap<String, String[]>()); + } + + Map<String, List<String>> createRelationshipNameEntryAttributesMap = new HashMap<String, List<String>>(); + + List<String> createRelationshipNameAttributes = storeMD.getOption(RELATIONSHOP_NAME_CREATE_ENTRY_ATTRIBUTE_VALUES); + + if (createRelationshipNameAttributes != null && createRelationshipNameAttributes.size() > 0 ) + { + for (String attribute : createRelationshipNameAttributes) + { + String[] parts = attribute.split("=", 2); + if (parts.length != 2) + { + continue; + } + + String name = parts[0]; + String value = parts[1]; + + if (!createRelationshipNameEntryAttributesMap.containsKey(name)) + { + List<String> list = new LinkedList<String>(); + list.add(value); + createRelationshipNameEntryAttributesMap.put(name, list); + } + else + { + createRelationshipNameEntryAttributesMap.get(name).add(value); + } + } + + Map<String, String[]> createEntryAttributesArray = new HashMap<String, String[]>(); + + for (Map.Entry<String, List<String>> entry : createRelationshipNameEntryAttributesMap.entrySet()) + { + createEntryAttributesArray.put(entry.getKey(), entry.getValue().toArray(new String[entry.getValue().size()])); + } + + this.relationshipNameCreateEntryAttributeValues = Collections.unmodifiableMap(createEntryAttributesArray); + } + else + { + this.relationshipNameCreateEntryAttributeValues = Collections.unmodifiableMap(new HashMap<String, String[]>()); + } + + List<String> customJndiParams = storeMD.getOption(CUSTOM_JNDI_CONNECTION_PARAMETERS); + + Map<String, String> customJndiParamsMap = new HashMap<String, String>(); + + if (customJndiParams != null && customJndiParams.size() > 0 ) + { + for (String param : customJndiParams) + { + String[] parts = param.split("=", 2); + if (parts.length != 2) + { + continue; + } + + String name = parts[0]; + String value = parts[1]; + + customJndiParamsMap.put(name, value); + + } + + this.customJNDIConnectionParameters = Collections.unmodifiableMap(customJndiParamsMap); + } + else + { + this.customJNDIConnectionParameters = Collections.unmodifiableMap(new HashMap<String, String>()); + } + + List<String> customSystemProps = storeMD.getOption(CUSTOM_SYSTEM_PROPERTIES); + + Map<String, String> customSystemProperties = new HashMap<String, String>(); + + if (customSystemProps != null && customSystemProps.size() > 0 ) + { + for (String param : customSystemProps) + { + String[] parts = param.split("=", 2); + if (parts.length != 2) + { + continue; + } + + String name = parts[0]; + String value = parts[1]; + + customSystemProperties.put(name, value); + + } + + this.customSystemProperties = Collections.unmodifiableMap(customSystemProperties); + } + else + { + this.customSystemProperties = Collections.unmodifiableMap(new HashMap<String, String>()); + } + //TODO: validate if critical values are present @@ -134,5 +370,84 @@ return types; } - + + public IdentityStoreConfigurationMetaData getConfigurationMetaData() + { + return configurationMetaData; + } + + public Map<String, LDAPIdentityObjectTypeConfiguration> getTypesConfiguration() + { + return typesConfiguration; + } + + public Map<String, String> getCustomJNDIConnectionParameters() + { + return customJNDIConnectionParameters; + } + + public Map<String, String> getCustomSystemProperties() + { + return customSystemProperties; + } + + public String getExternalJNDIContext() + { + return externalJNDIContext; + } + + public String getMembershipToRelationshipTypeMapping() + { + return membershipToRelationshipTypeMapping; + } + + public boolean isSupportNamedRelationships() + { + return supportNamedRelationships; + } + + public String[] getRelationshipNamesCtxDNs() + { + return relationshipNamesCtxDNs; + } + + public String getRelationshipNameSearchFilter() + { + return relationshipNameSearchFilter; + } + + public String getRelationshipNameSearchScope() + { + return relationshipNameSearchScope; + } + + public Map<String, String[]> getRelationshipNameCreateEntryAttributeValues() + { + return relationshipNameCreateEntryAttributeValues; + } + + public String getRelationshipNameAttributeName() + { + return relationshipNameAttributeName; + } + + public String getNamedRelationshipSearchFilter() + { + return namedRelationshipSearchFilter; + } + + public Map<String, String[]> getNamedRelationshipCreateEntryAttributeValues() + { + return namedRelationshipCreateEntryAttributeValues; + } + + public String getNamedRelationshipNameAttributeName() + { + return namedRelationshipNameAttributeName; + } + + public String getNamedRelationshipMemberAttributeName() + { + return namedRelationshipMemberAttributeName; + } } Modified: idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/IdentityTestPOJO.java =================================================================== --- idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/IdentityTestPOJO.java 2009-08-07 21:17:36 UTC (rev 680) +++ idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/IdentityTestPOJO.java 2009-08-07 22:56:43 UTC (rev 681) @@ -22,32 +22,31 @@ package org.jboss.identity.idm.impl; -import org.jboss.unit.api.pojo.annotations.Parameter; -import static org.jboss.unit.api.Assert.assertTrue; -import org.jboss.portal.test.framework.embedded.JNDISupport; -import org.jboss.portal.test.framework.embedded.ConnectionManagerSupport; -import org.jboss.portal.test.framework.embedded.TransactionManagerSupport; -import org.jboss.portal.test.framework.embedded.DataSourceSupport; -import org.jboss.portal.test.framework.embedded.HibernateSupport; import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObject; import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectAttribute; import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttribute; -import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectTextAttribute; +import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttributeValue; import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectCredential; import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectCredentialType; import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectRelationship; import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectRelationshipName; import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectRelationshipType; +import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectTextAttribute; import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectType; import org.jboss.identity.idm.impl.model.hibernate.HibernateRealm; -import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttributeValue; import org.jboss.identity.idm.test.HibernateAnnotationsSupport; -import org.hibernate.SessionFactory; +import org.jboss.portal.test.framework.embedded.ConnectionManagerSupport; +import org.jboss.portal.test.framework.embedded.DataSourceSupport; +import org.jboss.portal.test.framework.embedded.HibernateSupport; +import org.jboss.portal.test.framework.embedded.JNDISupport; +import org.jboss.portal.test.framework.embedded.TransactionManagerSupport; +import org.jboss.unit.api.pojo.annotations.Parameter; -import java.util.List; import java.util.LinkedList; +import java.util.List; import junit.framework.TestCase; +import org.hibernate.SessionFactory; /** @@ -57,7 +56,7 @@ public class IdentityTestPOJO extends TestCase { - private String identityConfig = "test-identity-config.xml"; + protected String identityConfig = "test-identity-config.xml"; private String realmName; @@ -141,7 +140,7 @@ public void overrideFromProperties() throws Exception { - String dsName =System.getProperties().getProperty("dataSourceName"); + String dsName = System.getProperties().getProperty("dataSourceName"); if (dsName != null && !dsName.startsWith("$")) { Modified: idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/LDAPTestPOJO.java =================================================================== --- idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/LDAPTestPOJO.java 2009-08-07 21:17:36 UTC (rev 680) +++ idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/LDAPTestPOJO.java 2009-08-07 22:56:43 UTC (rev 681) @@ -23,20 +23,21 @@ package org.jboss.identity.idm.impl; import org.jboss.identity.idm.opends.OpenDSService; +import org.jboss.portal.test.framework.embedded.DSConfig; import org.jboss.unit.api.pojo.annotations.Parameter; -import org.opends.server.tools.LDAPModify; +import java.net.URL; +import java.util.Hashtable; + +import javax.naming.Binding; import javax.naming.Context; import javax.naming.NamingEnumeration; -import javax.naming.Binding; import javax.naming.directory.DirContext; import javax.naming.ldap.InitialLdapContext; import javax.naming.ldap.LdapContext; -import java.util.Hashtable; -import java.io.File; -import java.net.URL; -import java.net.URISyntaxException; +import org.opends.server.tools.LDAPModify; + /** * @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw Dawidowicz</a> * @version : 0.1 $ @@ -44,49 +45,55 @@ public class LDAPTestPOJO extends IdentityTestPOJO { - private String directoryName = "EmbeddedOpenDS"; + private String EMBEDDED_OPEN_DS_DIRECTORY_NAME = "EmbeddedOpenDS"; - public static final String LDAP_HOST = "localhost"; + protected DSConfig directoryConfig; - public static final String LDAP_PORT = "10389"; + private String directories = "datasources/directories.xml"; - public static final String LDAP_PROVIDER_URL = "ldap://" + LDAP_HOST + ":" + LDAP_PORT; + //By default use embedded OpenDS + private String directoryName = EMBEDDED_OPEN_DS_DIRECTORY_NAME; - public static final String LDAP_PRINCIPAL = "cn=Directory Manager"; - - public static final String LDAP_CREDENTIALS = "password"; - public static Hashtable<String,String> env = new Hashtable<String,String>(); - static - { - env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); - env.put(Context.PROVIDER_URL, LDAP_PROVIDER_URL); - env.put(Context.SECURITY_AUTHENTICATION, "simple"); - env.put(Context.SECURITY_PRINCIPAL, LDAP_PRINCIPAL); - env.put(Context.SECURITY_CREDENTIALS, LDAP_CREDENTIALS); - } - OpenDSService openDSService = new OpenDSService(null); @Override public void start() throws Exception { + + overrideFromProperties(); + + directoryConfig = DSConfig.obtainConfig(directories, directoryName); + + identityConfig = directoryConfig.getConfigFile(); + super.start(); + env.put(Context.INITIAL_CONTEXT_FACTORY, directoryConfig.getContextFactory()); + //Use description to store URL to be able to prefix with "ldaps://" + env.put(Context.PROVIDER_URL, directoryConfig.getDescription()); + env.put(Context.SECURITY_AUTHENTICATION, "simple"); + env.put(Context.SECURITY_PRINCIPAL, directoryConfig.getAdminDN()); + env.put(Context.SECURITY_CREDENTIALS, directoryConfig.getAdminPassword()); - openDSService.start(); - - + if (directoryName.equals(EMBEDDED_OPEN_DS_DIRECTORY_NAME)) + { + openDSService.start(); + } } @Override public void stop() throws Exception { + cleanUp(new InitialLdapContext(env, null)); + super.stop(); - cleanUp(new InitialLdapContext(env, null)); - openDSService.stop(); + if (directoryName.equals(EMBEDDED_OPEN_DS_DIRECTORY_NAME)) + { + openDSService.stop(); + } } @@ -114,14 +121,14 @@ return directoryName; } - public void populate() throws Exception - { - populateLDIF("ldap/initial-opends.ldif"); - } +// public void populate() throws Exception +// { +// populateLDIF("ldap/initial-opends.ldif"); +// } public void populateClean() throws Exception { - populateLDIF("ldap/initial-empty-opends.ldif"); + populateLDIF(directoryConfig.getPopulateLdif()); } public void populateLDIF(String ldif) throws Exception @@ -131,13 +138,14 @@ System.out.println("LDIF: " + ldifURL.toURI().getPath()); - String[] cmd = new String[] {"-h", LDAP_HOST, - "-p", LDAP_PORT, - "-D", LDAP_PRINCIPAL, - "-w", LDAP_CREDENTIALS, + String[] cmd = new String[] {"-h", directoryConfig.getHost(), + "-p", directoryConfig.getPort(), + "-D", directoryConfig.getAdminDN(), + "-w", directoryConfig.getAdminPassword(), "-a", "-f", ldifURL.toURI().getPath()}; - System.out.println("Populate success: " + (LDAPModify.mainModify(cmd, false, System.out, System.err) == 0)); +// System.out.println("Populate success: " + (LDAPModify.mainModify(cmd, false, System.out, System.err) == 0)); + System.out.println("Populate success: " + (LDAPModify.mainModify(cmd) == 0)); } @@ -145,7 +153,7 @@ { try { - String dn = "dc=portal,dc=example,dc=com"; + String dn = directoryConfig.getCleanUpDN(); System.out.println("Removing: " + dn); Modified: idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreTestCase.java =================================================================== --- idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreTestCase.java 2009-08-07 21:17:36 UTC (rev 680) +++ idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreTestCase.java 2009-08-07 22:56:43 UTC (rev 681) @@ -22,34 +22,30 @@ package org.jboss.identity.idm.impl.store.ldap; +import org.jboss.identity.idm.common.exception.IdentityException; +import org.jboss.identity.idm.impl.LDAPTestPOJO; +import org.jboss.identity.idm.impl.configuration.IdentityConfigurationImpl; +import org.jboss.identity.idm.impl.configuration.IdentityStoreConfigurationContextImpl; +import org.jboss.identity.idm.impl.configuration.jaxb2.JAXB2IdentityConfiguration; +import org.jboss.identity.idm.impl.store.CommonIdentityStoreTest; +import org.jboss.identity.idm.impl.store.IdentityStoreTestContext; +import org.jboss.identity.idm.spi.configuration.IdentityConfigurationContextRegistry; +import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext; +import org.jboss.identity.idm.spi.configuration.metadata.IdentityConfigurationMetaData; +import org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData; import org.jboss.identity.idm.spi.store.IdentityStore; import org.jboss.identity.idm.spi.store.IdentityStoreInvocationContext; import org.jboss.identity.idm.spi.store.IdentityStoreSession; -import org.jboss.identity.idm.spi.model.IdentityObject; -import org.jboss.identity.idm.spi.model.IdentityObjectAttribute; -import org.jboss.identity.idm.spi.configuration.metadata.IdentityConfigurationMetaData; -import org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData; -import org.jboss.identity.idm.spi.configuration.IdentityConfigurationContextRegistry; -import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext; -import org.jboss.identity.idm.impl.store.IdentityTypeEnum; -import org.jboss.identity.idm.impl.store.CommonIdentityStoreTest; -import org.jboss.identity.idm.impl.store.IdentityStoreTestContext; -import org.jboss.identity.idm.impl.configuration.jaxb2.JAXB2IdentityConfiguration; -import org.jboss.identity.idm.impl.configuration.IdentityConfigurationImpl; -import org.jboss.identity.idm.impl.configuration.IdentityStoreConfigurationContextImpl; -import org.jboss.identity.idm.impl.api.SimpleAttribute; -import org.jboss.identity.idm.impl.LDAPTestPOJO; -import org.jboss.identity.idm.common.exception.IdentityException; import org.jboss.unit.api.pojo.annotations.Create; import org.jboss.unit.api.pojo.annotations.Destroy; import org.jboss.unit.api.pojo.annotations.Test; +import java.util.Hashtable; + import javax.naming.Context; import javax.naming.NamingException; -import javax.naming.ldap.LdapContext; import javax.naming.ldap.InitialLdapContext; -import java.util.Hashtable; -import java.util.Map; +import javax.naming.ldap.LdapContext; /** @@ -75,7 +71,7 @@ { super.start(); - setIdentityConfig("store-test-config.xml"); +// setIdentityConfig("store-test-config.xml"); commonTest = new CommonIdentityStoreTest(this); @@ -89,7 +85,7 @@ for (IdentityStoreConfigurationMetaData metaData : configurationMD.getIdentityStores()) { - if (metaData.getId().equals("LDAPTestStore")) + if (metaData.getId().equals("LDAP Identity Store")) { storeMD = metaData; break; @@ -171,7 +167,7 @@ //populate(); - store = new LDAPIdentityStoreImpl("LDAPTestStore"); + store = new LDAPIdentityStoreImpl("LDAP Identity Store"); store.bootstrap(context); } @@ -205,14 +201,14 @@ @Test public void testSimple() throws Exception { - populate(); + populateClean(); Hashtable<String,String> env = new Hashtable<String,String>(); - env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); - env.put(Context.PROVIDER_URL, LDAP_PROVIDER_URL); + env.put(Context.INITIAL_CONTEXT_FACTORY, directoryConfig.getContextFactory()); + env.put(Context.PROVIDER_URL, directoryConfig.getDescription()); env.put(Context.SECURITY_AUTHENTICATION, "simple"); - env.put(Context.SECURITY_PRINCIPAL, LDAP_PRINCIPAL); - env.put(Context.SECURITY_CREDENTIALS, LDAP_CREDENTIALS); + env.put(Context.SECURITY_PRINCIPAL, directoryConfig.getAdminDN()); + env.put(Context.SECURITY_CREDENTIALS, directoryConfig.getAdminPassword()); LdapContext ldapCtx = null; try @@ -220,7 +216,7 @@ ldapCtx = new InitialLdapContext(env, null); // Do something ... - System.out.println("Attributes: " + ldapCtx.getAttributes("o=test,dc=portal,dc=example,dc=com")); + System.out.println("Attributes: " + ldapCtx.getAttributes(directoryConfig.getCleanUpDN())); } catch (NamingException e) @@ -243,147 +239,147 @@ } } - @Test - public void testIdentityObjectCount() throws Exception - { - populate(); +// @Test +// public void testIdentityObjectCount() throws Exception +// { +// populate(); +// +// assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER)); +// assertEquals(5, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.ROLE)); +// assertEquals(2, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP)); +// } +// +// @Test +// public void testFindCreateRemove() throws Exception +// { +// populate(); +// +// assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER)); +// +// IdentityObject io = store.findIdentityObject(ctx, "admin", IdentityTypeEnum.USER); +// assertEquals("admin", io.getName()); +// assertEquals("uid=admin,ou=People,o=test,dc=portal,dc=example,dc=com", io.getId().toString()); +// +// // +// +// store.removeIdentityObject(ctx, io); +// +// assertEquals(6, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER)); +// +// store.createIdentityObject(ctx, "newUserA", IdentityTypeEnum.USER); +// +// assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER)); +// +// // +// +// assertEquals(2, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP)); +// +// store.createIdentityObject(ctx, "newGroupA", IdentityTypeEnum.GROUP); +// +// assertEquals(3, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP)); +// +// // +// +// io = store.findIdentityObject(ctx, "cn=newGroupA,ou=Groups,o=test,dc=portal,dc=example,dc=com"); +// assertEquals("newGroupA", io.getName()); +// +// } - assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER)); - assertEquals(5, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.ROLE)); - assertEquals(2, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP)); - } +// @Test +// public void testAttributes() throws Exception{ +// +// populate(); +// +// IdentityObject user1 = store.createIdentityObject(ctx, "Adam", IdentityTypeEnum.USER); +// IdentityObject user2 = store.createIdentityObject(ctx, "Eva", IdentityTypeEnum.USER); +// +// // +// +// IdentityObjectAttribute[] attrs = new IdentityObjectAttribute[]{ +// new SimpleAttribute("phone", new String[]{"val1"}), +// new SimpleAttribute("description", new String[]{"val1", "val2", "val3", "val4"}), +// +// }; +// +// store.addAttributes(ctx, user1, attrs); +// +// // +// +// Map<String, IdentityObjectAttribute> persistedAttrs = store.getAttributes(ctx, user1); +// +// assertEquals(2, persistedAttrs.keySet().size()); +// +// assertTrue(persistedAttrs.containsKey("phone")); +// assertEquals(1, persistedAttrs.get("phone").getSize()); +// +// assertTrue(persistedAttrs.containsKey("description")); +// assertEquals(4, persistedAttrs.get("description").getSize()); +// +// // +// +// attrs = new IdentityObjectAttribute[]{ +// new SimpleAttribute("carLicense", new String[]{"val1"}) +// }; +// +// store.addAttributes(ctx, user1, attrs); +// +// // +// +// persistedAttrs = store.getAttributes(ctx, user1); +// +// assertEquals(3, persistedAttrs.keySet().size()); +// +// assertTrue(persistedAttrs.containsKey("phone")); +// assertEquals(1, persistedAttrs.get("phone").getSize()); +// +// assertTrue(persistedAttrs.containsKey("description")); +// assertEquals(4, persistedAttrs.get("description").getSize()); +// +// assertTrue(persistedAttrs.containsKey("carLicense")); +// assertEquals(1, persistedAttrs.get("carLicense").getSize()); +// +// attrs = new IdentityObjectAttribute[]{ +// new SimpleAttribute("carLicense", new String[]{"val2"}) +// }; +// +// store.addAttributes(ctx, user1, attrs); +// +// // +// +// persistedAttrs = store.getAttributes(ctx, user1); +// +// assertEquals(3, persistedAttrs.keySet().size()); +// +// assertTrue(persistedAttrs.containsKey("carLicense")); +// assertEquals(2, persistedAttrs.get("carLicense").getSize()); +// +// // +// +// store.updateAttributes(ctx, user1, attrs); +// +// // +// +// persistedAttrs = store.getAttributes(ctx, user1); +// +// assertEquals(3, persistedAttrs.keySet().size()); +// +// assertTrue(persistedAttrs.containsKey("carLicense")); +// assertEquals(1, persistedAttrs.get("carLicense").getSize()); +// +// // +// +// String[] names = new String[]{"carLicense"}; +// store.removeAttributes(ctx, user1, names); +// +// // +// +// persistedAttrs = store.getAttributes(ctx, user1); +// +// assertEquals(2, persistedAttrs.keySet().size()); +// +// } @Test - public void testFindCreateRemove() throws Exception - { - populate(); - - assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER)); - - IdentityObject io = store.findIdentityObject(ctx, "admin", IdentityTypeEnum.USER); - assertEquals("admin", io.getName()); - assertEquals("uid=admin,ou=People,o=test,dc=portal,dc=example,dc=com", io.getId().toString()); - - // - - store.removeIdentityObject(ctx, io); - - assertEquals(6, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER)); - - store.createIdentityObject(ctx, "newUserA", IdentityTypeEnum.USER); - - assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER)); - - // - - assertEquals(2, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP)); - - store.createIdentityObject(ctx, "newGroupA", IdentityTypeEnum.GROUP); - - assertEquals(3, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP)); - - // - - io = store.findIdentityObject(ctx, "cn=newGroupA,ou=Groups,o=test,dc=portal,dc=example,dc=com"); - assertEquals("newGroupA", io.getName()); - - } - - @Test - public void testAttributes() throws Exception{ - - populate(); - - IdentityObject user1 = store.createIdentityObject(ctx, "Adam", IdentityTypeEnum.USER); - IdentityObject user2 = store.createIdentityObject(ctx, "Eva", IdentityTypeEnum.USER); - - // - - IdentityObjectAttribute[] attrs = new IdentityObjectAttribute[]{ - new SimpleAttribute("phone", new String[]{"val1", "val2", "val3"}), - new SimpleAttribute("description", new String[]{"val1", "val2", "val3", "val4"}), - - }; - - store.addAttributes(ctx, user1, attrs); - - // - - Map<String, IdentityObjectAttribute> persistedAttrs = store.getAttributes(ctx, user1); - - assertEquals(2, persistedAttrs.keySet().size()); - - assertTrue(persistedAttrs.containsKey("phone")); - assertEquals(3, persistedAttrs.get("phone").getSize()); - - assertTrue(persistedAttrs.containsKey("description")); - assertEquals(4, persistedAttrs.get("description").getSize()); - - // - - attrs = new IdentityObjectAttribute[]{ - new SimpleAttribute("carLicense", new String[]{"val1"}) - }; - - store.addAttributes(ctx, user1, attrs); - - // - - persistedAttrs = store.getAttributes(ctx, user1); - - assertEquals(3, persistedAttrs.keySet().size()); - - assertTrue(persistedAttrs.containsKey("phone")); - assertEquals(3, persistedAttrs.get("phone").getSize()); - - assertTrue(persistedAttrs.containsKey("description")); - assertEquals(4, persistedAttrs.get("description").getSize()); - - assertTrue(persistedAttrs.containsKey("carLicense")); - assertEquals(1, persistedAttrs.get("carLicense").getSize()); - - attrs = new IdentityObjectAttribute[]{ - new SimpleAttribute("carLicense", new String[]{"val2"}) - }; - - store.addAttributes(ctx, user1, attrs); - - // - - persistedAttrs = store.getAttributes(ctx, user1); - - assertEquals(3, persistedAttrs.keySet().size()); - - assertTrue(persistedAttrs.containsKey("carLicense")); - assertEquals(2, persistedAttrs.get("carLicense").getSize()); - - // - - store.updateAttributes(ctx, user1, attrs); - - // - - persistedAttrs = store.getAttributes(ctx, user1); - - assertEquals(3, persistedAttrs.keySet().size()); - - assertTrue(persistedAttrs.containsKey("carLicense")); - assertEquals(1, persistedAttrs.get("carLicense").getSize()); - - // - - String[] names = new String[]{"carLicense"}; - store.removeAttributes(ctx, user1, names); - - // - - persistedAttrs = store.getAttributes(ctx, user1); - - assertEquals(2, persistedAttrs.keySet().size()); - - } - - @Test public void testRelationships() throws Exception { populateClean(); Added: idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml =================================================================== --- idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml (rev 0) +++ idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml 2009-08-07 22:56:43 UTC (rev 681) @@ -0,0 +1,116 @@ + + +<directories> + <directory> + <directory-name>EmbeddedOpenDS</directory-name> + <description>ldap://localhost:10389</description> +  + <config-file>test-identity-config.xml</config-file> + <host>localhost</host> + <port>10389</port> + <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory> + <admin-dn>cn=Directory Manager</admin-dn> + <admin-password>password</admin-password> +  + <populate-ldif>ldap/initial-empty-opends.ldif</populate-ldif> +  + <cleanup-dn>o=jbid,dc=example,dc=com</cleanup-dn> + </directory> + <directory> + <directory-name>SunDS</directory-name> + <description>ldap://dev39.qa.atl.jboss.com:1389</description> +  + <config-file>test-identity-config-sunds.xml</config-file> + <host>dev39.qa.atl.jboss.com</host> + <port>1389</port> + <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory> + <admin-dn>cn=Directory Manager</admin-dn> + <admin-password>testldap</admin-password> +  + <populate-ldif>ldap/initial-empty-sunds.ldif</populate-ldif> +  + <cleanup-dn>dc=example,dc=com</cleanup-dn> + </directory> + <directory> + <directory-name>RedHatDS</directory-name> + <description>ldap://dev39.qa.atl.jboss.com:10389</description> + + <config-file>test-identity-config-redhatds.xml</config-file> + <host>dev39.qa.atl.jboss.com</host> + <port>10389</port> + <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory> + <admin-dn>cn=Directory Manager</admin-dn> + <admin-password>qpq123qpq</admin-password> + + <populate-ldif>ldap/initial-empty-redhatds.ldif</populate-ldif> + + <cleanup-dn>o=jbid,dc=example,dc=com</cleanup-dn> + </directory> + <directory> + <directory-name>OpenLDAP</directory-name> + <description>ldap://dev39.qa.atl.jboss.com:389</description> + + <config-file>test-identity-config-openldapds.xml</config-file> + <host>dev39.qa.atl.jboss.com</host> + <port>389</port> + <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory> + <admin-dn>cn=Manager,dc=my-domain,dc=com</admin-dn> + <admin-password>jbossqa</admin-password> + + <populate-ldif>ldap/initial-empty-openldapds.ldif</populate-ldif> + + <cleanup-dn>o=jbid,dc=my-domain,dc=com</cleanup-dn> + </directory> + <directory> + <directory-name>MSAD</directory-name> + <description>Microsoft Active Directory in QA Labs (need vpn access)</description> + + <config-file>test-identity-config-msad.xml</config-file> + <host>dev44.qa.atl.jboss.com</host> + <port>389</port> + <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory> + <admin-dn>JBOSS\jbossqa</admin-dn> + <admin-password>jboss42</admin-password> + + <populate-ldif>ldap/initial-empty-msad.ldif</populate-ldif> + + <cleanup-dn>o=jbid,dc=test,dc=domain</cleanup-dn> + </directory> + <directory> + <directory-name>MSAD-local</directory-name> + <description>ldap://192.168.56.101:389</description> + + <config-file>test-identity-config-msad.xml</config-file> + <host>192.168.56.101</host> + <port>389</port> + <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory> + <admin-dn>TEST\Administrator</admin-dn> + <admin-password>!Q2w3e4r</admin-password> + + <populate-ldif>ldap/initial-empty-msad.ldif</populate-ldif> + + <cleanup-dn>o=jbid,dc=test,dc=domain</cleanup-dn> + </directory> + +</directories> Copied: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif (from rev 676, idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif) =================================================================== --- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif (rev 0) +++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif 2009-08-07 22:56:43 UTC (rev 681) @@ -0,0 +1,55 @@ +dn: o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organization +o: jbid + +dn: ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: idm + +dn: ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: trunk + +dn: ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: test + +dn: ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: People + +dn: ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: Roles + +dn: ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: Groups + +dn: ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: Organizations + +dn: ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: OrganizationUnits + +dn: ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: Departments + +dn: ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain +objectclass: top +objectclass: organizationalUnit +ou: Offices + Modified: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif =================================================================== --- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif 2009-08-07 21:17:36 UTC (rev 680) +++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif 2009-08-07 22:56:43 UTC (rev 681) @@ -1,46 +1,54 @@ -dn: dc=portal,dc=example,dc=com +dn: o=jbid,dc=example,dc=com objectclass: top -objectclass: dcObject objectclass: organization -o: portal -dc: portal +o: jbid -dn: o=test,dc=portal,dc=example,dc=com +dn: o=idm,o=jbid,dc=example,dc=com objectclass: top objectclass: organization +o: idm + +dn: o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organization +o: trunk + +dn: o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organization o: test -dn: ou=People,o=test,dc=portal,dc=example,dc=com +dn: ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com objectclass: top objectclass: organizationalUnit ou: People -dn: ou=Roles,o=test,dc=portal,dc=example,dc=com +dn: ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com objectclass: top objectclass: organizationalUnit ou: Roles -dn: ou=Groups,o=test,dc=portal,dc=example,dc=com +dn: ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com objectclass: top objectclass: organizationalUnit ou: Groups -dn: ou=Organizations,o=test,dc=portal,dc=example,dc=com +dn: ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com objectclass: top objectclass: organizationalUnit ou: Organizations -dn: ou=OrganizationUnits,o=test,dc=portal,dc=example,dc=com +dn: ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com objectclass: top objectclass: organizationalUnit ou: OrganizationUnits -dn: ou=Departments,o=test,dc=portal,dc=example,dc=com +dn: ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com objectclass: top objectclass: organizationalUnit ou: Departments -dn: ou=Offices,o=test,dc=portal,dc=example,dc=com +dn: ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com objectclass: top objectclass: organizationalUnit ou: Offices Copied: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-openldapds.ldif (from rev 676, idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif) =================================================================== --- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-openldapds.ldif (rev 0) +++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-openldapds.ldif 2009-08-07 22:56:43 UTC (rev 681) @@ -0,0 +1,55 @@ +dn: o=jbid,dc=my-domain,dc=com +objectclass: top +objectclass: organization +o: jbid + +dn: o=idm,o=jbid,dc=my-domain,dc=com +objectclass: top +objectclass: organization +o: idm + +dn: o=trunk,o=idm,o=jbid,dc=my-domain,dc=com +objectclass: top +objectclass: organization +o: trunk + +dn: o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com +objectclass: top +objectclass: organization +o: test + +dn: ou=People,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com +objectclass: top +objectclass: organizationalUnit +ou: People + +dn: ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com +objectclass: top +objectclass: organizationalUnit +ou: Roles + +dn: ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com +objectclass: top +objectclass: organizationalUnit +ou: Groups + +dn: ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com +objectclass: top +objectclass: organizationalUnit +ou: Organizations + +dn: ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com +objectclass: top +objectclass: organizationalUnit +ou: OrganizationUnits + +dn: ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com +objectclass: top +objectclass: organizationalUnit +ou: Departments + +dn: ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com +objectclass: top +objectclass: organizationalUnit +ou: Offices + Copied: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-redhatds.ldif (from rev 676, idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif) =================================================================== --- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-redhatds.ldif (rev 0) +++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-redhatds.ldif 2009-08-07 22:56:43 UTC (rev 681) @@ -0,0 +1,55 @@ +dn: o=jbid,dc=example,dc=com +objectclass: top +objectclass: organization +o: jbid + +dn: o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organization +o: idm + +dn: o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organization +o: trunk + +dn: o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organization +o: test + +dn: ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: People + +dn: ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: Roles + +dn: ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: Groups + +dn: ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: Organizations + +dn: ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: OrganizationUnits + +dn: ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: Departments + +dn: ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: Offices + Copied: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-sunds.ldif (from rev 676, idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif) =================================================================== --- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-sunds.ldif (rev 0) +++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-sunds.ldif 2009-08-07 22:56:43 UTC (rev 681) @@ -0,0 +1,60 @@ +dn: dc=example,dc=com +objectclass: top +objectclass: dcObject +dc: example + +dn: o=jbid,dc=example,dc=com +objectclass: top +objectclass: organization +o: jbid + +dn: o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organization +o: idm + +dn: o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organization +o: trunk + +dn: o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organization +o: test + +dn: ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: People + +dn: ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: Roles + +dn: ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: Groups + +dn: ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: Organizations + +dn: ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: OrganizationUnits + +dn: ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: Departments + +dn: ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com +objectclass: top +objectclass: organizationalUnit +ou: Offices + Copied: idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml (from rev 676, idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml) =================================================================== --- idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml (rev 0) +++ idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml 2009-08-07 22:56:43 UTC (rev 681) @@ -0,0 +1,931 @@ +<?xml version="1.0" encoding="UTF-8"?> +<jboss-identity xmlns="urn:jboss:identity:idm:config:v1_0_beta" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="urn:jboss:identity:idm:config:v1_0_beta identity-config.xsd"> + <realms> + <realm> + <id>realm://RedHat/DB</id> + <repository-id-ref>RedHat Repository DB</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + <realm> + <id>realm://portal/SamplePortal/DB</id> + <repository-id-ref>Sample Portal Repository DB</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + <realm> + <id>realm://RedHat/DB_LDAP</id> + <repository-id-ref>RedHat Repository DB+LDAP</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + <realm> + <id>realm://portal/SamplePortal/DB_LDAP</id> + <repository-id-ref>Sample Portal Repository DB+LDAP</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + </realms> + <repositories> + <repository> + <id>RedHat Repository DB</id> + <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + <repository> + <id>Sample Portal Repository DB</id> + <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + <repository> + <id>RedHat Repository DB+LDAP</id> + <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <identity-store-mappings> + <identity-store-mapping> + <identity-store-id>Hibernate Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>DIVISION</identity-object-type> + <identity-object-type>PROJECT</identity-object-type> + <identity-object-type>PEOPLE</identity-object-type> + </identity-object-types> + <options/> + </identity-store-mapping> + <identity-store-mapping> + <identity-store-id>LDAP Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>USER</identity-object-type> + <identity-object-type>ORGANIZATION</identity-object-type> + <identity-object-type>ORGANIZATION_UNIT</identity-object-type> + <identity-object-type>DEPARTMENT</identity-object-type> + </identity-object-types> + <options> + <option> + <name>cache</name> + <value>false</value> + </option> + <option> + <name>cache.provider.class</name> + <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value> + </option> + <option> + <name>cache.config-file</name> + <value>jboss-cache-config.xml</value> + </option> + </options> + </identity-store-mapping> + </identity-store-mappings> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + <repository> + <id>Sample Portal Repository DB+LDAP</id> + <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <identity-store-mappings> + <identity-store-mapping> + <identity-store-id>Hibernate Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>SYSTEM</identity-object-type> + <identity-object-type>ADMINISTRATION</identity-object-type> + <identity-object-type>COMMUNITY</identity-object-type> + <identity-object-type>DIVISION</identity-object-type> + <identity-object-type>SECURITY</identity-object-type> + <identity-object-type>PEOPLE</identity-object-type> + </identity-object-types> + <options/> + </identity-store-mapping> + <identity-store-mapping> + <identity-store-id>LDAP Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>USER</identity-object-type> + <identity-object-type>DEPARTMENT</identity-object-type> + <identity-object-type>ORGANIZATION</identity-object-type> + <identity-object-type>ORGANIZATION_UNIT</identity-object-type> + <identity-object-type>OFFICE</identity-object-type> + </identity-object-types> + <options> + <option> + <name>cache</name> + <value>false</value> + </option> + <option> + <name>cache.provider.class</name> + <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value> + </option> + <option> + <name>cache.config-file</name> + <value>jboss-cache-config.xml</value> + </option> + </options> + </identity-store-mapping> + </identity-store-mappings> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + </repositories> + <stores> + <attribute-stores/> + <identity-stores> + <identity-store> + <id>Hibernate Identity Store</id> + <class>org.jboss.identity.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class> + <external-config/> + <supported-relationship-types> + <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type> + <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type> + </supported-relationship-types> + <supported-identity-object-types> + <identity-object-type> + <name>USER</name> + <relationships> +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  + </relationships> + <credentials> + <credential-type>PASSWORD</credential-type> + </credentials> + <attributes> + <attribute> + <name>picture</name> + <mapping>user.picture</mapping> + <type>binary</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>email</name> + <mapping>mail</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + <isUnique>true</isUnique> + </attribute> + </attributes> + <options/> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DIVISION</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION_UNIT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DIVISION</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>OFFICE</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>PEOPLE</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>PROJECT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>DIVISION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>DEPARTMENT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>PROJECT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>PEOPLE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>ADMINISTRATION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>COMMUNITY</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>OFFICE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>SECURITY</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>SYSTEM</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>SECURITY</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>COMMUNITY</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + </supported-identity-object-types> + <options> +  +  +  +  + <option> + <name>hibernateSessionFactoryJNDIName</name> + <value>java:/jbossidentity/HibernateStoreSessionFactory</value> + </option> + <option> + <name>populateRelationshipTypes</name> + <value>true</value> + </option> + <option> + <name>populateIdentityObjectTypes</name> + <value>true</value> + </option> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + <option> + <name>isRealmAware</name> + <value>true</value> + </option> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </identity-store> + <identity-store> + <id>LDAP Identity Store</id> + <class>org.jboss.identity.idm.impl.store.ldap.LDAPIdentityStoreImpl</class> + <external-config/> + <supported-relationship-types> + <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type> + </supported-relationship-types> + <supported-identity-object-types> + <identity-object-type> + <name>USER</name> + <relationships/> + <credentials> + <credential-type>PASSWORD</credential-type> + </credentials> + <attributes> + <attribute> + <name>phone</name> + <mapping>telephoneNumber</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>description</name> + <mapping>description</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>carLicense</name> + <mapping>carLicense</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>email</name> + <mapping>mail</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + <isUnique>true</isUnique> + </attribute> + </attributes> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>passwordAttributeName</name> + <value>unicodePwd</value> + </option> + <option> + <name>enclosePasswordWith</name> + <value>"</value> + </option> + <option> + <name>passwordEncoding</name> + <value>UTF-16LE</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + </option> + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=inetOrgPerson</value> + <value>sn= </value> +  + </option> + <option> + <name>passwordUpdateAttributeValues</name> + <value>userAccountControl=512</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>OFFICE</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=group</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION_UNIT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>OFFICE</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=group</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>DEPARTMENT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=group</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>OFFICE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=group</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>GROUP</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=group</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>ROLE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=group</value> + </option> + </options> + </identity-object-type> + </supported-identity-object-types> + <options> + <option> + <name>providerURL</name> + <value>ldap://192.168.56.101:636</value> + </option> + <option> + <name>adminDN</name> + <value>TEST\Administrator</value> + </option> + <option> + <name>adminPassword</name> + <value>!Q2w3e4r</value> + </option> + <option> + <name>customJNDIConnectionParameters</name> + <value>java.naming.security.protocol=ssl</value> + </option> + <option> + <name>customSystemProperties</name> + <value>javax.net.ssl.trustStore=d:\Workshop\msad.truststore</value> + <value>javax.net.ssl.trustStorePassword=password</value> + </option> + <option> + <name>searchTimeLimit</name> + <value>10000</value> + </option> + </options> + </identity-store> + </identity-stores> + </stores> +</jboss-identity> \ No newline at end of file Added: idm/trunk/idm-testsuite/src/test/resources/test-identity-config-openldapds.xml =================================================================== --- idm/trunk/idm-testsuite/src/test/resources/test-identity-config-openldapds.xml (rev 0) +++ idm/trunk/idm-testsuite/src/test/resources/test-identity-config-openldapds.xml 2009-08-07 22:56:43 UTC (rev 681) @@ -0,0 +1,910 @@ +<?xml version="1.0" encoding="UTF-8"?> +<jboss-identity xmlns="urn:jboss:identity:idm:config:v1_0_beta" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="urn:jboss:identity:idm:config:v1_0_beta identity-config.xsd"> + <realms> + <realm> + <id>realm://RedHat/DB</id> + <repository-id-ref>RedHat Repository DB</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + <realm> + <id>realm://portal/SamplePortal/DB</id> + <repository-id-ref>Sample Portal Repository DB</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + <realm> + <id>realm://RedHat/DB_LDAP</id> + <repository-id-ref>RedHat Repository DB+LDAP</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + <realm> + <id>realm://portal/SamplePortal/DB_LDAP</id> + <repository-id-ref>Sample Portal Repository DB+LDAP</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + </realms> + <repositories> + <repository> + <id>RedHat Repository DB</id> + <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + <repository> + <id>Sample Portal Repository DB</id> + <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + <repository> + <id>RedHat Repository DB+LDAP</id> + <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <identity-store-mappings> + <identity-store-mapping> + <identity-store-id>Hibernate Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>DIVISION</identity-object-type> + <identity-object-type>PROJECT</identity-object-type> + <identity-object-type>PEOPLE</identity-object-type> + </identity-object-types> + <options/> + </identity-store-mapping> + <identity-store-mapping> + <identity-store-id>LDAP Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>USER</identity-object-type> + <identity-object-type>ORGANIZATION</identity-object-type> + <identity-object-type>ORGANIZATION_UNIT</identity-object-type> + <identity-object-type>DEPARTMENT</identity-object-type> + </identity-object-types> + <options> + <option> + <name>cache</name> + <value>false</value> + </option> + <option> + <name>cache.provider.class</name> + <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value> + </option> + <option> + <name>cache.config-file</name> + <value>jboss-cache-config.xml</value> + </option> + </options> + </identity-store-mapping> + </identity-store-mappings> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + <repository> + <id>Sample Portal Repository DB+LDAP</id> + <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <identity-store-mappings> + <identity-store-mapping> + <identity-store-id>Hibernate Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>SYSTEM</identity-object-type> + <identity-object-type>ADMINISTRATION</identity-object-type> + <identity-object-type>COMMUNITY</identity-object-type> + <identity-object-type>DIVISION</identity-object-type> + <identity-object-type>SECURITY</identity-object-type> + <identity-object-type>PEOPLE</identity-object-type> + </identity-object-types> + <options/> + </identity-store-mapping> + <identity-store-mapping> + <identity-store-id>LDAP Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>USER</identity-object-type> + <identity-object-type>DEPARTMENT</identity-object-type> + <identity-object-type>ORGANIZATION</identity-object-type> + <identity-object-type>ORGANIZATION_UNIT</identity-object-type> + <identity-object-type>OFFICE</identity-object-type> + </identity-object-types> + <options> + <option> + <name>cache</name> + <value>false</value> + </option> + <option> + <name>cache.provider.class</name> + <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value> + </option> + <option> + <name>cache.config-file</name> + <value>jboss-cache-config.xml</value> + </option> + </options> + </identity-store-mapping> + </identity-store-mappings> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + </repositories> + <stores> + <attribute-stores/> + <identity-stores> + <identity-store> + <id>Hibernate Identity Store</id> + <class>org.jboss.identity.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class> + <external-config/> + <supported-relationship-types> + <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type> + <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type> + </supported-relationship-types> + <supported-identity-object-types> + <identity-object-type> + <name>USER</name> + <relationships> +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  + </relationships> + <credentials> + <credential-type>PASSWORD</credential-type> + </credentials> + <attributes> + <attribute> + <name>picture</name> + <mapping>user.picture</mapping> + <type>binary</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>email</name> + <mapping>mail</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + <isUnique>true</isUnique> + </attribute> + </attributes> + <options/> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DIVISION</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION_UNIT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DIVISION</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>OFFICE</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>PEOPLE</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>PROJECT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>DIVISION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>DEPARTMENT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>PROJECT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>PEOPLE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>ADMINISTRATION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>COMMUNITY</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>OFFICE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>SECURITY</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>SYSTEM</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>SECURITY</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>COMMUNITY</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + </supported-identity-object-types> + <options> +  +  +  +  + <option> + <name>hibernateSessionFactoryJNDIName</name> + <value>java:/jbossidentity/HibernateStoreSessionFactory</value> + </option> + <option> + <name>populateRelationshipTypes</name> + <value>true</value> + </option> + <option> + <name>populateIdentityObjectTypes</name> + <value>true</value> + </option> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + <option> + <name>isRealmAware</name> + <value>true</value> + </option> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </identity-store> + <identity-store> + <id>LDAP Identity Store</id> + <class>org.jboss.identity.idm.impl.store.ldap.LDAPIdentityStoreImpl</class> + <external-config/> + <supported-relationship-types> + <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type> + </supported-relationship-types> + <supported-identity-object-types> + <identity-object-type> + <name>USER</name> + <relationships/> + <credentials> + <credential-type>PASSWORD</credential-type> + </credentials> + <attributes> + <attribute> + <name>phone</name> + <mapping>telephoneNumber</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>description</name> + <mapping>description</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>carLicense</name> + <mapping>carLicense</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>email</name> + <mapping>mail</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + <isUnique>true</isUnique> + </attribute> + </attributes> + <options> + <option> + <name>idAttributeName</name> + <value>uid</value> + </option> + <option> + <name>passwordAttributeName</name> + <value>userPassword</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=People,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value> + </option> + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=inetOrgPerson</value> + <value>sn= </value> + <value>cn= </value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>OFFICE</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION_UNIT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>OFFICE</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>DEPARTMENT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>OFFICE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>GROUP</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>ROLE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + </supported-identity-object-types> + <options> + <option> + <name>providerURL</name> + <value>ldap://dev39.qa.atl.jboss.com:389</value> + </option> + <option> + <name>adminDN</name> + <value>cn=Manager,dc=my-domain,dc=com</value> + </option> + <option> + <name>adminPassword</name> + <value>jbossqa</value> + </option> + <option> + <name>searchTimeLimit</name> + <value>10000</value> + </option> + </options> + </identity-store> + </identity-stores> + </stores> +</jboss-identity> \ No newline at end of file Added: idm/trunk/idm-testsuite/src/test/resources/test-identity-config-redhatds.xml =================================================================== --- idm/trunk/idm-testsuite/src/test/resources/test-identity-config-redhatds.xml (rev 0) +++ idm/trunk/idm-testsuite/src/test/resources/test-identity-config-redhatds.xml 2009-08-07 22:56:43 UTC (rev 681) @@ -0,0 +1,910 @@ +<?xml version="1.0" encoding="UTF-8"?> +<jboss-identity xmlns="urn:jboss:identity:idm:config:v1_0_beta" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="urn:jboss:identity:idm:config:v1_0_beta identity-config.xsd"> + <realms> + <realm> + <id>realm://RedHat/DB</id> + <repository-id-ref>RedHat Repository DB</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + <realm> + <id>realm://portal/SamplePortal/DB</id> + <repository-id-ref>Sample Portal Repository DB</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + <realm> + <id>realm://RedHat/DB_LDAP</id> + <repository-id-ref>RedHat Repository DB+LDAP</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + <realm> + <id>realm://portal/SamplePortal/DB_LDAP</id> + <repository-id-ref>Sample Portal Repository DB+LDAP</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + </realms> + <repositories> + <repository> + <id>RedHat Repository DB</id> + <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + <repository> + <id>Sample Portal Repository DB</id> + <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + <repository> + <id>RedHat Repository DB+LDAP</id> + <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <identity-store-mappings> + <identity-store-mapping> + <identity-store-id>Hibernate Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>DIVISION</identity-object-type> + <identity-object-type>PROJECT</identity-object-type> + <identity-object-type>PEOPLE</identity-object-type> + </identity-object-types> + <options/> + </identity-store-mapping> + <identity-store-mapping> + <identity-store-id>LDAP Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>USER</identity-object-type> + <identity-object-type>ORGANIZATION</identity-object-type> + <identity-object-type>ORGANIZATION_UNIT</identity-object-type> + <identity-object-type>DEPARTMENT</identity-object-type> + </identity-object-types> + <options> + <option> + <name>cache</name> + <value>false</value> + </option> + <option> + <name>cache.provider.class</name> + <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value> + </option> + <option> + <name>cache.config-file</name> + <value>jboss-cache-config.xml</value> + </option> + </options> + </identity-store-mapping> + </identity-store-mappings> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + <repository> + <id>Sample Portal Repository DB+LDAP</id> + <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <identity-store-mappings> + <identity-store-mapping> + <identity-store-id>Hibernate Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>SYSTEM</identity-object-type> + <identity-object-type>ADMINISTRATION</identity-object-type> + <identity-object-type>COMMUNITY</identity-object-type> + <identity-object-type>DIVISION</identity-object-type> + <identity-object-type>SECURITY</identity-object-type> + <identity-object-type>PEOPLE</identity-object-type> + </identity-object-types> + <options/> + </identity-store-mapping> + <identity-store-mapping> + <identity-store-id>LDAP Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>USER</identity-object-type> + <identity-object-type>DEPARTMENT</identity-object-type> + <identity-object-type>ORGANIZATION</identity-object-type> + <identity-object-type>ORGANIZATION_UNIT</identity-object-type> + <identity-object-type>OFFICE</identity-object-type> + </identity-object-types> + <options> + <option> + <name>cache</name> + <value>false</value> + </option> + <option> + <name>cache.provider.class</name> + <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value> + </option> + <option> + <name>cache.config-file</name> + <value>jboss-cache-config.xml</value> + </option> + </options> + </identity-store-mapping> + </identity-store-mappings> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + </repositories> + <stores> + <attribute-stores/> + <identity-stores> + <identity-store> + <id>Hibernate Identity Store</id> + <class>org.jboss.identity.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class> + <external-config/> + <supported-relationship-types> + <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type> + <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type> + </supported-relationship-types> + <supported-identity-object-types> + <identity-object-type> + <name>USER</name> + <relationships> +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  + </relationships> + <credentials> + <credential-type>PASSWORD</credential-type> + </credentials> + <attributes> + <attribute> + <name>picture</name> + <mapping>user.picture</mapping> + <type>binary</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>email</name> + <mapping>mail</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + <isUnique>true</isUnique> + </attribute> + </attributes> + <options/> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DIVISION</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION_UNIT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DIVISION</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>OFFICE</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>PEOPLE</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>PROJECT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>DIVISION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>DEPARTMENT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>PROJECT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>PEOPLE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>ADMINISTRATION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>COMMUNITY</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>OFFICE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>SECURITY</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>SYSTEM</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>SECURITY</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>COMMUNITY</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + </supported-identity-object-types> + <options> +  +  +  +  + <option> + <name>hibernateSessionFactoryJNDIName</name> + <value>java:/jbossidentity/HibernateStoreSessionFactory</value> + </option> + <option> + <name>populateRelationshipTypes</name> + <value>true</value> + </option> + <option> + <name>populateIdentityObjectTypes</name> + <value>true</value> + </option> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + <option> + <name>isRealmAware</name> + <value>true</value> + </option> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </identity-store> + <identity-store> + <id>LDAP Identity Store</id> + <class>org.jboss.identity.idm.impl.store.ldap.LDAPIdentityStoreImpl</class> + <external-config/> + <supported-relationship-types> + <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type> + </supported-relationship-types> + <supported-identity-object-types> + <identity-object-type> + <name>USER</name> + <relationships/> + <credentials> + <credential-type>PASSWORD</credential-type> + </credentials> + <attributes> + <attribute> + <name>phone</name> + <mapping>telephoneNumber</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>description</name> + <mapping>description</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>carLicense</name> + <mapping>carLicense</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>email</name> + <mapping>mail</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + <isUnique>true</isUnique> + </attribute> + </attributes> + <options> + <option> + <name>idAttributeName</name> + <value>uid</value> + </option> + <option> + <name>passwordAttributeName</name> + <value>userPassword</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> + </option> + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=inetOrgPerson</value> + <value>sn= </value> + <value>cn= </value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>OFFICE</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION_UNIT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>OFFICE</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>DEPARTMENT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>OFFICE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>GROUP</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>ROLE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + </supported-identity-object-types> + <options> + <option> + <name>providerURL</name> + <value>ldap://dev39.qa.atl.jboss.com:10389</value> + </option> + <option> + <name>adminDN</name> + <value>cn=Directory Manager</value> + </option> + <option> + <name>adminPassword</name> + <value>qpq123qpq</value> + </option> + <option> + <name>searchTimeLimit</name> + <value>10000</value> + </option> + </options> + </identity-store> + </identity-stores> + </stores> +</jboss-identity> \ No newline at end of file Copied: idm/trunk/idm-testsuite/src/test/resources/test-identity-config-sunds.xml (from rev 676, idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml) =================================================================== --- idm/trunk/idm-testsuite/src/test/resources/test-identity-config-sunds.xml (rev 0) +++ idm/trunk/idm-testsuite/src/test/resources/test-identity-config-sunds.xml 2009-08-07 22:56:43 UTC (rev 681) @@ -0,0 +1,910 @@ +<?xml version="1.0" encoding="UTF-8"?> +<jboss-identity xmlns="urn:jboss:identity:idm:config:v1_0_beta" + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="urn:jboss:identity:idm:config:v1_0_beta identity-config.xsd"> + <realms> + <realm> + <id>realm://RedHat/DB</id> + <repository-id-ref>RedHat Repository DB</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + <realm> + <id>realm://portal/SamplePortal/DB</id> + <repository-id-ref>Sample Portal Repository DB</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + <realm> + <id>realm://RedHat/DB_LDAP</id> + <repository-id-ref>RedHat Repository DB+LDAP</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + <realm> + <id>realm://portal/SamplePortal/DB_LDAP</id> + <repository-id-ref>Sample Portal Repository DB+LDAP</repository-id-ref> + <identity-type-mappings> + <user-mapping>USER</user-mapping> + </identity-type-mappings> + </realm> + </realms> + <repositories> + <repository> + <id>RedHat Repository DB</id> + <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + <repository> + <id>Sample Portal Repository DB</id> + <class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + <repository> + <id>RedHat Repository DB+LDAP</id> + <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <identity-store-mappings> + <identity-store-mapping> + <identity-store-id>Hibernate Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>DIVISION</identity-object-type> + <identity-object-type>PROJECT</identity-object-type> + <identity-object-type>PEOPLE</identity-object-type> + </identity-object-types> + <options/> + </identity-store-mapping> + <identity-store-mapping> + <identity-store-id>LDAP Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>USER</identity-object-type> + <identity-object-type>ORGANIZATION</identity-object-type> + <identity-object-type>ORGANIZATION_UNIT</identity-object-type> + <identity-object-type>DEPARTMENT</identity-object-type> + </identity-object-types> + <options> + <option> + <name>cache</name> + <value>false</value> + </option> + <option> + <name>cache.provider.class</name> + <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value> + </option> + <option> + <name>cache.config-file</name> + <value>jboss-cache-config.xml</value> + </option> + </options> + </identity-store-mapping> + </identity-store-mappings> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + <repository> + <id>Sample Portal Repository DB+LDAP</id> + <class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class> + <external-config/> + <default-identity-store-id>Hibernate Identity Store</default-identity-store-id> + <default-attribute-store-id>Hibernate Identity Store</default-attribute-store-id> + <identity-store-mappings> + <identity-store-mapping> + <identity-store-id>Hibernate Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>SYSTEM</identity-object-type> + <identity-object-type>ADMINISTRATION</identity-object-type> + <identity-object-type>COMMUNITY</identity-object-type> + <identity-object-type>DIVISION</identity-object-type> + <identity-object-type>SECURITY</identity-object-type> + <identity-object-type>PEOPLE</identity-object-type> + </identity-object-types> + <options/> + </identity-store-mapping> + <identity-store-mapping> + <identity-store-id>LDAP Identity Store</identity-store-id> + <identity-object-types> + <identity-object-type>USER</identity-object-type> + <identity-object-type>DEPARTMENT</identity-object-type> + <identity-object-type>ORGANIZATION</identity-object-type> + <identity-object-type>ORGANIZATION_UNIT</identity-object-type> + <identity-object-type>OFFICE</identity-object-type> + </identity-object-types> + <options> + <option> + <name>cache</name> + <value>false</value> + </option> + <option> + <name>cache.provider.class</name> + <value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value> + </option> + <option> + <name>cache.config-file</name> + <value>jboss-cache-config.xml</value> + </option> + </options> + </identity-store-mapping> + </identity-store-mappings> + <options> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </repository> + </repositories> + <stores> + <attribute-stores/> + <identity-stores> + <identity-store> + <id>Hibernate Identity Store</id> + <class>org.jboss.identity.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class> + <external-config/> + <supported-relationship-types> + <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type> + <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type> + </supported-relationship-types> + <supported-identity-object-types> + <identity-object-type> + <name>USER</name> + <relationships> +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  +  + </relationships> + <credentials> + <credential-type>PASSWORD</credential-type> + </credentials> + <attributes> + <attribute> + <name>picture</name> + <mapping>user.picture</mapping> + <type>binary</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>email</name> + <mapping>mail</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + <isUnique>true</isUnique> + </attribute> + </attributes> + <options/> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DIVISION</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION_UNIT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DIVISION</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>OFFICE</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>PEOPLE</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>PROJECT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>DIVISION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>DEPARTMENT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>PROJECT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>PEOPLE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>ADMINISTRATION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>COMMUNITY</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>OFFICE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>SECURITY</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + <identity-object-type> + <name>SYSTEM</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>SECURITY</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>COMMUNITY</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options/> + </identity-object-type> + </supported-identity-object-types> + <options> +  +  +  +  + <option> + <name>hibernateSessionFactoryJNDIName</name> + <value>java:/jbossidentity/HibernateStoreSessionFactory</value> + </option> + <option> + <name>populateRelationshipTypes</name> + <value>true</value> + </option> + <option> + <name>populateIdentityObjectTypes</name> + <value>true</value> + </option> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + <option> + <name>isRealmAware</name> + <value>true</value> + </option> + <option> + <name>allowNotDefinedAttributes</name> + <value>true</value> + </option> + </options> + </identity-store> + <identity-store> + <id>LDAP Identity Store</id> + <class>org.jboss.identity.idm.impl.store.ldap.LDAPIdentityStoreImpl</class> + <external-config/> + <supported-relationship-types> + <relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type> + </supported-relationship-types> + <supported-identity-object-types> + <identity-object-type> + <name>USER</name> + <relationships/> + <credentials> + <credential-type>PASSWORD</credential-type> + </credentials> + <attributes> + <attribute> + <name>phone</name> + <mapping>telephoneNumber</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>description</name> + <mapping>description</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>carLicense</name> + <mapping>carLicense</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + </attribute> + <attribute> + <name>email</name> + <mapping>mail</mapping> + <type>text</type> + <isRequired>false</isRequired> + <isMultivalued>false</isMultivalued> + <isReadOnly>false</isReadOnly> + <isUnique>true</isUnique> + </attribute> + </attributes> + <options> + <option> + <name>idAttributeName</name> + <value>uid</value> + </option> + <option> + <name>passwordAttributeName</name> + <value>userPassword</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> + </option> + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=inetOrgPerson</value> + <value>sn= </value> + <value>cn= </value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>OFFICE</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>ORGANIZATION_UNIT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>OFFICE</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>DEPARTMENT</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>DEPARTMENT</identity-object-type-ref> + </relationship> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>OFFICE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>GROUP</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>ROLE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + </supported-identity-object-types> + <options> + <option> + <name>providerURL</name> + <value>ldap://dev39.qa.atl.jboss.com:1389</value> + </option> + <option> + <name>adminDN</name> + <value>cn=Directory Manager</value> + </option> + <option> + <name>adminPassword</name> + <value>testldap</value> + </option> + <option> + <name>searchTimeLimit</name> + <value>10000</value> + </option> + </options> + </identity-store> + </identity-stores> + </stores> +</jboss-identity> \ No newline at end of file Modified: idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml =================================================================== --- idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml 2009-08-07 21:17:36 UTC (rev 680) +++ idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml 2009-08-07 22:56:43 UTC (rev 681) @@ -558,7 +558,7 @@ </option> <option> <name>ctxDNs</name> - <value>ou=People,o=test,dc=portal,dc=example,dc=com</value> + <value>ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> </option> <option> <name>allowCreateEntry</name> @@ -606,7 +606,7 @@ </option> <option> <name>ctxDNs</name> - <value>ou=Organizations,o=test,dc=portal,dc=example,dc=com</value> + <value>ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> </option>   @@ -617,11 +617,11 @@ <value>true</value> </option> <option> - <name>membershipAttributeName</name> + <name>parentMembershipAttributeName</name> <value>member</value> </option> <option> - <name>isMembershipAttributeDN</name> + <name>isParentMembershipAttributeDN</name> <value>true</value> </option> <option> @@ -664,7 +664,7 @@ </option> <option> <name>ctxDNs</name> - <value>ou=OrganizationUnits,o=test,dc=portal,dc=example,dc=com</value> + <value>ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> </option>   @@ -675,11 +675,11 @@ <value>true</value> </option> <option> - <name>membershipAttributeName</name> + <name>parentMembershipAttributeName</name> <value>member</value> </option> <option> - <name>isMembershipAttributeDN</name> + <name>isParentMembershipAttributeDN</name> <value>true</value> </option> <option> @@ -718,7 +718,7 @@ </option> <option> <name>ctxDNs</name> - <value>ou=Departments,o=test,dc=portal,dc=example,dc=com</value> + <value>ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> </option>   @@ -729,11 +729,11 @@ <value>true</value> </option> <option> - <name>membershipAttributeName</name> + <name>parentMembershipAttributeName</name> <value>member</value> </option> <option> - <name>isMembershipAttributeDN</name> + <name>isParentMembershipAttributeDN</name> <value>true</value> </option> <option> @@ -764,7 +764,7 @@ </option> <option> <name>ctxDNs</name> - <value>ou=Offices,o=test,dc=portal,dc=example,dc=com</value> + <value>ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> </option>   @@ -775,11 +775,11 @@ <value>true</value> </option> <option> - <name>membershipAttributeName</name> + <name>parentMembershipAttributeName</name> <value>member</value> </option> <option> - <name>isMembershipAttributeDN</name> + <name>isParentMembershipAttributeDN</name> <value>true</value> </option> <option> @@ -793,6 +793,98 @@ </option> </options> </identity-object-type> + <identity-object-type> + <name>GROUP</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> + <identity-object-type> + <name>ROLE</name> + <relationships> + <relationship> + <relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref> + <identity-object-type-ref>USER</identity-object-type-ref> + </relationship> + </relationships> + <credentials/> + <attributes/> + <options> + <option> + <name>idAttributeName</name> + <value>cn</value> + </option> + <option> + <name>ctxDNs</name> + <value>ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value> + </option> +  +  +  +  + <option> + <name>allowCreateEntry</name> + <value>true</value> + </option> + <option> + <name>parentMembershipAttributeName</name> + <value>member</value> + </option> + <option> + <name>isParentMembershipAttributeDN</name> + <value>true</value> + </option> + <option> + <name>allowEmptyMemberships</name> + <value>true</value> + </option> + <option> + <name>createEntryAttributeValues</name> + <value>objectClass=top</value> + <value>objectClass=groupOfNames</value> + </option> + </options> + </identity-object-type> </supported-identity-object-types> <options> <option>

14 years, 9 months

1
0
0 / 0

JBoss Identity SVN: r680 - in identity-federation/trunk/jboss-identity-webapps: sales-post-sig and 1 other directory.

by jboss-identity-commits＠lists.jboss.org

Author: marcelkolsteren Date: 2009-08-07 17:17:36 -0400 (Fri, 07 Aug 2009) New Revision: 680 Removed: identity-federation/trunk/jboss-identity-webapps/idp-sig/.classpath identity-federation/trunk/jboss-identity-webapps/idp-sig/.project identity-federation/trunk/jboss-identity-webapps/idp-sig/.settings/ identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.classpath identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.project identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.settings/ Log: For modules "idp-sig" and "sales-post-sig", removed files that shouldn't be in the repository (.project, .classpath, .settings). Deleted: identity-federation/trunk/jboss-identity-webapps/idp-sig/.classpath =================================================================== --- identity-federation/trunk/jboss-identity-webapps/idp-sig/.classpath 2009-08-04 07:53:08 UTC (rev 679) +++ identity-federation/trunk/jboss-identity-webapps/idp-sig/.classpath 2009-08-07 21:17:36 UTC (rev 680) @@ -1,4 +0,0 @@ -<classpath> - <classpathentry kind="output" path="target/classes"/> - <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/> -</classpath> \ No newline at end of file Deleted: identity-federation/trunk/jboss-identity-webapps/idp-sig/.project =================================================================== --- identity-federation/trunk/jboss-identity-webapps/idp-sig/.project 2009-08-04 07:53:08 UTC (rev 679) +++ identity-federation/trunk/jboss-identity-webapps/idp-sig/.project 2009-08-07 21:17:36 UTC (rev 680) @@ -1,13 +0,0 @@ -<projectDescription> - <name>idp</name> - <comment>JBoss Identity Samples contains the samples for Federated Identity Needs.</comment> - <projects/> - <buildSpec> - <buildCommand> - <name>org.eclipse.jdt.core.javabuilder</name> - </buildCommand> - </buildSpec> - <natures> - <nature>org.eclipse.jdt.core.javanature</nature> - </natures> -</projectDescription> \ No newline at end of file Deleted: identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.classpath =================================================================== --- identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.classpath 2009-08-04 07:53:08 UTC (rev 679) +++ identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.classpath 2009-08-07 21:17:36 UTC (rev 680) @@ -1,4 +0,0 @@ -<classpath> - <classpathentry kind="output" path="target/classes"/> - <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/> -</classpath> \ No newline at end of file Deleted: identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.project =================================================================== --- identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.project 2009-08-04 07:53:08 UTC (rev 679) +++ identity-federation/trunk/jboss-identity-webapps/sales-post-sig/.project 2009-08-07 21:17:36 UTC (rev 680) @@ -1,13 +0,0 @@ -<projectDescription> - <name>sales</name> - <comment>JBoss Identity Samples contains the samples for Federated Identity Needs.</comment> - <projects/> - <buildSpec> - <buildCommand> - <name>org.eclipse.jdt.core.javabuilder</name> - </buildCommand> - </buildSpec> - <natures> - <nature>org.eclipse.jdt.core.javanature</nature> - </natures> -</projectDescription> \ No newline at end of file

14 years, 9 months

1
0
0 / 0

JBoss Identity SVN: r679 - in consolidated-build/trunk: identity-build-idm and 1 other directory.

by jboss-identity-commits＠lists.jboss.org

Author: jeff.yuchang Date: 2009-08-04 03:53:08 -0400 (Tue, 04 Aug 2009) New Revision: 679 Added: consolidated-build/trunk/identity-build-idm/ consolidated-build/trunk/identity-build-idm/bin.xml consolidated-build/trunk/identity-build-idm/pom.xml Modified: consolidated-build/trunk/pom.xml Log: [JBID-155] add the depedency pack for idm. Added: consolidated-build/trunk/identity-build-idm/bin.xml =================================================================== --- consolidated-build/trunk/identity-build-idm/bin.xml (rev 0) +++ consolidated-build/trunk/identity-build-idm/bin.xml 2009-08-04 07:53:08 UTC (rev 679) @@ -0,0 +1,25 @@ +<assembly> + <formats> + <format>zip</format> + </formats> + <includeBaseDirectory>false</includeBaseDirectory> + <dependencySets> + <dependencySet> + <outputFileNameMapping>${artifact.artifactId}${dashClassifier?}-${artifact.version}.${artifact.extension}</outputFileNameMapping> + <unpack>false</unpack> + <scope>compile</scope> + <excludes> + <exclude>org.jboss.identity.idm.integration:idm-jboss5</exclude> + <exclude>org.jboss.identity.idm:idm-cache</exclude> + <exclude>org.jboss.identity.idm:idm-ldap</exclude> + <exclude>org.jboss.identity.idm:idm-hibernate</exclude> + <exclude>org.jboss.identity.idm:idm-core</exclude> + <exclude>org.jboss.identity.idm:idm-api</exclude> + <exclude>org.jboss.identity.idm:idm-common</exclude> + <exclude>org.jboss.identity.idm:idm-spi</exclude> + <exclude>org.jboss.identity.idm:idm-assembly</exclude> + </excludes> + <outputDirectory>/</outputDirectory> + </dependencySet> + </dependencySets> +</assembly> Added: consolidated-build/trunk/identity-build-idm/pom.xml =================================================================== --- consolidated-build/trunk/identity-build-idm/pom.xml (rev 0) +++ consolidated-build/trunk/identity-build-idm/pom.xml 2009-08-04 07:53:08 UTC (rev 679) @@ -0,0 +1,166 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>org.jboss.identity</groupId> + <artifactId>jboss-identity-build-parent</artifactId> + <version>1.0.0.alpha5-SNAPSHOT</version> + <relativePath>../parent</relativePath> + </parent> + <modelVersion>4.0.0</modelVersion> + <artifactId>jboss-identity-build-idm</artifactId> + <packaging>pom</packaging> + <name>JBoss Identity dependency pack for IDM</name> + <url>http://www.jboss.org/jbossidentity/</url> + <description>JBoss Identity build provides a collection of individual projects as a unified solution.</description> + <licenses> + <license> + <name>lgpl</name> + <url>http://repository.jboss.com/licenses/lgpl.txt</url> + </license> + </licenses> + <organization> + <name>JBoss Inc.</name> + <url>http://www.jboss.org</url> + </organization> + + + <properties> + <hibernate-commons-annotations>3.0.0.ga</hibernate-commons-annotations> + <hibernate-tools-version>3.2.0.ga</hibernate-tools-version> + <hsqldb-version>1.8.0.7</hsqldb-version> + <idm.version>1.0.0.Beta1</idm.version> + <apache.ant.version>1.7.0</apache.ant.version> + <mysql.connector.version>5.0.8</mysql.connector.version> + <postgresql.version>8.3-603.jdbc3</postgresql.version> + <jtds.version>1.2.2</jtds.version> + </properties> + + <dependencies> + <dependency> + <groupId>org.jboss.identity.idm</groupId> + <artifactId>idm-api</artifactId> + <version>${idm.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity.idm</groupId> + <artifactId>idm-common</artifactId> + <version>${idm.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity.idm</groupId> + <artifactId>idm-spi</artifactId> + <version>${idm.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity.idm</groupId> + <artifactId>idm-core</artifactId> + <version>${idm.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity.idm</groupId> + <artifactId>idm-hibernate</artifactId> + <version>${idm.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity.idm</groupId> + <artifactId>idm-ldap</artifactId> + <version>${idm.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity.idm</groupId> + <artifactId>idm-cache</artifactId> + <version>${idm.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity.idm.integration</groupId> + <artifactId>idm-jboss5</artifactId> + <version>${idm.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity.idm.integration</groupId> + <artifactId>idm-jboss5-deployer</artifactId> + <classifier>config</classifier> + <type>zip</type> + <version>${idm.version}</version> + </dependency> + <dependency> + <groupId>org.jboss.identity.idm.integration</groupId> + <artifactId>idm-jboss5-deployer</artifactId> + <classifier>deployer</classifier> + <type>zip</type> + <version>${idm.version}</version> + </dependency> + <dependency> + <groupId>org.hibernate</groupId> + <artifactId>hibernate-commons-annotations</artifactId> + <version>${hibernate-commons-annotations}</version> + </dependency> + <dependency> + <groupId>org.hibernate</groupId> + <artifactId>hibernate-tools</artifactId> + <version>${hibernate-tools-version}</version> + </dependency> + + <dependency> + <groupId>hsqldb</groupId> + <artifactId>hsqldb</artifactId> + <version>${hsqldb-version}</version> + </dependency> + + <dependency> + <groupId>org.apache.ant</groupId> + <artifactId>ant</artifactId> + <version>${apache.ant.version}</version> + </dependency> + +  + <dependency> + <groupId>mysql</groupId> + <artifactId>mysql-connector-java</artifactId> + <version>${mysql.connector.version}</version> + </dependency> + <dependency> + <groupId>postgresql</groupId> + <artifactId>postgresql</artifactId> + <version>${postgresql.version}</version> + </dependency> + <dependency> + <groupId>net.sourceforge.jtds</groupId> + <artifactId>jtds</artifactId> + <version>${jtds.version}</version> + </dependency> + </dependencies> + + <build> + <plugins> + <plugin> + <artifactId>maven-assembly-plugin</artifactId> + <version>2.2-beta-3</version> + <executions> + <execution> + <id>bundle-project-sources</id> + <phase>package</phase> + <goals> + <goal>single</goal> + </goals> + <configuration> + <archive> + <manifestEntries> + <Specification-Title>JBoss Identity</Specification-Title> + <Specification-Version>${project.version}</Specification-Version> + <Specification-Vendor>Red Hat Middleware LLC</Specification-Vendor> + <Implementation-Title>JBoss Identity</Implementation-Title> + <Implementation-Version>${project.version}</Implementation-Version> + <Implementation-VendorId>org.jboss.security</Implementation-VendorId> + <Implementation-Vendor>Red Hat Middleware LLC</Implementation-Vendor> + </manifestEntries> + </archive> + <descriptors> + <descriptor>bin.xml</descriptor> + </descriptors> + </configuration> + </execution> + </executions> + </plugin> + </plugins> + </build> +</project> Modified: consolidated-build/trunk/pom.xml =================================================================== --- consolidated-build/trunk/pom.xml 2009-08-03 17:05:39 UTC (rev 678) +++ consolidated-build/trunk/pom.xml 2009-08-04 07:53:08 UTC (rev 679) @@ -18,5 +18,6 @@ <module>identity-build-tomcat</module> <module>identity-build-jbas</module> <module>identity-build-openid</module> + <module>identity-build-idm</module> </modules> </project>

14 years, 9 months

1
0
0 / 0

JBoss Identity SVN: r678 - in identity-federation/trunk: jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util and 6 other directories.

by jboss-identity-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2009-08-03 13:05:39 -0400 (Mon, 03 Aug 2009) New Revision: 678 Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/XMLSignatureUtil.java identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustJAXBFactory.java identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/DocumentUtil.java Log: Use DOM rather than JAXB Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java =================================================================== --- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2009-08-03 16:19:12 UTC (rev 677) +++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectFormAuthenticator.java 2009-08-03 17:05:39 UTC (rev 678) @@ -240,19 +240,7 @@ SAML2Response saml2Response = new SAML2Response(); - ResponseType responseType; - try - { - responseType = saml2Response.getResponseType(is); - } - catch (JAXBException e) - { - throw new ParsingException(e); - } - catch (SAXException e) - { - throw new ParsingException(e); - } + ResponseType responseType = saml2Response.getResponseType(is); this.isTrusted(responseType.getIssuer().getValue()); Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java =================================================================== --- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2009-08-03 16:19:12 UTC (rev 677) +++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/tomcat/sp/SPRedirectSignatureFormAuthenticator.java 2009-08-03 17:05:39 UTC (rev 678) @@ -48,7 +48,6 @@ import org.jboss.identity.federation.saml.v2.protocol.ResponseType; import org.w3c.dom.Document; import org.w3c.dom.Element; -import org.xml.sax.SAXException; /** * Tomcat Authenticator for the HTTP/Redirect binding with Signature support @@ -174,11 +173,7 @@ catch (JAXBException e) { throw new ConfigurationException(e); - } - catch (SAXException e) - { - throw new ParsingException(e); - } + } catch (TransformerFactoryConfigurationError e) { throw new ConfigurationException(e); Modified: identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java 2009-08-03 16:19:12 UTC (rev 677) +++ identity-federation/trunk/jboss-identity-bindings/src/main/java/org/jboss/identity/federation/bindings/util/RedirectBindingSignatureUtil.java 2009-08-03 17:05:39 UTC (rev 678) @@ -28,12 +28,20 @@ import java.security.PrivateKey; import javax.xml.bind.JAXBException; +import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.TransformerException; +import javax.xml.transform.TransformerFactoryConfigurationError; import org.jboss.identity.federation.api.saml.v2.request.SAML2Request; import org.jboss.identity.federation.api.saml.v2.response.SAML2Response; +import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.exceptions.ParsingException; +import org.jboss.identity.federation.core.exceptions.ProcessingException; +import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; import org.jboss.identity.federation.core.saml.v2.util.SignatureUtil; import org.jboss.identity.federation.saml.v2.protocol.AuthnRequestType; import org.jboss.identity.federation.saml.v2.protocol.ResponseType; +import org.w3c.dom.Document; import org.xml.sax.SAXException; @@ -82,23 +90,46 @@ * @param responseType * @param relayState * @param signingKey - * @return - * @throws SAXException - * @throws JAXBException + * @return * @throws IOException * @throws GeneralSecurityException */ public static String getSAMLResponseURLWithSignature(ResponseType responseType, String relayState, - PrivateKey signingKey) throws JAXBException, SAXException, IOException, GeneralSecurityException + PrivateKey signingKey) throws IOException, GeneralSecurityException { SAML2Response saml2Response = new SAML2Response(); - // Deal with the original request - StringWriter sw = new StringWriter(); - saml2Response.marshall(responseType, sw); + Document responseDoc = null; + + try + { + responseDoc = saml2Response.convert(responseType); + } + catch (JAXBException e) + { + throw new ParsingException(e); + } + catch (ParserConfigurationException e) + { + throw new ParsingException(e); + } //URL Encode the Request - String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(sw.toString()); + String responseString; + try + { + responseString = DocumentUtil.getDocumentAsString(responseDoc); + } + catch (TransformerFactoryConfigurationError e) + { + throw new ConfigurationException(e); + } + catch (TransformerException e) + { + throw new ProcessingException(e); + } + + String urlEncodedResponse = RedirectBindingUtil.deflateBase64URLEncode(responseString); String urlEncodedRelayState = null; if(relayState != null && relayState.length() > 0 ) @@ -109,6 +140,7 @@ //Now construct the URL return getResponseRedirectURLWithSignature(urlEncodedResponse, urlEncodedRelayState, sigValue, signingKey.getAlgorithm()); } + /** * Given an url-encoded saml request and relay state and a private key, compute the url * @param urlEncodedRequest Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-08-03 16:19:12 UTC (rev 677) +++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/response/SAML2Response.java 2009-08-03 17:05:39 UTC (rev 678) @@ -21,6 +21,7 @@ */ package org.jboss.identity.federation.api.saml.v2.response; +import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; import java.io.Writer; @@ -34,8 +35,11 @@ import javax.xml.bind.Unmarshaller; import javax.xml.datatype.XMLGregorianCalendar; import javax.xml.parsers.ParserConfigurationException; +import javax.xml.transform.Source; import org.jboss.identity.federation.core.exceptions.ConfigurationException; +import org.jboss.identity.federation.core.exceptions.ParsingException; +import org.jboss.identity.federation.core.exceptions.ProcessingException; import org.jboss.identity.federation.core.saml.v2.constants.JBossSAMLURIConstants; import org.jboss.identity.federation.core.saml.v2.exceptions.IssueInstantMissingException; import org.jboss.identity.federation.core.saml.v2.factories.JBossSAMLAuthnResponseFactory; @@ -68,6 +72,8 @@ */ public class SAML2Response { + private Document responseDocument = null; + /** * Create an assertion * @param id @@ -204,21 +210,65 @@ * Read a ResponseType from an input stream * @param is * @return - * @throws SAXException - * @throws JAXBException + * @throws ParsingException + * @throws ConfigurationException */ @SuppressWarnings("unchecked") - public ResponseType getResponseType(InputStream is) throws JAXBException, SAXException + public ResponseType getResponseType(InputStream is) throws ParsingException, ConfigurationException { if(is == null) throw new IllegalArgumentException("inputstream is null"); - Unmarshaller un = JBossSAMLAuthnResponseFactory.getUnmarshaller(); - JAXBElement<ResponseType> jaxbAuthnRequestType = (JAXBElement<ResponseType>) un.unmarshal(is); - return jaxbAuthnRequestType.getValue(); + //Read the DOM + try + { + responseDocument = DocumentUtil.getDocument(is); + } + catch (ParserConfigurationException e) + { + throw new ConfigurationException(e); + } + catch (IOException e) + { + throw new ParsingException(e); + } + catch (SAXException e) + { + throw new ParsingException(e); + } + + Source domSource = DocumentUtil.getXMLSource(responseDocument); + + Unmarshaller un; + try + { + un = JBossSAMLAuthnResponseFactory.getUnmarshaller(); + JAXBElement<ResponseType> jaxbAuthnRequestType = (JAXBElement<ResponseType>) un.unmarshal(domSource); + return jaxbAuthnRequestType.getValue(); + } + catch (JAXBException e) + { + throw new ParsingException(e); + } + catch (SAXException e) + { + throw new ParsingException(e); + } } /** + * Return the Parsed Document + * @return + * @throws ProcessingException if there is no parsed DOM + */ + public Document getResponseDocument() throws ProcessingException + { + if(responseDocument == null) + throw new ProcessingException("Response Document is null"); + return responseDocument; + } + + /** * Convert an EncryptedElement into a Document * @param encryptedElementType * @return @@ -259,9 +309,9 @@ JAXBContext jaxb = JAXBContext.newInstance(ResponseType.class); Binder<Node> binder = jaxb.createBinder(); - Document doc = DocumentUtil.createDocument(); - binder.marshal(JAXBElementMappingUtil.get(responseType), doc); - return doc; + responseDocument = DocumentUtil.createDocument(); + binder.marshal(JAXBElementMappingUtil.get(responseType), responseDocument); + return responseDocument; } /** Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java 2009-08-03 16:19:12 UTC (rev 677) +++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/saml/v2/sig/SAML2Signature.java 2009-08-03 17:05:39 UTC (rev 678) @@ -153,8 +153,8 @@ KeyPair keypair, String referenceURI) throws JAXBException, ParserConfigurationException, XPathException, TransformerFactoryConfigurationError, TransformerException, GeneralSecurityException, MarshalException, XMLSignatureException { - SAML2Response saml2Request = new SAML2Response(); - Document doc = saml2Request.convert(response); + SAML2Response saml2Response = new SAML2Response(); + Document doc = saml2Response.convert(response); Node assertionNode = DocumentUtil.getNodeWithAttribute(doc, Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/XMLSignatureUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/XMLSignatureUtil.java 2009-08-03 16:19:12 UTC (rev 677) +++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/util/XMLSignatureUtil.java 2009-08-03 17:05:39 UTC (rev 678) @@ -55,7 +55,6 @@ import javax.xml.transform.Transformer; import javax.xml.transform.TransformerException; import javax.xml.transform.TransformerFactory; -import javax.xml.transform.dom.DOMSource; import javax.xml.transform.stream.StreamResult; import org.jboss.identity.federation.core.saml.v2.util.DocumentUtil; @@ -269,6 +268,6 @@ { TransformerFactory tf = TransformerFactory.newInstance(); Transformer trans = tf.newTransformer(); - trans.transform(new DOMSource(signedDocument), new StreamResult(os)); + trans.transform(DocumentUtil.getXMLSource(signedDocument), new StreamResult(os)); } } \ No newline at end of file Modified: identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustJAXBFactory.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustJAXBFactory.java 2009-08-03 16:19:12 UTC (rev 677) +++ identity-federation/trunk/jboss-identity-fed-api/src/main/java/org/jboss/identity/federation/api/wstrust/WSTrustJAXBFactory.java 2009-08-03 17:05:39 UTC (rev 678) @@ -259,7 +259,7 @@ throw new RuntimeException("Failed to marshall security token request", e); } - return new DOMSource(result); + return DocumentUtil.getXMLSource(result); } /** @@ -306,7 +306,7 @@ { throw new RuntimeException("Failed to marshall security token response", e); } - return new DOMSource(result); + return DocumentUtil.getXMLSource(result); } /** Modified: identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java 2009-08-03 16:19:12 UTC (rev 677) +++ identity-federation/trunk/jboss-identity-fed-api/src/test/java/org/jboss/test/identity/federation/api/saml/v2/SignatureValidationUnitTestCase.java 2009-08-03 17:05:39 UTC (rev 678) @@ -167,8 +167,7 @@ Node importedSignedNode = validatingDoc.importNode(signedNode, true); validatingDoc.appendChild(importedSignedNode); - // Validate the signature - System.out.println(DocumentUtil.getDocumentAsString(validatingDoc)); + // Validate the signature boolean isValid = XMLSignatureUtil.validate(validatingDoc, kp.getPublic()); assertTrue("Signature is valid:", isValid); @@ -189,8 +188,7 @@ importedSignedNode = validatingDoc.importNode(signedNode, true); validatingDoc.appendChild(importedSignedNode); - // The client re-validates the signature. - System.out.println(DocumentUtil.getDocumentAsString(validatingDoc)); + // The client re-validates the signature. assertTrue("Signature is valid:", XMLSignatureUtil.validate(validatingDoc, kp.getPublic())); JAXBElement<ResponseType> jaxbresponseType = (JAXBElement<ResponseType>) binder.unmarshal(readDoc); Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/DocumentUtil.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/DocumentUtil.java 2009-08-03 16:19:12 UTC (rev 677) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/saml/v2/util/DocumentUtil.java 2009-08-03 17:05:39 UTC (rev 678) @@ -218,15 +218,6 @@ return bis; } - - private static Transformer getTransformer() throws TransformerConfigurationException, - TransformerFactoryConfigurationError - { - Transformer transformer = TransformerFactory.newInstance().newTransformer(); - transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); - transformer.setOutputProperty(OutputKeys.INDENT, "no"); - return transformer; - } /** * Stream a DOM Node as a String @@ -288,6 +279,16 @@ } /** + * Get a {@link Source} given a {@link Document} + * @param doc + * @return + */ + public static Source getXMLSource(Document doc) + { + return new DOMSource(doc); + } + + /** * Log the nodes in the document * @param doc */ @@ -320,5 +321,14 @@ factory.setNamespaceAware(true); factory.setXIncludeAware(true); return factory; - } + } + + private static Transformer getTransformer() throws TransformerConfigurationException, + TransformerFactoryConfigurationError + { + Transformer transformer = TransformerFactory.newInstance().newTransformer(); + transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes"); + transformer.setOutputProperty(OutputKeys.INDENT, "no"); + return transformer; + } } \ No newline at end of file

14 years, 9 months

1
0
0 / 0

JBoss Identity SVN: r677 - identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util.

by jboss-identity-commits＠lists.jboss.org

Author: anil.saldhana(a)jboss.com Date: 2009-08-03 12:19:12 -0400 (Mon, 03 Aug 2009) New Revision: 677 Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/IDFedLSInputResolver.java Log: JBID-158: IDFedLSInputResolver updated with ws-t schemas Modified: identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/IDFedLSInputResolver.java =================================================================== --- identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/IDFedLSInputResolver.java 2009-07-31 19:17:02 UTC (rev 676) +++ identity-federation/trunk/jboss-identity-fed-core/src/main/java/org/jboss/identity/federation/core/util/IDFedLSInputResolver.java 2009-08-03 16:19:12 UTC (rev 677) @@ -42,15 +42,34 @@ static { + //SAML schemaLocationMap.put("saml-schema-assertion-2.0.xsd", "schema/saml/v2/saml-schema-assertion-2.0.xsd"); + + //WS-T + schemaLocationMap.put("http://docs.oasis-open.org/ws-sx/ws-trust/200512/", + "schema/wstrust/v1_3/ws-trust-1.3.xsd"); + schemaLocationMap.put("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext...", + "schema/wstrust/v1_3/oasis-200401-wss-wssecurity-secext-1.0.xsd"); + schemaLocationMap.put("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utilit...", + "schema/wstrust/v1_3/oasis-200401-wss-wssecurity-utility-1.0.xsd"); + schemaLocationMap.put("http://schemas.xmlsoap.org/ws/2004/09/policy", + "schema/wstrust/v1_3/ws-policy.xsd"); + schemaLocationMap.put("http://www.w3.org/2005/08/addressing", + "schema/wstrust/v1_3/ws-addr.xsd"); + + //XML DSIG schemaLocationMap.put("http://www.w3.org/2000/09/xmldsig#", "schema/w3c/xmldsig/xmldsig-core-schema.xsd"); schemaLocationMap.put("http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd", "schema/w3c/xmldsig/xmldsig-core-schema.xsd"); + + //XML Enc schemaLocationMap.put("http://www.w3.org/2001/04/xmlenc#", "schema/w3c/xmlenc/xenc-schema.xsd"); schemaLocationMap.put("http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd", "schema/w3c/xmlenc/xenc-schema.xsd"); + + //XML Schema/DTD schemaLocationMap.put("datatypes.dtd", "schema/w3c/xmlschema/datatypes.dtd"); schemaLocationMap.put("http://www.w3.org/2001/XMLSchema.dtd",

14 years, 9 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

jboss-identity-commits August 2009