Author: bdaw
Date: 2009-08-07 18:56:43 -0400 (Fri, 07 Aug 2009)
New Revision: 681
Added:
idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml
idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif
idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-openldapds.ldif
idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-redhatds.ldif
idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-sunds.ldif
idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml
idm/trunk/idm-testsuite/src/test/resources/test-identity-config-openldapds.xml
idm/trunk/idm-testsuite/src/test/resources/test-identity-config-redhatds.xml
idm/trunk/idm-testsuite/src/test/resources/test-identity-config-sunds.xml
Modified:
idm/trunk/assembly/scripts/assembly-distro.xml
idm/trunk/idm-hibernate/src/main/java/org/jboss/identity/idm/impl/store/hibernate/HibernateIdentityStoreImpl.java
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityObjectTypeConfiguration.java
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreConfiguration.java
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreImpl.java
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreSessionImpl.java
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityObjectTypeConfiguration.java
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityStoreConfiguration.java
idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/IdentityTestPOJO.java
idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/LDAPTestPOJO.java
idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreTestCase.java
idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif
idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml
Log:
LDAP support improvements
Modified: idm/trunk/assembly/scripts/assembly-distro.xml
===================================================================
--- idm/trunk/assembly/scripts/assembly-distro.xml 2009-08-07 21:17:36 UTC (rev 680)
+++ idm/trunk/assembly/scripts/assembly-distro.xml 2009-08-07 22:56:43 UTC (rev 681)
@@ -14,7 +14,7 @@
<!-- Dependency Sets -->
<dependencySets>
<dependencySet>
-
<outputFileNameMapping>${artifact.artifactId}${dashClassifier?}.${artifact.extension}</outputFileNameMapping>
+
<!--<outputFileNameMapping>${artifact.artifactId}${dashClassifier?}.${artifact.extension}</outputFileNameMapping>-->
<!-- useStrictFiltering>true</useStrictFiltering -->
<unpack>false</unpack>
<scope>test</scope>
Modified:
idm/trunk/idm-hibernate/src/main/java/org/jboss/identity/idm/impl/store/hibernate/HibernateIdentityStoreImpl.java
===================================================================
---
idm/trunk/idm-hibernate/src/main/java/org/jboss/identity/idm/impl/store/hibernate/HibernateIdentityStoreImpl.java 2009-08-07
21:17:36 UTC (rev 680)
+++
idm/trunk/idm-hibernate/src/main/java/org/jboss/identity/idm/impl/store/hibernate/HibernateIdentityStoreImpl.java 2009-08-07
22:56:43 UTC (rev 681)
@@ -22,30 +22,11 @@
package org.jboss.identity.idm.impl.store.hibernate;
-import java.io.Serializable;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.hibernate.Criteria;
-import org.hibernate.HibernateException;
-import org.hibernate.Session;
-import org.hibernate.Query;
-import org.hibernate.SessionFactory;
-import org.hibernate.cfg.AnnotationConfiguration;
-import org.hibernate.criterion.Restrictions;
-import org.hibernate.criterion.MatchMode;
import org.jboss.identity.idm.common.exception.IdentityException;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObject;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectAttribute;
import
org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttribute;
+import
org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttributeValue;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectCredential;
import
org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectCredentialType;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectRelationship;
@@ -54,12 +35,11 @@
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectTextAttribute;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectType;
import org.jboss.identity.idm.impl.model.hibernate.HibernateRealm;
-import
org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttributeValue;
import org.jboss.identity.idm.impl.store.FeaturesMetaDataImpl;
+import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext;
import
org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectAttributeMetaData;
import org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectTypeMetaData;
import
org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData;
-import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext;
import org.jboss.identity.idm.spi.exception.OperationNotSupportedException;
import org.jboss.identity.idm.spi.model.IdentityObject;
import org.jboss.identity.idm.spi.model.IdentityObjectAttribute;
@@ -68,16 +48,35 @@
import org.jboss.identity.idm.spi.model.IdentityObjectRelationship;
import org.jboss.identity.idm.spi.model.IdentityObjectRelationshipType;
import org.jboss.identity.idm.spi.model.IdentityObjectType;
+import org.jboss.identity.idm.spi.search.IdentityObjectSearchCriteria;
import org.jboss.identity.idm.spi.store.FeaturesMetaData;
+import org.jboss.identity.idm.spi.store.IdentityObjectSearchCriteriaType;
import org.jboss.identity.idm.spi.store.IdentityStore;
import org.jboss.identity.idm.spi.store.IdentityStoreInvocationContext;
import org.jboss.identity.idm.spi.store.IdentityStoreSession;
-import org.jboss.identity.idm.spi.store.IdentityObjectSearchCriteriaType;
-import org.jboss.identity.idm.spi.search.IdentityObjectSearchCriteria;
-//import javax.persistence.Persistence;
+import java.io.Serializable;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
import javax.naming.InitialContext;
import javax.naming.NamingException;
+
+import org.hibernate.Criteria;
+import org.hibernate.HibernateException;
+import org.hibernate.Query;
+import org.hibernate.Session;
+import org.hibernate.SessionFactory;
+import org.hibernate.cfg.AnnotationConfiguration;
+import org.hibernate.criterion.Restrictions;
//import javax.persistence.Persistence;
/**
@@ -1552,9 +1551,19 @@
HibernateIdentityObject hibernateObject = safeGet(ctx, identity);
- Set<HibernateIdentityObjectAttribute> storeAttributes =
hibernateObject.getAttributes();
+
+
Map<String, IdentityObjectAttribute> result = new HashMap<String,
IdentityObjectAttribute>();
+ if (hibernateObject == null)
+ {
+ return result;
+ }
+
+ Set<HibernateIdentityObjectAttribute> storeAttributes =
hibernateObject.getAttributes();
+
+
+
// Remap the names
for (HibernateIdentityObjectAttribute attribute : storeAttributes)
{
@@ -1607,13 +1616,12 @@
}
}
- IdentityObjectAttributeMetaData amd = mdMap.get(attribute.getName());
- if (amd != null)
+ if (mdMap != null && mdMap.containsKey(attribute.getName()))
{
+ IdentityObjectAttributeMetaData amd = mdMap.get(attribute.getName());
-
if (!amd.isMultivalued() && attribute.getSize() > 1)
{
throw new IdentityException("Cannot assigned multiply values to
single valued attribute: " + attribute.getName());
@@ -1663,8 +1671,13 @@
{
IdentityObjectAttribute attribute = mappedAttributes.get(name);
- IdentityObjectAttributeMetaData amd = mdMap.get(attribute.getName());
+ IdentityObjectAttributeMetaData amd = null;
+ if (mdMap != null)
+ {
+ amd = mdMap.get(attribute.getName());
+ }
+
// Default to text
String type = amd != null ? amd.getType() :
IdentityObjectAttributeMetaData.TEXT_TYPE;
Modified:
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityObjectTypeConfiguration.java
===================================================================
---
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityObjectTypeConfiguration.java 2009-08-07
21:17:36 UTC (rev 680)
+++
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityObjectTypeConfiguration.java 2009-08-07
22:56:43 UTC (rev 681)
@@ -41,19 +41,36 @@
String getEntrySearchFilter();
+ String getEntrySearchScope();
+
boolean isAllowCreateEntry();
Map<String, String[]> getCreateEntryAttributeValues();
String[] getAllowedMembershipTypes();
- String getMembershipAttributeName();
+ String getParentMembershipAttributeName();
- boolean isMembershipAttributeDN();
+ boolean isParentMembershipAttributeDN();
- boolean allowEmptyMemberships();
+ boolean isAllowEmptyMemberships();
String getAttributeMapping(String identityAttribute);
Set<String> getMappedAttributesNames();
+
+ String getChildMembershipAttributeName();
+
+ boolean isChildMembershipAttributeDN();
+
+ boolean isAllowEmptyPassword();
+
+ String getEnclosePasswordWith();
+
+ String getPasswordEncoding();
+
+ Map<String, String[]> getUpdatePasswordAttributeValues();
+
+ boolean isSubentryMembershipLookup();
+
}
Modified:
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreConfiguration.java
===================================================================
---
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreConfiguration.java 2009-08-07
21:17:36 UTC (rev 680)
+++
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreConfiguration.java 2009-08-07
22:56:43 UTC (rev 681)
@@ -23,7 +23,10 @@
package org.jboss.identity.idm.impl.store.ldap;
import org.jboss.identity.idm.spi.model.IdentityObjectType;
+import
org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData;
+import java.util.Map;
+
/**
* Helper interface to expose LDAP IdentityStore configuration in a different way
*
@@ -32,6 +35,8 @@
*/
public interface LDAPIdentityStoreConfiguration
{
+
+ IdentityStoreConfigurationMetaData getConfigurationMetaData();
String getProviderURL();
@@ -45,4 +50,34 @@
IdentityObjectType[] getConfiguredTypes();
+ Map<String, LDAPIdentityObjectTypeConfiguration> getTypesConfiguration();
+
+ Map<String, String> getCustomJNDIConnectionParameters();
+
+ Map<String, String> getCustomSystemProperties();
+
+ String getExternalJNDIContext();
+
+ String getMembershipToRelationshipTypeMapping();
+
+ boolean isSupportNamedRelationships();
+
+ String[] getRelationshipNamesCtxDNs();
+
+ String getRelationshipNameSearchFilter();
+
+ String getRelationshipNameSearchScope();
+
+ Map<String, String[]> getRelationshipNameCreateEntryAttributeValues();
+
+ String getRelationshipNameAttributeName();
+
+ String getNamedRelationshipSearchFilter();
+
+ Map<String, String[]> getNamedRelationshipCreateEntryAttributeValues();
+
+ String getNamedRelationshipNameAttributeName();
+
+ String getNamedRelationshipMemberAttributeName();
+
}
Modified:
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreImpl.java
===================================================================
---
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreImpl.java 2009-08-07
21:17:36 UTC (rev 680)
+++
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreImpl.java 2009-08-07
22:56:43 UTC (rev 681)
@@ -22,6 +22,31 @@
package org.jboss.identity.idm.impl.store.ldap;
+import org.jboss.identity.idm.common.exception.IdentityException;
+import org.jboss.identity.idm.impl.NotYetImplementedException;
+import org.jboss.identity.idm.impl.api.SimpleAttribute;
+import org.jboss.identity.idm.impl.helper.Tools;
+import org.jboss.identity.idm.impl.model.ldap.LDAPIdentityObjectImpl;
+import org.jboss.identity.idm.impl.model.ldap.LDAPIdentityObjectRelationshipImpl;
+import org.jboss.identity.idm.impl.store.FeaturesMetaDataImpl;
+import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext;
+import
org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectAttributeMetaData;
+import org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectTypeMetaData;
+import
org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData;
+import org.jboss.identity.idm.spi.exception.OperationNotSupportedException;
+import org.jboss.identity.idm.spi.model.IdentityObject;
+import org.jboss.identity.idm.spi.model.IdentityObjectAttribute;
+import org.jboss.identity.idm.spi.model.IdentityObjectCredential;
+import org.jboss.identity.idm.spi.model.IdentityObjectRelationship;
+import org.jboss.identity.idm.spi.model.IdentityObjectRelationshipType;
+import org.jboss.identity.idm.spi.model.IdentityObjectType;
+import org.jboss.identity.idm.spi.search.IdentityObjectSearchCriteria;
+import org.jboss.identity.idm.spi.store.FeaturesMetaData;
+import org.jboss.identity.idm.spi.store.IdentityObjectSearchCriteriaType;
+import org.jboss.identity.idm.spi.store.IdentityStore;
+import org.jboss.identity.idm.spi.store.IdentityStoreInvocationContext;
+import org.jboss.identity.idm.spi.store.IdentityStoreSession;
+
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
@@ -38,6 +63,7 @@
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Pattern;
+import java.io.UnsupportedEncodingException;
import javax.naming.Context;
import javax.naming.InitialContext;
@@ -56,31 +82,6 @@
import javax.naming.ldap.LdapName;
import javax.naming.ldap.SortControl;
-import org.jboss.identity.idm.common.exception.IdentityException;
-import org.jboss.identity.idm.impl.NotYetImplementedException;
-import org.jboss.identity.idm.impl.api.SimpleAttribute;
-import org.jboss.identity.idm.impl.helper.Tools;
-import org.jboss.identity.idm.impl.model.ldap.LDAPIdentityObjectImpl;
-import org.jboss.identity.idm.impl.model.ldap.LDAPIdentityObjectRelationshipImpl;
-import org.jboss.identity.idm.impl.store.FeaturesMetaDataImpl;
-import
org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectAttributeMetaData;
-import org.jboss.identity.idm.spi.configuration.metadata.IdentityObjectTypeMetaData;
-import
org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData;
-import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext;
-import org.jboss.identity.idm.spi.exception.OperationNotSupportedException;
-import org.jboss.identity.idm.spi.model.IdentityObject;
-import org.jboss.identity.idm.spi.model.IdentityObjectAttribute;
-import org.jboss.identity.idm.spi.model.IdentityObjectCredential;
-import org.jboss.identity.idm.spi.model.IdentityObjectRelationship;
-import org.jboss.identity.idm.spi.model.IdentityObjectRelationshipType;
-import org.jboss.identity.idm.spi.model.IdentityObjectType;
-import org.jboss.identity.idm.spi.store.FeaturesMetaData;
-import org.jboss.identity.idm.spi.store.IdentityStore;
-import org.jboss.identity.idm.spi.store.IdentityStoreInvocationContext;
-import org.jboss.identity.idm.spi.store.IdentityStoreSession;
-import org.jboss.identity.idm.spi.store.IdentityObjectSearchCriteriaType;
-import org.jboss.identity.idm.spi.search.IdentityObjectSearchCriteria;
-
/**
* @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw
Dawidowicz</a>
* @version : 0.1 $
@@ -163,14 +164,7 @@
public IdentityStoreSession createIdentityStoreSession()
{
-
- return new LDAPIdentityStoreSessionImpl(
- "com.sun.jndi.ldap.LdapCtxFactory",
- configuration.getProviderURL(),
- "simple",
- configuration.getAdminDN(),
- configuration.getAdminPassword());
-
+ return new LDAPIdentityStoreSessionImpl(configuration);
}
public String getId()
@@ -498,7 +492,7 @@
for (String typeCtx : typeCtxs)
{
- if (dn.endsWith(typeCtx))
+ if (dn.toLowerCase().endsWith(typeCtx.toLowerCase()))
{
type = possibleType;
break;
@@ -729,14 +723,14 @@
// If parent simply look for all its members
if (parent)
{
- if (typeConfig.getMembershipAttributeName() == null)
+ if (typeConfig.getParentMembershipAttributeName() == null)
{
throw new IdentityException("Membership attribute name not
configured. Given IdentityObjectType cannot have" +
"members: " + identity.getIdentityType().getName());
}
Attributes attrs = ldapContext.getAttributes(ldapFromIO.getDn());
- Attribute member = attrs.get(typeConfig.getMembershipAttributeName());
+ Attribute member = attrs.get(typeConfig.getParentMembershipAttributeName());
if (member != null)
{
@@ -745,7 +739,7 @@
{
String memberRef = memberValues.nextElement().toString();
- if (typeConfig.isMembershipAttributeDN())
+ if (typeConfig.isParentMembershipAttributeDN())
{
//TODO: use direct LDAP query instaed of other find method and add
attributesFilter
@@ -829,9 +823,9 @@
// Add filter to search only parents of the given entry
af.append("(")
- .append(parentTypeConfiguration.getMembershipAttributeName())
+ .append(parentTypeConfiguration.getParentMembershipAttributeName())
.append("=");
- if (parentTypeConfiguration.isMembershipAttributeDN())
+ if (parentTypeConfiguration.isParentMembershipAttributeDN())
{
af.append(ldapFromIO.getDn());
}
@@ -938,7 +932,7 @@
if (parent)
{
Attributes attrs = ldapContext.getAttributes(ldapIO.getDn());
- Attribute member = attrs.get(typeConfig.getMembershipAttributeName());
+ Attribute member = attrs.get(typeConfig.getParentMembershipAttributeName());
if (member != null)
{
@@ -947,7 +941,7 @@
{
String memberRef = memberValues.nextElement().toString();
- if (typeConfig.isMembershipAttributeDN())
+ if (typeConfig.isParentMembershipAttributeDN())
{
//TODO: use direct LDAP query instaed of other find method and add
attributesFilter
@@ -996,9 +990,9 @@
// Add filter to search only parents of the given entry
af.append("(")
- .append(parentTypeConfiguration.getMembershipAttributeName())
+ .append(parentTypeConfiguration.getParentMembershipAttributeName())
.append("=");
- if (parentTypeConfiguration.isMembershipAttributeDN())
+ if (parentTypeConfiguration.isParentMembershipAttributeDN())
{
af.append(ldapIO.getDn());
}
@@ -1116,9 +1110,9 @@
// Construct new member attribute values
Attributes attrs = new BasicAttributes(true);
- Attribute member = new
BasicAttribute(fromTypeConfig.getMembershipAttributeName());
+ Attribute member = new
BasicAttribute(fromTypeConfig.getParentMembershipAttributeName());
- if (fromTypeConfig.isMembershipAttributeDN())
+ if (fromTypeConfig.isParentMembershipAttributeDN())
{
member.add(ldapToIO.getDn());
}
@@ -1195,9 +1189,9 @@
//construct new member attribute values
Attributes attrs = new BasicAttributes(true);
- Attribute member = new
BasicAttribute(fromTypeConfig.getMembershipAttributeName());
+ Attribute member = new
BasicAttribute(fromTypeConfig.getParentMembershipAttributeName());
- if (fromTypeConfig.isMembershipAttributeDN())
+ if (fromTypeConfig.isParentMembershipAttributeDN())
{
member.add(ldapToIO.getDn());
}
@@ -1277,7 +1271,7 @@
try
{
Attributes attrs = ldapContext.getAttributes(ldapFromIO.getDn());
- Attribute member = attrs.get(fromTypeConfig.getMembershipAttributeName());
+ Attribute member =
attrs.get(fromTypeConfig.getParentMembershipAttributeName());
if (member != null)
{
@@ -1286,8 +1280,8 @@
{
String memberRef = memberValues.nextElement().toString();
- if ((fromTypeConfig.isMembershipAttributeDN() &&
memberRef.equals(ldapToIO.getDn())) ||
- (!fromTypeConfig.isMembershipAttributeDN() &&
memberRef.equals(ldapToIO.getName())))
+ if ((fromTypeConfig.isParentMembershipAttributeDN() &&
memberRef.equals(ldapToIO.getDn())) ||
+ (!fromTypeConfig.isParentMembershipAttributeDN() &&
memberRef.equals(ldapToIO.getName())))
{
//TODO: impl lacks support for rel type
relationships.add(new LDAPIdentityObjectRelationshipImpl(null,
ldapFromIO, ldapToIO));
@@ -1402,10 +1396,18 @@
{
//TODO: support for empty password should be configurable
passwordString = credential.getValue().toString();
+ if (passwordString.length() == 0 && !getTypeConfiguration(ctx,
identityObject.getIdentityType()).isAllowEmptyPassword())
+ {
+ return false;
+ }
}
else
{
- throw new IdentityException("Null password value");
+ if (!getTypeConfiguration(ctx,
identityObject.getIdentityType()).isAllowEmptyPassword())
+ {
+ new IdentityException("Null password value");
+ }
+ passwordString = "";
}
LdapContext ldapContext = getLDAPContext(ctx);
@@ -1468,16 +1470,47 @@
// Handle generic impl
+ LDAPIdentityObjectTypeConfiguration typeConfig = getTypeConfiguration(ctx,
identityObject.getIdentityType());
+
if (credential.getValue() != null)
{
//TODO: support for empty password should be configurable
passwordString = credential.getValue().toString();
+ if (passwordString.length() == 0 &&
!typeConfig.isAllowEmptyPassword())
+ {
+ new IdentityException("Empty password is not allowed by
configuration");;
+ }
}
else
{
- throw new IdentityException("Null password value");
+ if (!typeConfig.isAllowEmptyPassword())
+ {
+ new IdentityException("Null password value");
+ }
+ passwordString = "";
}
+ if (typeConfig.getEnclosePasswordWith() != null)
+ {
+ String enc = typeConfig.getEnclosePasswordWith();
+ passwordString = enc + passwordString + enc;
+ }
+
+ byte[] encodedPassword = null;
+
+ if (typeConfig.getPasswordEncoding() != null)
+ {
+ try
+ {
+ encodedPassword =
passwordString.getBytes(typeConfig.getPasswordEncoding());
+ }
+ catch (UnsupportedEncodingException e)
+ {
+ throw new IdentityException("Error while encoding password with
configured setting: " + typeConfig.getPasswordEncoding(),
+ e);
+ }
+ }
+
String attributeName = getTypeConfiguration(ctx,
ldapIO.getIdentityType()).getPasswordAttributeName();
if (attributeName == null)
@@ -1494,9 +1527,32 @@
Attributes attrs = new BasicAttributes(true);
Attribute attr = new BasicAttribute(attributeName);
- attr.add(passwordString);
+
+ if (encodedPassword != null)
+ {
+ attr.add(encodedPassword);
+ }
+ else
+ {
+ attr.add(passwordString);
+ }
+
attrs.put(attr);
+ if(typeConfig.getUpdatePasswordAttributeValues().size() > 0)
+ {
+ Map<String, String[]> attributesToAdd =
typeConfig.getUpdatePasswordAttributeValues();
+ for (Map.Entry<String, String[]> entry :
attributesToAdd.entrySet())
+ {
+ Attribute additionalAttr = new BasicAttribute(entry.getKey());
+ for (String val : entry.getValue())
+ {
+ additionalAttr.add(val);
+ }
+ }
+ attrs.put(attr);
+ }
+
ldapContext.modifyAttributes(ldapIO.getDn(),
DirContext.REPLACE_ATTRIBUTE,attrs);
}
catch (NamingException e)
Modified:
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreSessionImpl.java
===================================================================
---
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreSessionImpl.java 2009-08-07
21:17:36 UTC (rev 680)
+++
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreSessionImpl.java 2009-08-07
22:56:43 UTC (rev 681)
@@ -22,14 +22,17 @@
package org.jboss.identity.idm.impl.store.ldap;
+import org.jboss.identity.idm.common.exception.IdentityException;
import org.jboss.identity.idm.spi.store.IdentityStoreSession;
-import org.jboss.identity.idm.common.exception.IdentityException;
-import javax.naming.ldap.LdapContext;
-import javax.naming.ldap.InitialLdapContext;
-import javax.naming.Context;
import java.util.Hashtable;
+import java.util.Map;
+import javax.naming.Context;
+import javax.naming.InitialContext;
+import javax.naming.ldap.InitialLdapContext;
+import javax.naming.ldap.LdapContext;
+
/**
* Session around LDAP store. Exposes LDAP connection (LdapContext) and does nothing for
transaction related methods
*
@@ -38,40 +41,72 @@
*/
public class LDAPIdentityStoreSessionImpl implements IdentityStoreSession
{
+ private final LDAPIdentityStoreConfiguration storeConfig;
- private final String INITIAL_CONTEXT_FACTORY;
+ public LDAPIdentityStoreSessionImpl(LDAPIdentityStoreConfiguration storeConfig)
+ {
+ this.storeConfig = storeConfig;
- private final String PROVIDER_URL;
+ }
- private final String SECURITY_AUTHENTICATION;
- private final String SECURITY_PRINCIPAL;
+ public LdapContext getLdapContext() throws Exception
+ {
- private final String SECURITY_CREDENTIALS;
+ if (storeConfig.getExternalJNDIContext() != null)
+ {
+ InitialContext iniCtx = new InitialContext();
+ return (LdapContext)iniCtx.lookup(storeConfig.getExternalJNDIContext());
+ }
+ if (storeConfig.getCustomSystemProperties() != null &&
+ storeConfig.getCustomSystemProperties().size() > 0)
+ {
- public LDAPIdentityStoreSessionImpl(String INITIAL_CONTEXT_FACTORY,
- String PROVIDER_URL,
- String SECURITY_AUTHENTICATION,
- String SECURITY_PRINCIPAL,
- String SECURITY_CREDENTIALS)
- {
- this.INITIAL_CONTEXT_FACTORY = INITIAL_CONTEXT_FACTORY;
- this.PROVIDER_URL = PROVIDER_URL;
- this.SECURITY_AUTHENTICATION = SECURITY_AUTHENTICATION;
- this.SECURITY_PRINCIPAL = SECURITY_PRINCIPAL;
- this.SECURITY_CREDENTIALS = SECURITY_CREDENTIALS;
- }
+ Map<String, String> props = storeConfig.getCustomSystemProperties();
- public LdapContext getLdapContext() throws Exception
- {
+ for (String name : props.keySet())
+ {
+ System.setProperty(name, props.get(name));
+ }
+ }
+
Hashtable<String,String> env = new Hashtable<String,String>();
- env.put(Context.INITIAL_CONTEXT_FACTORY, INITIAL_CONTEXT_FACTORY);
- env.put(Context.PROVIDER_URL, PROVIDER_URL);
- env.put(Context.SECURITY_AUTHENTICATION, SECURITY_AUTHENTICATION);
- env.put(Context.SECURITY_PRINCIPAL, SECURITY_PRINCIPAL);
- env.put(Context.SECURITY_CREDENTIALS, SECURITY_CREDENTIALS);
+
+ env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
+
+ if (storeConfig.getProviderURL() != null)
+ {
+ env.put(Context.PROVIDER_URL, storeConfig.getProviderURL());
+
+ }
+ if (storeConfig.getAdminDN() != null)
+ {
+ env.put(Context.SECURITY_PRINCIPAL, storeConfig.getAdminDN());
+
+ }
+ if (storeConfig.getAdminPassword() != null)
+ {
+ env.put(Context.SECURITY_CREDENTIALS, storeConfig.getAdminPassword());
+
+ }
+
+ env.put(Context.SECURITY_AUTHENTICATION, "simple");
+
+ if (storeConfig.getCustomJNDIConnectionParameters() != null &&
+ storeConfig.getCustomJNDIConnectionParameters().size() > 0)
+ {
+
+ Map<String, String> params =
storeConfig.getCustomJNDIConnectionParameters();
+
+ for (String name : params.keySet())
+ {
+ env.put(name, params.get(name));
+ }
+ }
+
+
return new InitialLdapContext(env, null);
}
Modified:
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityObjectTypeConfiguration.java
===================================================================
---
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityObjectTypeConfiguration.java 2009-08-07
21:17:36 UTC (rev 680)
+++
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityObjectTypeConfiguration.java 2009-08-07
22:56:43 UTC (rev 681)
@@ -47,21 +47,37 @@
private final String entrySearchFilter;
+ private final String entrySearchScope;
+
private final boolean allowCreateEntry;
private final Map<String, String[]> createEntryAttributeValues;
private final String[] allowedMembershipTypes;
- private final String membershipAttributeName;
+ private final String parentMembershipAttributeName;
- private final boolean isMembershipAttributeDN;
+ private final boolean isParentMembershipAttributeDN;
private final boolean allowEmptyMemberships;
private final Map<String, String> attributeNames;
+ private final String childMembershipAttributeName;
+ private final boolean isChildMembershipAttributeDN;
+
+ private final boolean allowEmptyPassword;
+
+ private final String enclosePasswordWith;
+
+ private final String passwordEncoding;
+
+ private final Map<String, String[]> updatePasswordAttributeValues;
+
+ private final boolean subentryMembershipLookup;
+
+
//Consts
public static final String ID_ATTRIBUTE_NAME = "idAttributeName";
@@ -72,24 +88,45 @@
public static final String ENTRY_SEARCH_FILTER = "entrySearchFilter";
+ public static final String ENTRY_SEARCH_SCOPE = "entrySearchScope";
+
public static final String ALLOW_CREATE_ENTRY = "allowCreateEntry";
- public static final String MEMBERSHIP_ATTRIBUTE_NAME =
"membershipAttributeName";
+ public static final String PARENT_MEMBERSHIP_ATTRIBUTE_NAME =
"parentMembershipAttributeName";
- public static final String IS_MEMBERSHIP_ATTRIBUTE_DN =
"isMembershipAttributeDN";
+ public static final String IS_PARENT_MEMBERSHIP_ATTRIBUTE_DN =
"isParentMembershipAttributeDN";
- public static final String ALLOW_EMPTY_MEMBERSHIPS =
"allowEmptyMemberships";
+ public static final String ALLOW_EMPTY_MEMBERSHIPS =
"isAllowEmptyMemberships";
public static final String CREATE_ENTRY_ATTRIBUTE_VALUES =
"createEntryAttributeValues";
+ public static final String CHILD_MEMBERSHIP_ATTRIBUTE_NAME =
"childMembershipAttributeName";
+ public static final String CHILD_MEMBERSHIP_ATTRIBUTE_DN =
"childMembershipAttributeDN";
+ public static final String ALLOW_EMPTY_PASSWORD = "allowEmptyPassword";
+
+ public static final String ENCLOSE_PASSWORD_WITH = "enclosePasswordWith";
+
+ public static final String PASSWORD_ENCODIGN = "passwordEncoding";
+
+ public static final String SUBENTRY_MEMBERSHIP_LOOKUP =
"subentryMembershipLookup";
+
+ public static final String PASSWORD_UPDATE_ATTRIBUTE_VALUES =
"passwordUpdateAttributeValues";
+
+
public SimpleLDAPIdentityObjectTypeConfiguration(IdentityObjectTypeMetaData
objectTypeMD)
{
this.idAttributeName = objectTypeMD.getOptionSingleValue(ID_ATTRIBUTE_NAME);
this.passwordAttributeName =
objectTypeMD.getOptionSingleValue(PASSWORD_ATTRIBUTE_NAME);
this.entrySearchFilter = objectTypeMD.getOptionSingleValue(ENTRY_SEARCH_FILTER);
- this.membershipAttributeName =
objectTypeMD.getOptionSingleValue(MEMBERSHIP_ATTRIBUTE_NAME);
+ this.entrySearchScope = objectTypeMD.getOptionSingleValue(ENTRY_SEARCH_SCOPE);
+ this.parentMembershipAttributeName =
objectTypeMD.getOptionSingleValue(PARENT_MEMBERSHIP_ATTRIBUTE_NAME);
+ this.childMembershipAttributeName =
objectTypeMD.getOptionSingleValue(CHILD_MEMBERSHIP_ATTRIBUTE_NAME);
+ this.enclosePasswordWith =
objectTypeMD.getOptionSingleValue(ENCLOSE_PASSWORD_WITH);
+ this.passwordEncoding = objectTypeMD.getOptionSingleValue(PASSWORD_ENCODIGN);
+
+
String allowCreateEntry = objectTypeMD.getOptionSingleValue(ALLOW_CREATE_ENTRY);
if (allowCreateEntry != null &&
allowCreateEntry.equalsIgnoreCase("true"))
{
@@ -100,14 +137,14 @@
this.allowCreateEntry = false;
}
- String isMembershipAttributeDN =
objectTypeMD.getOptionSingleValue(IS_MEMBERSHIP_ATTRIBUTE_DN);
+ String isMembershipAttributeDN =
objectTypeMD.getOptionSingleValue(IS_PARENT_MEMBERSHIP_ATTRIBUTE_DN);
if (isMembershipAttributeDN != null &&
isMembershipAttributeDN.equalsIgnoreCase("true"))
{
- this.isMembershipAttributeDN = true;
+ this.isParentMembershipAttributeDN = true;
}
else
{
- this.isMembershipAttributeDN = false;
+ this.isParentMembershipAttributeDN = false;
}
String allowEmptyMemberships =
objectTypeMD.getOptionSingleValue(ALLOW_EMPTY_MEMBERSHIPS);
@@ -120,6 +157,36 @@
this.allowEmptyMemberships = false;
}
+ String isChildMembershipAttributeDN =
objectTypeMD.getOptionSingleValue(CHILD_MEMBERSHIP_ATTRIBUTE_DN);
+ if (isChildMembershipAttributeDN != null &&
isChildMembershipAttributeDN.equalsIgnoreCase("true"))
+ {
+ this.isChildMembershipAttributeDN = true;
+ }
+ else
+ {
+ this.isChildMembershipAttributeDN = false;
+ }
+
+ String allowEmptyPassword =
objectTypeMD.getOptionSingleValue(ALLOW_EMPTY_PASSWORD);
+ if (allowEmptyPassword != null &&
allowEmptyPassword.equalsIgnoreCase("true"))
+ {
+ this.allowEmptyPassword = true;
+ }
+ else
+ {
+ this.allowEmptyPassword = false;
+ }
+
+ String subentryMembershipLookup =
objectTypeMD.getOptionSingleValue(SUBENTRY_MEMBERSHIP_LOOKUP);
+ if (subentryMembershipLookup != null &&
subentryMembershipLookup.equalsIgnoreCase("true"))
+ {
+ this.subentryMembershipLookup = true;
+ }
+ else
+ {
+ this.subentryMembershipLookup = false;
+ }
+
List<String> relationships = new LinkedList<String>();
if (objectTypeMD.getRelationships() != null)
@@ -194,39 +261,59 @@
this.createEntryAttributeValues = Collections.unmodifiableMap(new
HashMap<String, String[]>());
}
+
+
+ Map<String, List<String>> updatePasswordAttributesMap = new
HashMap<String, List<String>>();
+
+ List<String> passwordUpdateAttributes =
objectTypeMD.getOption(PASSWORD_UPDATE_ATTRIBUTE_VALUES);
+
+ if (passwordUpdateAttributes != null && passwordUpdateAttributes.size()
> 0 )
+ {
+ for (String attribute : passwordUpdateAttributes)
+ {
+ String[] parts = attribute.split("=", 2);
+ if (parts.length != 2)
+ {
+ continue;
+ }
+
+ String name = parts[0];
+ String value = parts[1];
+
+ if (!updatePasswordAttributesMap.containsKey(name))
+ {
+ List<String> list = new LinkedList<String>();
+ list.add(value);
+ updatePasswordAttributesMap.put(name, list);
+ }
+ else
+ {
+ updatePasswordAttributesMap.get(name).add(value);
+ }
+ }
+
+ Map<String, String[]> createEntryAttributesArray = new HashMap<String,
String[]>();
+
+ for (Map.Entry<String, List<String>> entry :
updatePasswordAttributesMap.entrySet())
+ {
+ createEntryAttributesArray.put(entry.getKey(), entry.getValue().toArray(new
String[entry.getValue().size()]));
+ }
+
+ this.updatePasswordAttributeValues =
Collections.unmodifiableMap(createEntryAttributesArray);
+ }
+ else
+ {
+ this.updatePasswordAttributeValues = Collections.unmodifiableMap(new
HashMap<String, String[]>());
+ }
+
//TODO: validate all required options - throw exception for missing ones and set
defaults for others
}
- public SimpleLDAPIdentityObjectTypeConfiguration(String idAttributeName,
- String passwordAttributeName,
- String[] ctxDNs,
- String entrySearchFilter,
- boolean allowCreateEntry,
- Map<String, String[]>
createEntryAttributeValues,
- String[] allowedMembershipTypes,
- String membershipAttributeName,
- boolean membershipAttributeDN,
- boolean allowEmptyMemberships,
- Map<String, String>
attributeNames)
- {
- this.idAttributeName = idAttributeName;
- this.passwordAttributeName = passwordAttributeName;
- this.ctxDNs = ctxDNs.clone();
- this.entrySearchFilter = entrySearchFilter;
- this.allowCreateEntry = allowCreateEntry;
- this.createEntryAttributeValues =
Collections.unmodifiableMap(createEntryAttributeValues);
- this.allowedMembershipTypes = allowedMembershipTypes.clone();
- this.membershipAttributeName = membershipAttributeName;
- isMembershipAttributeDN = membershipAttributeDN;
- this.allowEmptyMemberships = allowEmptyMemberships;
- this.attributeNames = Collections.unmodifiableMap(attributeNames);
- }
-
public String getIdAttributeName()
{
return idAttributeName;
@@ -257,17 +344,17 @@
return allowedMembershipTypes.clone();
}
- public String getMembershipAttributeName()
+ public String getParentMembershipAttributeName()
{
- return membershipAttributeName;
+ return parentMembershipAttributeName;
}
- public boolean isMembershipAttributeDN()
+ public boolean isParentMembershipAttributeDN()
{
- return isMembershipAttributeDN;
+ return isParentMembershipAttributeDN;
}
- public boolean allowEmptyMemberships()
+ public boolean isAllowEmptyMemberships()
{
return allowEmptyMemberships;
}
@@ -282,58 +369,54 @@
return passwordAttributeName;
}
- // public void setIdAttributeName(String idAttributeName)
-// {
-// this.idAttributeName = idAttributeName;
-// }
-//
-// public void setCtxDNs(String[] ctxDNs)
-// {
-// this.ctxDNs = ctxDNs;
-// }
-//
-// public void setEntrySearchFilter(String entrySearchFilter)
-// {
-// this.entrySearchFilter = entrySearchFilter;
-// }
-//
-// public void setAllowCreateEntry(boolean allowCreateEntry)
-// {
-// this.allowCreateEntry = allowCreateEntry;
-// }
-//
-// public void setCreateEntryAttributeValues(Map<String, String[]>
createEntryAttributeValues)
-// {
-// this.createEntryAttributeValues = createEntryAttributeValues;
-// }
-//
-// public void setAllowedMembershipTypes(String[] allowedMembershipTypes)
-// {
-// this.allowedMembershipTypes = allowedMembershipTypes;
-// }
-//
-// public void setMembershipAttributeName(String membershipAttributeName)
-// {
-// this.membershipAttributeName = membershipAttributeName;
-// }
-//
-// public void setMembershipAttributeDN(boolean membershipAttributeDN)
-// {
-// isMembershipAttributeDN = membershipAttributeDN;
-// }
-//
-// public void setAllowEmptyMemberships(boolean allowEmptyMemberships)
-// {
-// this.allowEmptyMemberships = allowEmptyMemberships;
-// }
-//
-// public void setAttributeNames(Map<String, String> attributeNames)
-// {
-// this.attributeNames = attributeNames;
-// }
-
+
public Set<String> getMappedAttributesNames()
{
return Collections.unmodifiableSet(attributeNames.keySet());
}
+
+ public String getEntrySearchScope()
+ {
+ return entrySearchScope;
+ }
+
+ public Map<String, String> getAttributeNames()
+ {
+ return attributeNames;
+ }
+
+ public String getChildMembershipAttributeName()
+ {
+ return childMembershipAttributeName;
+ }
+
+ public boolean isChildMembershipAttributeDN()
+ {
+ return isChildMembershipAttributeDN;
+ }
+
+ public boolean isAllowEmptyPassword()
+ {
+ return allowEmptyPassword;
+ }
+
+ public String getEnclosePasswordWith()
+ {
+ return enclosePasswordWith;
+ }
+
+ public String getPasswordEncoding()
+ {
+ return passwordEncoding;
+ }
+
+ public Map<String, String[]> getUpdatePasswordAttributeValues()
+ {
+ return updatePasswordAttributeValues;
+ }
+
+ public boolean isSubentryMembershipLookup()
+ {
+ return subentryMembershipLookup;
+ }
}
Modified:
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityStoreConfiguration.java
===================================================================
---
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityStoreConfiguration.java 2009-08-07
21:17:36 UTC (rev 680)
+++
idm/trunk/idm-ldap/src/main/java/org/jboss/identity/idm/impl/store/ldap/SimpleLDAPIdentityStoreConfiguration.java 2009-08-07
22:56:43 UTC (rev 681)
@@ -29,13 +29,19 @@
import java.util.Map;
import java.util.HashMap;
+import java.util.List;
+import java.util.LinkedList;
+import java.util.Collections;
/**
* @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw
Dawidowicz</a>
* @version : 0.1 $
*/
-public class SimpleLDAPIdentityStoreConfiguration implements
LDAPIdentityStoreConfiguration
+public class SimpleLDAPIdentityStoreConfiguration
+ implements LDAPIdentityStoreConfiguration
{
+ private final IdentityStoreConfigurationMetaData configurationMetaData;
+
private final String providerURL;
private final String adminDN;
@@ -46,7 +52,35 @@
private final Map<String, LDAPIdentityObjectTypeConfiguration>
typesConfiguration;
+ private final Map<String, String> customJNDIConnectionParameters;
+ private final Map<String, String> customSystemProperties;
+
+ private final String externalJNDIContext;
+
+ private final String membershipToRelationshipTypeMapping;
+
+ private final boolean supportNamedRelationships;
+
+ private final String[] relationshipNamesCtxDNs;
+
+ private final String relationshipNameSearchFilter;
+
+ private final String relationshipNameSearchScope;
+
+ private final Map<String, String[]> relationshipNameCreateEntryAttributeValues;
+
+ private final String relationshipNameAttributeName;
+
+ private final String namedRelationshipSearchFilter;
+
+ private final Map<String, String[]>
namedRelationshipCreateEntryAttributeValues;
+
+ private final String namedRelationshipNameAttributeName;
+
+ private final String namedRelationshipMemberAttributeName;
+
+
// Consts
public static final String PROVIDER_URL = "providerURL";
@@ -59,6 +93,34 @@
public static final int SEARCH_TIME_LIMIT_DEFAULT = 10000;
+ public static final String CUSTOM_JNDI_CONNECTION_PARAMETERS =
"customJNDIConnectionParameters";
+
+ public static final String CUSTOM_SYSTEM_PROPERTIES =
"customSystemProperties";
+
+ public static final String EXTERNAL_JNDI_CONTEXT = "externalJNDIContext";
+
+ public static final String MEMBERSHIP_TO_RELATIONSHIP_TYPE_MAPPING =
"membershipToRelationshipTypeMapping";
+
+ public static final String SUPPORT_NAMED_RELATIONSHIPS =
"supportNamedRelationships";
+
+ public static final String RELATIONSHIP_NAMES_CTX_DNS =
"relationshipNamesCtxDNs";
+
+ public static final String RELATIONSHIP_NAME_SEARCH_FILTER =
"relationshipNameSearchFilter";
+
+ public static final String RELATIONSHIP_NAME_SEARCH_SCOPE =
"relationshipNameSearchScope";
+
+ public static final String RELATIONSHOP_NAME_CREATE_ENTRY_ATTRIBUTE_VALUES =
"relationshipNameCreateEntryAttributeValues";
+
+ public static final String RELATIONSHIP_NAME_ATTRIBUTE_NAME =
"relationshipNameAttributeName";
+
+ public static final String NAMED_RELATIONSHIP_SEARCH_FILTER =
"namedRelationshipSearchFilter";
+
+ public static final String NAMED_RELATIONSHIP_CREATE_ENTRY_ATTRIBUTE_VALUES =
"namedRelationshipCreateEntryAttributeValues";
+
+ public static final String NAMED_RELATIONSHIP_NAME_ATTRIBUTE_NAME =
"namedRelationshipNameAttributeName";
+
+ public static final String NAMED_RELATIONSHIP_MEMBER_ATTRIBUTE_NAME =
"namedRelationshipMemberAttributeName";
+
public SimpleLDAPIdentityStoreConfiguration(IdentityStoreConfigurationMetaData
storeMD)
{
if (storeMD == null)
@@ -66,20 +128,41 @@
throw new IllegalArgumentException();
}
- providerURL = storeMD.getOptionSingleValue(PROVIDER_URL);
- adminDN = storeMD.getOptionSingleValue(ADMIN_DN);
- adminPassword = storeMD.getOptionSingleValue(ADMIN_PASSWORD);
+
+ this.configurationMetaData = storeMD;
+ this.providerURL = storeMD.getOptionSingleValue(PROVIDER_URL);
+ this.adminDN = storeMD.getOptionSingleValue(ADMIN_DN);
+ this.adminPassword = storeMD.getOptionSingleValue(ADMIN_PASSWORD);
+ this.externalJNDIContext = storeMD.getOptionSingleValue(EXTERNAL_JNDI_CONTEXT);
+ this.membershipToRelationshipTypeMapping =
storeMD.getOptionSingleValue(MEMBERSHIP_TO_RELATIONSHIP_TYPE_MAPPING);
+ this.relationshipNameSearchFilter =
storeMD.getOptionSingleValue(RELATIONSHIP_NAME_SEARCH_FILTER);
+ this.relationshipNameSearchScope =
storeMD.getOptionSingleValue(RELATIONSHIP_NAME_SEARCH_SCOPE);
+ this.relationshipNameAttributeName =
storeMD.getOptionSingleValue(RELATIONSHIP_NAME_ATTRIBUTE_NAME);
+ this.namedRelationshipSearchFilter =
storeMD.getOptionSingleValue(NAMED_RELATIONSHIP_SEARCH_FILTER);
+ this.namedRelationshipNameAttributeName =
storeMD.getOptionSingleValue(NAMED_RELATIONSHIP_NAME_ATTRIBUTE_NAME);
+ this.namedRelationshipMemberAttributeName =
storeMD.getOptionSingleValue(NAMED_RELATIONSHIP_MEMBER_ATTRIBUTE_NAME);
String searchTL = storeMD.getOptionSingleValue(SEARCH_TIME_LIMIT);
if (searchTL != null)
{
- searchTimeLimit = Integer.valueOf(searchTL);
+ this.searchTimeLimit = Integer.valueOf(searchTL);
}
else
{
- searchTimeLimit = SEARCH_TIME_LIMIT_DEFAULT;
+ this.searchTimeLimit = SEARCH_TIME_LIMIT_DEFAULT;
}
+ String supportNamedRelationships =
storeMD.getOptionSingleValue(SUPPORT_NAMED_RELATIONSHIPS);
+ if (supportNamedRelationships != null &&
supportNamedRelationships.equalsIgnoreCase("true"))
+ {
+ this.supportNamedRelationships = true;
+ }
+ else
+ {
+ this.supportNamedRelationships = false;
+ }
+
+
Map<String, LDAPIdentityObjectTypeConfiguration> types = new
HashMap<String, LDAPIdentityObjectTypeConfiguration>();
for (IdentityObjectTypeMetaData identityObjectTypeMetaData :
storeMD.getSupportedIdentityTypes())
@@ -89,8 +172,161 @@
}
- typesConfiguration = types;
+ List<String> dns = storeMD.getOption(RELATIONSHIP_NAMES_CTX_DNS);
+ if (dns != null)
+ {
+ this.relationshipNamesCtxDNs = dns.toArray(new String[dns.size()]);
+ }
+ else
+ {
+ this.relationshipNamesCtxDNs = null;
+ }
+ this.typesConfiguration = types;
+
+
+ Map<String, List<String>> createNamedRelationshipEntryAttributesMap =
new HashMap<String, List<String>>();
+
+ List<String> createNamedRelationshipAttributes =
storeMD.getOption(NAMED_RELATIONSHIP_CREATE_ENTRY_ATTRIBUTE_VALUES);
+
+ if (createNamedRelationshipAttributes != null &&
createNamedRelationshipAttributes.size() > 0)
+ {
+ for (String attribute : createNamedRelationshipAttributes)
+ {
+ String[] parts = attribute.split("=", 2);
+ if (parts.length != 2)
+ {
+ continue;
+ }
+
+ String name = parts[0];
+ String value = parts[1];
+
+ if (!createNamedRelationshipEntryAttributesMap.containsKey(name))
+ {
+ List<String> list = new LinkedList<String>();
+ list.add(value);
+ createNamedRelationshipEntryAttributesMap.put(name, list);
+ }
+ else
+ {
+ createNamedRelationshipEntryAttributesMap.get(name).add(value);
+ }
+ }
+
+ Map<String, String[]> createEntryAttributesArray = new HashMap<String,
String[]>();
+
+ for (Map.Entry<String, List<String>> entry :
createNamedRelationshipEntryAttributesMap.entrySet())
+ {
+ createEntryAttributesArray.put(entry.getKey(), entry.getValue().toArray(new
String[entry.getValue().size()]));
+ }
+
+ this.namedRelationshipCreateEntryAttributeValues =
Collections.unmodifiableMap(createEntryAttributesArray);
+ }
+ else
+ {
+ this.namedRelationshipCreateEntryAttributeValues =
Collections.unmodifiableMap(new HashMap<String, String[]>());
+ }
+
+ Map<String, List<String>> createRelationshipNameEntryAttributesMap =
new HashMap<String, List<String>>();
+
+ List<String> createRelationshipNameAttributes =
storeMD.getOption(RELATIONSHOP_NAME_CREATE_ENTRY_ATTRIBUTE_VALUES);
+
+ if (createRelationshipNameAttributes != null &&
createRelationshipNameAttributes.size() > 0 )
+ {
+ for (String attribute : createRelationshipNameAttributes)
+ {
+ String[] parts = attribute.split("=", 2);
+ if (parts.length != 2)
+ {
+ continue;
+ }
+
+ String name = parts[0];
+ String value = parts[1];
+
+ if (!createRelationshipNameEntryAttributesMap.containsKey(name))
+ {
+ List<String> list = new LinkedList<String>();
+ list.add(value);
+ createRelationshipNameEntryAttributesMap.put(name, list);
+ }
+ else
+ {
+ createRelationshipNameEntryAttributesMap.get(name).add(value);
+ }
+ }
+
+ Map<String, String[]> createEntryAttributesArray = new HashMap<String,
String[]>();
+
+ for (Map.Entry<String, List<String>> entry :
createRelationshipNameEntryAttributesMap.entrySet())
+ {
+ createEntryAttributesArray.put(entry.getKey(), entry.getValue().toArray(new
String[entry.getValue().size()]));
+ }
+
+ this.relationshipNameCreateEntryAttributeValues =
Collections.unmodifiableMap(createEntryAttributesArray);
+ }
+ else
+ {
+ this.relationshipNameCreateEntryAttributeValues =
Collections.unmodifiableMap(new HashMap<String, String[]>());
+ }
+
+ List<String> customJndiParams =
storeMD.getOption(CUSTOM_JNDI_CONNECTION_PARAMETERS);
+
+ Map<String, String> customJndiParamsMap = new HashMap<String,
String>();
+
+ if (customJndiParams != null && customJndiParams.size() > 0 )
+ {
+ for (String param : customJndiParams)
+ {
+ String[] parts = param.split("=", 2);
+ if (parts.length != 2)
+ {
+ continue;
+ }
+
+ String name = parts[0];
+ String value = parts[1];
+
+ customJndiParamsMap.put(name, value);
+
+ }
+
+ this.customJNDIConnectionParameters =
Collections.unmodifiableMap(customJndiParamsMap);
+ }
+ else
+ {
+ this.customJNDIConnectionParameters = Collections.unmodifiableMap(new
HashMap<String, String>());
+ }
+
+ List<String> customSystemProps =
storeMD.getOption(CUSTOM_SYSTEM_PROPERTIES);
+
+ Map<String, String> customSystemProperties = new HashMap<String,
String>();
+
+ if (customSystemProps != null && customSystemProps.size() > 0 )
+ {
+ for (String param : customSystemProps)
+ {
+ String[] parts = param.split("=", 2);
+ if (parts.length != 2)
+ {
+ continue;
+ }
+
+ String name = parts[0];
+ String value = parts[1];
+
+ customSystemProperties.put(name, value);
+
+ }
+
+ this.customSystemProperties =
Collections.unmodifiableMap(customSystemProperties);
+ }
+ else
+ {
+ this.customSystemProperties = Collections.unmodifiableMap(new HashMap<String,
String>());
+ }
+
//TODO: validate if critical values are present
@@ -134,5 +370,84 @@
return types;
}
-
+
+ public IdentityStoreConfigurationMetaData getConfigurationMetaData()
+ {
+ return configurationMetaData;
+ }
+
+ public Map<String, LDAPIdentityObjectTypeConfiguration> getTypesConfiguration()
+ {
+ return typesConfiguration;
+ }
+
+ public Map<String, String> getCustomJNDIConnectionParameters()
+ {
+ return customJNDIConnectionParameters;
+ }
+
+ public Map<String, String> getCustomSystemProperties()
+ {
+ return customSystemProperties;
+ }
+
+ public String getExternalJNDIContext()
+ {
+ return externalJNDIContext;
+ }
+
+ public String getMembershipToRelationshipTypeMapping()
+ {
+ return membershipToRelationshipTypeMapping;
+ }
+
+ public boolean isSupportNamedRelationships()
+ {
+ return supportNamedRelationships;
+ }
+
+ public String[] getRelationshipNamesCtxDNs()
+ {
+ return relationshipNamesCtxDNs;
+ }
+
+ public String getRelationshipNameSearchFilter()
+ {
+ return relationshipNameSearchFilter;
+ }
+
+ public String getRelationshipNameSearchScope()
+ {
+ return relationshipNameSearchScope;
+ }
+
+ public Map<String, String[]> getRelationshipNameCreateEntryAttributeValues()
+ {
+ return relationshipNameCreateEntryAttributeValues;
+ }
+
+ public String getRelationshipNameAttributeName()
+ {
+ return relationshipNameAttributeName;
+ }
+
+ public String getNamedRelationshipSearchFilter()
+ {
+ return namedRelationshipSearchFilter;
+ }
+
+ public Map<String, String[]> getNamedRelationshipCreateEntryAttributeValues()
+ {
+ return namedRelationshipCreateEntryAttributeValues;
+ }
+
+ public String getNamedRelationshipNameAttributeName()
+ {
+ return namedRelationshipNameAttributeName;
+ }
+
+ public String getNamedRelationshipMemberAttributeName()
+ {
+ return namedRelationshipMemberAttributeName;
+ }
}
Modified:
idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/IdentityTestPOJO.java
===================================================================
---
idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/IdentityTestPOJO.java 2009-08-07
21:17:36 UTC (rev 680)
+++
idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/IdentityTestPOJO.java 2009-08-07
22:56:43 UTC (rev 681)
@@ -22,32 +22,31 @@
package org.jboss.identity.idm.impl;
-import org.jboss.unit.api.pojo.annotations.Parameter;
-import static org.jboss.unit.api.Assert.assertTrue;
-import org.jboss.portal.test.framework.embedded.JNDISupport;
-import org.jboss.portal.test.framework.embedded.ConnectionManagerSupport;
-import org.jboss.portal.test.framework.embedded.TransactionManagerSupport;
-import org.jboss.portal.test.framework.embedded.DataSourceSupport;
-import org.jboss.portal.test.framework.embedded.HibernateSupport;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObject;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectAttribute;
import
org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttribute;
-import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectTextAttribute;
+import
org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttributeValue;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectCredential;
import
org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectCredentialType;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectRelationship;
import
org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectRelationshipName;
import
org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectRelationshipType;
+import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectTextAttribute;
import org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectType;
import org.jboss.identity.idm.impl.model.hibernate.HibernateRealm;
-import
org.jboss.identity.idm.impl.model.hibernate.HibernateIdentityObjectBinaryAttributeValue;
import org.jboss.identity.idm.test.HibernateAnnotationsSupport;
-import org.hibernate.SessionFactory;
+import org.jboss.portal.test.framework.embedded.ConnectionManagerSupport;
+import org.jboss.portal.test.framework.embedded.DataSourceSupport;
+import org.jboss.portal.test.framework.embedded.HibernateSupport;
+import org.jboss.portal.test.framework.embedded.JNDISupport;
+import org.jboss.portal.test.framework.embedded.TransactionManagerSupport;
+import org.jboss.unit.api.pojo.annotations.Parameter;
-import java.util.List;
import java.util.LinkedList;
+import java.util.List;
import junit.framework.TestCase;
+import org.hibernate.SessionFactory;
/**
@@ -57,7 +56,7 @@
public class IdentityTestPOJO extends TestCase
{
- private String identityConfig = "test-identity-config.xml";
+ protected String identityConfig = "test-identity-config.xml";
private String realmName;
@@ -141,7 +140,7 @@
public void overrideFromProperties() throws Exception
{
- String dsName =System.getProperties().getProperty("dataSourceName");
+ String dsName = System.getProperties().getProperty("dataSourceName");
if (dsName != null && !dsName.startsWith("$"))
{
Modified:
idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/LDAPTestPOJO.java
===================================================================
---
idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/LDAPTestPOJO.java 2009-08-07
21:17:36 UTC (rev 680)
+++
idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/LDAPTestPOJO.java 2009-08-07
22:56:43 UTC (rev 681)
@@ -23,20 +23,21 @@
package org.jboss.identity.idm.impl;
import org.jboss.identity.idm.opends.OpenDSService;
+import org.jboss.portal.test.framework.embedded.DSConfig;
import org.jboss.unit.api.pojo.annotations.Parameter;
-import org.opends.server.tools.LDAPModify;
+import java.net.URL;
+import java.util.Hashtable;
+
+import javax.naming.Binding;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
-import javax.naming.Binding;
import javax.naming.directory.DirContext;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
-import java.util.Hashtable;
-import java.io.File;
-import java.net.URL;
-import java.net.URISyntaxException;
+import org.opends.server.tools.LDAPModify;
+
/**
* @author <a href="mailto:boleslaw.dawidowicz at redhat.com">Boleslaw
Dawidowicz</a>
* @version : 0.1 $
@@ -44,49 +45,55 @@
public class LDAPTestPOJO extends IdentityTestPOJO
{
- private String directoryName = "EmbeddedOpenDS";
+ private String EMBEDDED_OPEN_DS_DIRECTORY_NAME = "EmbeddedOpenDS";
- public static final String LDAP_HOST = "localhost";
+ protected DSConfig directoryConfig;
- public static final String LDAP_PORT = "10389";
+ private String directories = "datasources/directories.xml";
- public static final String LDAP_PROVIDER_URL = "ldap://" + LDAP_HOST +
":" + LDAP_PORT;
+ //By default use embedded OpenDS
+ private String directoryName = EMBEDDED_OPEN_DS_DIRECTORY_NAME;
- public static final String LDAP_PRINCIPAL = "cn=Directory Manager";
-
- public static final String LDAP_CREDENTIALS = "password";
-
public static Hashtable<String,String> env = new
Hashtable<String,String>();
- static
- {
- env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
- env.put(Context.PROVIDER_URL, LDAP_PROVIDER_URL);
- env.put(Context.SECURITY_AUTHENTICATION, "simple");
- env.put(Context.SECURITY_PRINCIPAL, LDAP_PRINCIPAL);
- env.put(Context.SECURITY_CREDENTIALS, LDAP_CREDENTIALS);
- }
-
OpenDSService openDSService = new OpenDSService(null);
@Override
public void start() throws Exception
{
+
+ overrideFromProperties();
+
+ directoryConfig = DSConfig.obtainConfig(directories, directoryName);
+
+ identityConfig = directoryConfig.getConfigFile();
+
super.start();
+ env.put(Context.INITIAL_CONTEXT_FACTORY, directoryConfig.getContextFactory());
+ //Use description to store URL to be able to prefix with "ldaps://"
+ env.put(Context.PROVIDER_URL, directoryConfig.getDescription());
+ env.put(Context.SECURITY_AUTHENTICATION, "simple");
+ env.put(Context.SECURITY_PRINCIPAL, directoryConfig.getAdminDN());
+ env.put(Context.SECURITY_CREDENTIALS, directoryConfig.getAdminPassword());
- openDSService.start();
-
-
+ if (directoryName.equals(EMBEDDED_OPEN_DS_DIRECTORY_NAME))
+ {
+ openDSService.start();
+ }
}
@Override
public void stop() throws Exception
{
+ cleanUp(new InitialLdapContext(env, null));
+
super.stop();
- cleanUp(new InitialLdapContext(env, null));
- openDSService.stop();
+ if (directoryName.equals(EMBEDDED_OPEN_DS_DIRECTORY_NAME))
+ {
+ openDSService.stop();
+ }
}
@@ -114,14 +121,14 @@
return directoryName;
}
- public void populate() throws Exception
- {
- populateLDIF("ldap/initial-opends.ldif");
- }
+// public void populate() throws Exception
+// {
+// populateLDIF("ldap/initial-opends.ldif");
+// }
public void populateClean() throws Exception
{
- populateLDIF("ldap/initial-empty-opends.ldif");
+ populateLDIF(directoryConfig.getPopulateLdif());
}
public void populateLDIF(String ldif) throws Exception
@@ -131,13 +138,14 @@
System.out.println("LDIF: " + ldifURL.toURI().getPath());
- String[] cmd = new String[] {"-h", LDAP_HOST,
- "-p", LDAP_PORT,
- "-D", LDAP_PRINCIPAL,
- "-w", LDAP_CREDENTIALS,
+ String[] cmd = new String[] {"-h", directoryConfig.getHost(),
+ "-p", directoryConfig.getPort(),
+ "-D", directoryConfig.getAdminDN(),
+ "-w", directoryConfig.getAdminPassword(),
"-a", "-f", ldifURL.toURI().getPath()};
- System.out.println("Populate success: " + (LDAPModify.mainModify(cmd,
false, System.out, System.err) == 0));
+// System.out.println("Populate success: " + (LDAPModify.mainModify(cmd,
false, System.out, System.err) == 0));
+ System.out.println("Populate success: " + (LDAPModify.mainModify(cmd) ==
0));
}
@@ -145,7 +153,7 @@
{
try
{
- String dn = "dc=portal,dc=example,dc=com";
+ String dn = directoryConfig.getCleanUpDN();
System.out.println("Removing: " + dn);
Modified:
idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreTestCase.java
===================================================================
---
idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreTestCase.java 2009-08-07
21:17:36 UTC (rev 680)
+++
idm/trunk/idm-testsuite/src/test/java/org/jboss/identity/idm/impl/store/ldap/LDAPIdentityStoreTestCase.java 2009-08-07
22:56:43 UTC (rev 681)
@@ -22,34 +22,30 @@
package org.jboss.identity.idm.impl.store.ldap;
+import org.jboss.identity.idm.common.exception.IdentityException;
+import org.jboss.identity.idm.impl.LDAPTestPOJO;
+import org.jboss.identity.idm.impl.configuration.IdentityConfigurationImpl;
+import org.jboss.identity.idm.impl.configuration.IdentityStoreConfigurationContextImpl;
+import org.jboss.identity.idm.impl.configuration.jaxb2.JAXB2IdentityConfiguration;
+import org.jboss.identity.idm.impl.store.CommonIdentityStoreTest;
+import org.jboss.identity.idm.impl.store.IdentityStoreTestContext;
+import org.jboss.identity.idm.spi.configuration.IdentityConfigurationContextRegistry;
+import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext;
+import org.jboss.identity.idm.spi.configuration.metadata.IdentityConfigurationMetaData;
+import
org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData;
import org.jboss.identity.idm.spi.store.IdentityStore;
import org.jboss.identity.idm.spi.store.IdentityStoreInvocationContext;
import org.jboss.identity.idm.spi.store.IdentityStoreSession;
-import org.jboss.identity.idm.spi.model.IdentityObject;
-import org.jboss.identity.idm.spi.model.IdentityObjectAttribute;
-import org.jboss.identity.idm.spi.configuration.metadata.IdentityConfigurationMetaData;
-import
org.jboss.identity.idm.spi.configuration.metadata.IdentityStoreConfigurationMetaData;
-import org.jboss.identity.idm.spi.configuration.IdentityConfigurationContextRegistry;
-import org.jboss.identity.idm.spi.configuration.IdentityStoreConfigurationContext;
-import org.jboss.identity.idm.impl.store.IdentityTypeEnum;
-import org.jboss.identity.idm.impl.store.CommonIdentityStoreTest;
-import org.jboss.identity.idm.impl.store.IdentityStoreTestContext;
-import org.jboss.identity.idm.impl.configuration.jaxb2.JAXB2IdentityConfiguration;
-import org.jboss.identity.idm.impl.configuration.IdentityConfigurationImpl;
-import org.jboss.identity.idm.impl.configuration.IdentityStoreConfigurationContextImpl;
-import org.jboss.identity.idm.impl.api.SimpleAttribute;
-import org.jboss.identity.idm.impl.LDAPTestPOJO;
-import org.jboss.identity.idm.common.exception.IdentityException;
import org.jboss.unit.api.pojo.annotations.Create;
import org.jboss.unit.api.pojo.annotations.Destroy;
import org.jboss.unit.api.pojo.annotations.Test;
+import java.util.Hashtable;
+
import javax.naming.Context;
import javax.naming.NamingException;
-import javax.naming.ldap.LdapContext;
import javax.naming.ldap.InitialLdapContext;
-import java.util.Hashtable;
-import java.util.Map;
+import javax.naming.ldap.LdapContext;
/**
@@ -75,7 +71,7 @@
{
super.start();
- setIdentityConfig("store-test-config.xml");
+// setIdentityConfig("store-test-config.xml");
commonTest = new CommonIdentityStoreTest(this);
@@ -89,7 +85,7 @@
for (IdentityStoreConfigurationMetaData metaData :
configurationMD.getIdentityStores())
{
- if (metaData.getId().equals("LDAPTestStore"))
+ if (metaData.getId().equals("LDAP Identity Store"))
{
storeMD = metaData;
break;
@@ -171,7 +167,7 @@
//populate();
- store = new LDAPIdentityStoreImpl("LDAPTestStore");
+ store = new LDAPIdentityStoreImpl("LDAP Identity Store");
store.bootstrap(context);
}
@@ -205,14 +201,14 @@
@Test
public void testSimple() throws Exception
{
- populate();
+ populateClean();
Hashtable<String,String> env = new Hashtable<String,String>();
- env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
- env.put(Context.PROVIDER_URL, LDAP_PROVIDER_URL);
+ env.put(Context.INITIAL_CONTEXT_FACTORY, directoryConfig.getContextFactory());
+ env.put(Context.PROVIDER_URL, directoryConfig.getDescription());
env.put(Context.SECURITY_AUTHENTICATION, "simple");
- env.put(Context.SECURITY_PRINCIPAL, LDAP_PRINCIPAL);
- env.put(Context.SECURITY_CREDENTIALS, LDAP_CREDENTIALS);
+ env.put(Context.SECURITY_PRINCIPAL, directoryConfig.getAdminDN());
+ env.put(Context.SECURITY_CREDENTIALS, directoryConfig.getAdminPassword());
LdapContext ldapCtx = null;
try
@@ -220,7 +216,7 @@
ldapCtx = new InitialLdapContext(env, null);
// Do something ...
- System.out.println("Attributes: " +
ldapCtx.getAttributes("o=test,dc=portal,dc=example,dc=com"));
+ System.out.println("Attributes: " +
ldapCtx.getAttributes(directoryConfig.getCleanUpDN()));
}
catch (NamingException e)
@@ -243,147 +239,147 @@
}
}
- @Test
- public void testIdentityObjectCount() throws Exception
- {
- populate();
+// @Test
+// public void testIdentityObjectCount() throws Exception
+// {
+// populate();
+//
+// assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER));
+// assertEquals(5, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.ROLE));
+// assertEquals(2, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP));
+// }
+//
+// @Test
+// public void testFindCreateRemove() throws Exception
+// {
+// populate();
+//
+// assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER));
+//
+// IdentityObject io = store.findIdentityObject(ctx, "admin",
IdentityTypeEnum.USER);
+// assertEquals("admin", io.getName());
+// assertEquals("uid=admin,ou=People,o=test,dc=portal,dc=example,dc=com",
io.getId().toString());
+//
+// //
+//
+// store.removeIdentityObject(ctx, io);
+//
+// assertEquals(6, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER));
+//
+// store.createIdentityObject(ctx, "newUserA", IdentityTypeEnum.USER);
+//
+// assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER));
+//
+// //
+//
+// assertEquals(2, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP));
+//
+// store.createIdentityObject(ctx, "newGroupA", IdentityTypeEnum.GROUP);
+//
+// assertEquals(3, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP));
+//
+// //
+//
+// io = store.findIdentityObject(ctx,
"cn=newGroupA,ou=Groups,o=test,dc=portal,dc=example,dc=com");
+// assertEquals("newGroupA", io.getName());
+//
+// }
- assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER));
- assertEquals(5, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.ROLE));
- assertEquals(2, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP));
- }
+// @Test
+// public void testAttributes() throws Exception{
+//
+// populate();
+//
+// IdentityObject user1 = store.createIdentityObject(ctx, "Adam",
IdentityTypeEnum.USER);
+// IdentityObject user2 = store.createIdentityObject(ctx, "Eva",
IdentityTypeEnum.USER);
+//
+// //
+//
+// IdentityObjectAttribute[] attrs = new IdentityObjectAttribute[]{
+// new SimpleAttribute("phone", new String[]{"val1"}),
+// new SimpleAttribute("description", new String[]{"val1",
"val2", "val3", "val4"}),
+//
+// };
+//
+// store.addAttributes(ctx, user1, attrs);
+//
+// //
+//
+// Map<String, IdentityObjectAttribute> persistedAttrs =
store.getAttributes(ctx, user1);
+//
+// assertEquals(2, persistedAttrs.keySet().size());
+//
+// assertTrue(persistedAttrs.containsKey("phone"));
+// assertEquals(1, persistedAttrs.get("phone").getSize());
+//
+// assertTrue(persistedAttrs.containsKey("description"));
+// assertEquals(4, persistedAttrs.get("description").getSize());
+//
+// //
+//
+// attrs = new IdentityObjectAttribute[]{
+// new SimpleAttribute("carLicense", new String[]{"val1"})
+// };
+//
+// store.addAttributes(ctx, user1, attrs);
+//
+// //
+//
+// persistedAttrs = store.getAttributes(ctx, user1);
+//
+// assertEquals(3, persistedAttrs.keySet().size());
+//
+// assertTrue(persistedAttrs.containsKey("phone"));
+// assertEquals(1, persistedAttrs.get("phone").getSize());
+//
+// assertTrue(persistedAttrs.containsKey("description"));
+// assertEquals(4, persistedAttrs.get("description").getSize());
+//
+// assertTrue(persistedAttrs.containsKey("carLicense"));
+// assertEquals(1, persistedAttrs.get("carLicense").getSize());
+//
+// attrs = new IdentityObjectAttribute[]{
+// new SimpleAttribute("carLicense", new String[]{"val2"})
+// };
+//
+// store.addAttributes(ctx, user1, attrs);
+//
+// //
+//
+// persistedAttrs = store.getAttributes(ctx, user1);
+//
+// assertEquals(3, persistedAttrs.keySet().size());
+//
+// assertTrue(persistedAttrs.containsKey("carLicense"));
+// assertEquals(2, persistedAttrs.get("carLicense").getSize());
+//
+// //
+//
+// store.updateAttributes(ctx, user1, attrs);
+//
+// //
+//
+// persistedAttrs = store.getAttributes(ctx, user1);
+//
+// assertEquals(3, persistedAttrs.keySet().size());
+//
+// assertTrue(persistedAttrs.containsKey("carLicense"));
+// assertEquals(1, persistedAttrs.get("carLicense").getSize());
+//
+// //
+//
+// String[] names = new String[]{"carLicense"};
+// store.removeAttributes(ctx, user1, names);
+//
+// //
+//
+// persistedAttrs = store.getAttributes(ctx, user1);
+//
+// assertEquals(2, persistedAttrs.keySet().size());
+//
+// }
@Test
- public void testFindCreateRemove() throws Exception
- {
- populate();
-
- assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER));
-
- IdentityObject io = store.findIdentityObject(ctx, "admin",
IdentityTypeEnum.USER);
- assertEquals("admin", io.getName());
- assertEquals("uid=admin,ou=People,o=test,dc=portal,dc=example,dc=com",
io.getId().toString());
-
- //
-
- store.removeIdentityObject(ctx, io);
-
- assertEquals(6, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER));
-
- store.createIdentityObject(ctx, "newUserA", IdentityTypeEnum.USER);
-
- assertEquals(7, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.USER));
-
- //
-
- assertEquals(2, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP));
-
- store.createIdentityObject(ctx, "newGroupA", IdentityTypeEnum.GROUP);
-
- assertEquals(3, store.getIdentityObjectsCount(ctx, IdentityTypeEnum.GROUP));
-
- //
-
- io = store.findIdentityObject(ctx,
"cn=newGroupA,ou=Groups,o=test,dc=portal,dc=example,dc=com");
- assertEquals("newGroupA", io.getName());
-
- }
-
- @Test
- public void testAttributes() throws Exception{
-
- populate();
-
- IdentityObject user1 = store.createIdentityObject(ctx, "Adam",
IdentityTypeEnum.USER);
- IdentityObject user2 = store.createIdentityObject(ctx, "Eva",
IdentityTypeEnum.USER);
-
- //
-
- IdentityObjectAttribute[] attrs = new IdentityObjectAttribute[]{
- new SimpleAttribute("phone", new String[]{"val1",
"val2", "val3"}),
- new SimpleAttribute("description", new String[]{"val1",
"val2", "val3", "val4"}),
-
- };
-
- store.addAttributes(ctx, user1, attrs);
-
- //
-
- Map<String, IdentityObjectAttribute> persistedAttrs =
store.getAttributes(ctx, user1);
-
- assertEquals(2, persistedAttrs.keySet().size());
-
- assertTrue(persistedAttrs.containsKey("phone"));
- assertEquals(3, persistedAttrs.get("phone").getSize());
-
- assertTrue(persistedAttrs.containsKey("description"));
- assertEquals(4, persistedAttrs.get("description").getSize());
-
- //
-
- attrs = new IdentityObjectAttribute[]{
- new SimpleAttribute("carLicense", new String[]{"val1"})
- };
-
- store.addAttributes(ctx, user1, attrs);
-
- //
-
- persistedAttrs = store.getAttributes(ctx, user1);
-
- assertEquals(3, persistedAttrs.keySet().size());
-
- assertTrue(persistedAttrs.containsKey("phone"));
- assertEquals(3, persistedAttrs.get("phone").getSize());
-
- assertTrue(persistedAttrs.containsKey("description"));
- assertEquals(4, persistedAttrs.get("description").getSize());
-
- assertTrue(persistedAttrs.containsKey("carLicense"));
- assertEquals(1, persistedAttrs.get("carLicense").getSize());
-
- attrs = new IdentityObjectAttribute[]{
- new SimpleAttribute("carLicense", new String[]{"val2"})
- };
-
- store.addAttributes(ctx, user1, attrs);
-
- //
-
- persistedAttrs = store.getAttributes(ctx, user1);
-
- assertEquals(3, persistedAttrs.keySet().size());
-
- assertTrue(persistedAttrs.containsKey("carLicense"));
- assertEquals(2, persistedAttrs.get("carLicense").getSize());
-
- //
-
- store.updateAttributes(ctx, user1, attrs);
-
- //
-
- persistedAttrs = store.getAttributes(ctx, user1);
-
- assertEquals(3, persistedAttrs.keySet().size());
-
- assertTrue(persistedAttrs.containsKey("carLicense"));
- assertEquals(1, persistedAttrs.get("carLicense").getSize());
-
- //
-
- String[] names = new String[]{"carLicense"};
- store.removeAttributes(ctx, user1, names);
-
- //
-
- persistedAttrs = store.getAttributes(ctx, user1);
-
- assertEquals(2, persistedAttrs.keySet().size());
-
- }
-
- @Test
public void testRelationships() throws Exception
{
populateClean();
Added: idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml
(rev 0)
+++ idm/trunk/idm-testsuite/src/test/resources/datasources/directories.xml 2009-08-07
22:56:43 UTC (rev 681)
@@ -0,0 +1,116 @@
+<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ ~ JBoss, a division of Red Hat ~
+ ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~
+ ~ contributors as indicated by the @authors tag. See the ~
+ ~ copyright.txt in the distribution for a full listing of ~
+ ~ individual contributors. ~
+ ~ ~
+ ~ This is free software; you can redistribute it and/or modify it ~
+ ~ under the terms of the GNU Lesser General Public License as ~
+ ~ published by the Free Software Foundation; either version 2.1 of ~
+ ~ the License, or (at your option) any later version. ~
+ ~ ~
+ ~ This software is distributed in the hope that it will be useful, ~
+ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~
+ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~
+ ~ Lesser General Public License for more details. ~
+ ~ ~
+ ~ You should have received a copy of the GNU Lesser General Public ~
+ ~ License along with this software; if not, write to the Free ~
+ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~
+ ~ 02110-1301 USA, or see the FSF site:
http://www.fsf.org. ~
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~-->
+
+<directories>
+ <directory>
+ <directory-name>EmbeddedOpenDS</directory-name>
+ <description>ldap://localhost:10389</description>
+ <!--identity configuration file-->
+ <config-file>test-identity-config.xml</config-file>
+ <host>localhost</host>
+ <port>10389</port>
+ <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory>
+ <admin-dn>cn=Directory Manager</admin-dn>
+ <admin-password>password</admin-password>
+ <!--ldif from which LDAP will be populated before each test-->
+ <populate-ldif>ldap/initial-empty-opends.ldif</populate-ldif>
+ <!--DN that will be removed to perform cleanup after each test-->
+ <cleanup-dn>o=jbid,dc=example,dc=com</cleanup-dn>
+ </directory>
+ <directory>
+ <directory-name>SunDS</directory-name>
+ <description>ldap://dev39.qa.atl.jboss.com:1389</description>
+ <!--identity configuration file-->
+ <config-file>test-identity-config-sunds.xml</config-file>
+ <host>dev39.qa.atl.jboss.com</host>
+ <port>1389</port>
+ <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory>
+ <admin-dn>cn=Directory Manager</admin-dn>
+ <admin-password>testldap</admin-password>
+ <!--ldif from which LDAP will be populated before each test-->
+ <populate-ldif>ldap/initial-empty-sunds.ldif</populate-ldif>
+ <!--DN that will be removed to perform cleanup after each test-->
+ <cleanup-dn>dc=example,dc=com</cleanup-dn>
+ </directory>
+ <directory>
+ <directory-name>RedHatDS</directory-name>
+ <description>ldap://dev39.qa.atl.jboss.com:10389</description>
+
+ <config-file>test-identity-config-redhatds.xml</config-file>
+ <host>dev39.qa.atl.jboss.com</host>
+ <port>10389</port>
+ <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory>
+ <admin-dn>cn=Directory Manager</admin-dn>
+ <admin-password>qpq123qpq</admin-password>
+
+ <populate-ldif>ldap/initial-empty-redhatds.ldif</populate-ldif>
+
+ <cleanup-dn>o=jbid,dc=example,dc=com</cleanup-dn>
+ </directory>
+ <directory>
+ <directory-name>OpenLDAP</directory-name>
+ <description>ldap://dev39.qa.atl.jboss.com:389</description>
+
+ <config-file>test-identity-config-openldapds.xml</config-file>
+ <host>dev39.qa.atl.jboss.com</host>
+ <port>389</port>
+ <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory>
+ <admin-dn>cn=Manager,dc=my-domain,dc=com</admin-dn>
+ <admin-password>jbossqa</admin-password>
+
+ <populate-ldif>ldap/initial-empty-openldapds.ldif</populate-ldif>
+
+ <cleanup-dn>o=jbid,dc=my-domain,dc=com</cleanup-dn>
+ </directory>
+ <directory>
+ <directory-name>MSAD</directory-name>
+ <description>Microsoft Active Directory in QA Labs (need vpn
access)</description>
+
+ <config-file>test-identity-config-msad.xml</config-file>
+ <host>dev44.qa.atl.jboss.com</host>
+ <port>389</port>
+ <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory>
+ <admin-dn>JBOSS\jbossqa</admin-dn>
+ <admin-password>jboss42</admin-password>
+
+ <populate-ldif>ldap/initial-empty-msad.ldif</populate-ldif>
+
+ <cleanup-dn>o=jbid,dc=test,dc=domain</cleanup-dn>
+ </directory>
+ <directory>
+ <directory-name>MSAD-local</directory-name>
+ <description>ldap://192.168.56.101:389</description>
+
+ <config-file>test-identity-config-msad.xml</config-file>
+ <host>192.168.56.101</host>
+ <port>389</port>
+ <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory>
+ <admin-dn>TEST\Administrator</admin-dn>
+ <admin-password>!Q2w3e4r</admin-password>
+
+ <populate-ldif>ldap/initial-empty-msad.ldif</populate-ldif>
+
+ <cleanup-dn>o=jbid,dc=test,dc=domain</cleanup-dn>
+ </directory>
+
+</directories>
Copied: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif (from rev
676, idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif)
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif
(rev 0)
+++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-msad.ldif 2009-08-07
22:56:43 UTC (rev 681)
@@ -0,0 +1,55 @@
+dn: o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organization
+o: jbid
+
+dn: ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: idm
+
+dn: ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: trunk
+
+dn: ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: test
+
+dn: ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: People
+
+dn: ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: Roles
+
+dn: ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: Groups
+
+dn: ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: Organizations
+
+dn: ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: OrganizationUnits
+
+dn: ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: Departments
+
+dn: ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain
+objectclass: top
+objectclass: organizationalUnit
+ou: Offices
+
Modified: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif 2009-08-07
21:17:36 UTC (rev 680)
+++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif 2009-08-07
22:56:43 UTC (rev 681)
@@ -1,46 +1,54 @@
-dn: dc=portal,dc=example,dc=com
+dn: o=jbid,dc=example,dc=com
objectclass: top
-objectclass: dcObject
objectclass: organization
-o: portal
-dc: portal
+o: jbid
-dn: o=test,dc=portal,dc=example,dc=com
+dn: o=idm,o=jbid,dc=example,dc=com
objectclass: top
objectclass: organization
+o: idm
+
+dn: o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: trunk
+
+dn: o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
o: test
-dn: ou=People,o=test,dc=portal,dc=example,dc=com
+dn: ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
objectclass: top
objectclass: organizationalUnit
ou: People
-dn: ou=Roles,o=test,dc=portal,dc=example,dc=com
+dn: ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
objectclass: top
objectclass: organizationalUnit
ou: Roles
-dn: ou=Groups,o=test,dc=portal,dc=example,dc=com
+dn: ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
objectclass: top
objectclass: organizationalUnit
ou: Groups
-dn: ou=Organizations,o=test,dc=portal,dc=example,dc=com
+dn: ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
objectclass: top
objectclass: organizationalUnit
ou: Organizations
-dn: ou=OrganizationUnits,o=test,dc=portal,dc=example,dc=com
+dn: ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
objectclass: top
objectclass: organizationalUnit
ou: OrganizationUnits
-dn: ou=Departments,o=test,dc=portal,dc=example,dc=com
+dn: ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
objectclass: top
objectclass: organizationalUnit
ou: Departments
-dn: ou=Offices,o=test,dc=portal,dc=example,dc=com
+dn: ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
objectclass: top
objectclass: organizationalUnit
ou: Offices
Copied: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-openldapds.ldif
(from rev 676, idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif)
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-openldapds.ldif
(rev 0)
+++
idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-openldapds.ldif 2009-08-07
22:56:43 UTC (rev 681)
@@ -0,0 +1,55 @@
+dn: o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organization
+o: jbid
+
+dn: o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organization
+o: idm
+
+dn: o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organization
+o: trunk
+
+dn: o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organization
+o: test
+
+dn: ou=People,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: People
+
+dn: ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Roles
+
+dn: ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Groups
+
+dn: ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Organizations
+
+dn: ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: OrganizationUnits
+
+dn: ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Departments
+
+dn: ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Offices
+
Copied: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-redhatds.ldif (from
rev 676, idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif)
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-redhatds.ldif
(rev 0)
+++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-redhatds.ldif 2009-08-07
22:56:43 UTC (rev 681)
@@ -0,0 +1,55 @@
+dn: o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: jbid
+
+dn: o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: idm
+
+dn: o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: trunk
+
+dn: o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: test
+
+dn: ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: People
+
+dn: ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Roles
+
+dn: ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Groups
+
+dn: ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Organizations
+
+dn: ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: OrganizationUnits
+
+dn: ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Departments
+
+dn: ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Offices
+
Copied: idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-sunds.ldif (from rev
676, idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-opends.ldif)
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-sunds.ldif
(rev 0)
+++ idm/trunk/idm-testsuite/src/test/resources/ldap/initial-empty-sunds.ldif 2009-08-07
22:56:43 UTC (rev 681)
@@ -0,0 +1,60 @@
+dn: dc=example,dc=com
+objectclass: top
+objectclass: dcObject
+dc: example
+
+dn: o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: jbid
+
+dn: o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: idm
+
+dn: o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: trunk
+
+dn: o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organization
+o: test
+
+dn: ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: People
+
+dn: ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Roles
+
+dn: ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Groups
+
+dn: ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Organizations
+
+dn: ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: OrganizationUnits
+
+dn: ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Departments
+
+dn: ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Offices
+
Copied: idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml (from rev
676, idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml)
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml
(rev 0)
+++ idm/trunk/idm-testsuite/src/test/resources/test-identity-config-msad.xml 2009-08-07
22:56:43 UTC (rev 681)
@@ -0,0 +1,931 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-identity xmlns="urn:jboss:identity:idm:config:v1_0_beta"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:identity:idm:config:v1_0_beta
identity-config.xsd">
+ <realms>
+ <realm>
+ <id>realm://RedHat/DB</id>
+ <repository-id-ref>RedHat Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB</id>
+ <repository-id-ref>Sample Portal Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://RedHat/DB_LDAP</id>
+ <repository-id-ref>RedHat Repository DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB_LDAP</id>
+ <repository-id-ref>Sample Portal Repository
DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ </realms>
+ <repositories>
+ <repository>
+ <id>RedHat Repository DB</id>
+
<class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity
Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity
Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB</id>
+
<class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity
Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity
Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>RedHat Repository DB+LDAP</id>
+
<class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity
Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity
Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity
Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>PROJECT</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+
<identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+
<value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB+LDAP</id>
+
<class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity
Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity
Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity
Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>SYSTEM</identity-object-type>
+
<identity-object-type>ADMINISTRATION</identity-object-type>
+ <identity-object-type>COMMUNITY</identity-object-type>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>SECURITY</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+
<identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>OFFICE</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+
<value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ </repositories>
+ <stores>
+ <attribute-stores/>
+ <identity-stores>
+ <identity-store>
+ <id>Hibernate Identity Store</id>
+
<class>org.jboss.identity.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+
<relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships>
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>COMMUNITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>OFFICE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>SECURITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>PROJECT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>PEOPLE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ </relationships>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>picture</name>
+ <mapping>user.picture</mapping>
+ <type>binary</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>PEOPLE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>PROJECT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DIVISION</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PROJECT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PEOPLE</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ADMINISTRATION</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>COMMUNITY</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SECURITY</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SYSTEM</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>SECURITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>COMMUNITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <!--<option>-->
+ <!--<name>hibernateConfiguration</name>-->
+ <!--<value>hibernate-jboss-identity.cfg.xml</value>-->
+ <!--</option>-->
+ <option>
+ <name>hibernateSessionFactoryJNDIName</name>
+
<value>java:/jbossidentity/HibernateStoreSessionFactory</value>
+ </option>
+ <option>
+ <name>populateRelationshipTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>populateIdentityObjectTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>isRealmAware</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </identity-store>
+ <identity-store>
+ <id>LDAP Identity Store</id>
+
<class>org.jboss.identity.idm.impl.store.ldap.LDAPIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+
<relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships/>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>phone</name>
+ <mapping>telephoneNumber</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>carLicense</name>
+ <mapping>carLicense</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>passwordAttributeName</name>
+ <value>unicodePwd</value>
+ </option>
+ <option>
+ <name>enclosePasswordWith</name>
+ <value>"</value>
+ </option>
+ <option>
+ <name>passwordEncoding</name>
+ <value>UTF-16LE</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=People,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=inetOrgPerson</value>
+ <value>sn= </value>
+ <!--<value>cn= </value>-->
+ </option>
+ <option>
+ <name>passwordUpdateAttributeValues</name>
+ <value>userAccountControl=512</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Organizations,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=OrganizationUnits,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Departments,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Offices,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>GROUP</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Groups,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ROLE</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Roles,ou=test,ou=trunk,ou=idm,o=jbid,dc=test,dc=domain</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=group</value>
+ </option>
+ </options>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <option>
+ <name>providerURL</name>
+ <value>ldap://192.168.56.101:636</value>
+ </option>
+ <option>
+ <name>adminDN</name>
+ <value>TEST\Administrator</value>
+ </option>
+ <option>
+ <name>adminPassword</name>
+ <value>!Q2w3e4r</value>
+ </option>
+ <option>
+ <name>customJNDIConnectionParameters</name>
+ <value>java.naming.security.protocol=ssl</value>
+ </option>
+ <option>
+ <name>customSystemProperties</name>
+
<value>javax.net.ssl.trustStore=d:\Workshop\msad.truststore</value>
+ <value>javax.net.ssl.trustStorePassword=password</value>
+ </option>
+ <option>
+ <name>searchTimeLimit</name>
+ <value>10000</value>
+ </option>
+ </options>
+ </identity-store>
+ </identity-stores>
+ </stores>
+</jboss-identity>
\ No newline at end of file
Added: idm/trunk/idm-testsuite/src/test/resources/test-identity-config-openldapds.xml
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/test-identity-config-openldapds.xml
(rev 0)
+++
idm/trunk/idm-testsuite/src/test/resources/test-identity-config-openldapds.xml 2009-08-07
22:56:43 UTC (rev 681)
@@ -0,0 +1,910 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-identity xmlns="urn:jboss:identity:idm:config:v1_0_beta"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:identity:idm:config:v1_0_beta
identity-config.xsd">
+ <realms>
+ <realm>
+ <id>realm://RedHat/DB</id>
+ <repository-id-ref>RedHat Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB</id>
+ <repository-id-ref>Sample Portal Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://RedHat/DB_LDAP</id>
+ <repository-id-ref>RedHat Repository DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB_LDAP</id>
+ <repository-id-ref>Sample Portal Repository
DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ </realms>
+ <repositories>
+ <repository>
+ <id>RedHat Repository DB</id>
+
<class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity
Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity
Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB</id>
+
<class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity
Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity
Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>RedHat Repository DB+LDAP</id>
+
<class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity
Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity
Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity
Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>PROJECT</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+
<identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+
<value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB+LDAP</id>
+
<class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity
Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity
Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity
Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>SYSTEM</identity-object-type>
+
<identity-object-type>ADMINISTRATION</identity-object-type>
+ <identity-object-type>COMMUNITY</identity-object-type>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>SECURITY</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+
<identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>OFFICE</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+
<value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ </repositories>
+ <stores>
+ <attribute-stores/>
+ <identity-stores>
+ <identity-store>
+ <id>Hibernate Identity Store</id>
+
<class>org.jboss.identity.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+
<relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships>
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>COMMUNITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>OFFICE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>SECURITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>PROJECT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>PEOPLE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ </relationships>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>picture</name>
+ <mapping>user.picture</mapping>
+ <type>binary</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>PEOPLE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>PROJECT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DIVISION</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PROJECT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PEOPLE</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ADMINISTRATION</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>COMMUNITY</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SECURITY</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SYSTEM</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>SECURITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>COMMUNITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <!--<option>-->
+ <!--<name>hibernateConfiguration</name>-->
+ <!--<value>hibernate-jboss-identity.cfg.xml</value>-->
+ <!--</option>-->
+ <option>
+ <name>hibernateSessionFactoryJNDIName</name>
+
<value>java:/jbossidentity/HibernateStoreSessionFactory</value>
+ </option>
+ <option>
+ <name>populateRelationshipTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>populateIdentityObjectTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>isRealmAware</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </identity-store>
+ <identity-store>
+ <id>LDAP Identity Store</id>
+
<class>org.jboss.identity.idm.impl.store.ldap.LDAPIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+
<relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships/>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>phone</name>
+ <mapping>telephoneNumber</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>carLicense</name>
+ <mapping>carLicense</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>uid</value>
+ </option>
+ <option>
+ <name>passwordAttributeName</name>
+ <value>userPassword</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=People,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value>
+ </option>
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=inetOrgPerson</value>
+ <value>sn= </value>
+ <value>cn= </value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>GROUP</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ROLE</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=my-domain,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <option>
+ <name>providerURL</name>
+ <value>ldap://dev39.qa.atl.jboss.com:389</value>
+ </option>
+ <option>
+ <name>adminDN</name>
+ <value>cn=Manager,dc=my-domain,dc=com</value>
+ </option>
+ <option>
+ <name>adminPassword</name>
+ <value>jbossqa</value>
+ </option>
+ <option>
+ <name>searchTimeLimit</name>
+ <value>10000</value>
+ </option>
+ </options>
+ </identity-store>
+ </identity-stores>
+ </stores>
+</jboss-identity>
\ No newline at end of file
Added: idm/trunk/idm-testsuite/src/test/resources/test-identity-config-redhatds.xml
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/test-identity-config-redhatds.xml
(rev 0)
+++
idm/trunk/idm-testsuite/src/test/resources/test-identity-config-redhatds.xml 2009-08-07
22:56:43 UTC (rev 681)
@@ -0,0 +1,910 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-identity xmlns="urn:jboss:identity:idm:config:v1_0_beta"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:identity:idm:config:v1_0_beta
identity-config.xsd">
+ <realms>
+ <realm>
+ <id>realm://RedHat/DB</id>
+ <repository-id-ref>RedHat Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB</id>
+ <repository-id-ref>Sample Portal Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://RedHat/DB_LDAP</id>
+ <repository-id-ref>RedHat Repository DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB_LDAP</id>
+ <repository-id-ref>Sample Portal Repository
DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ </realms>
+ <repositories>
+ <repository>
+ <id>RedHat Repository DB</id>
+
<class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity
Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity
Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB</id>
+
<class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity
Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity
Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>RedHat Repository DB+LDAP</id>
+
<class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity
Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity
Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity
Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>PROJECT</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+
<identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+
<value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB+LDAP</id>
+
<class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity
Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity
Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity
Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>SYSTEM</identity-object-type>
+
<identity-object-type>ADMINISTRATION</identity-object-type>
+ <identity-object-type>COMMUNITY</identity-object-type>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>SECURITY</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+
<identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>OFFICE</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+
<value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ </repositories>
+ <stores>
+ <attribute-stores/>
+ <identity-stores>
+ <identity-store>
+ <id>Hibernate Identity Store</id>
+
<class>org.jboss.identity.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+
<relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships>
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>COMMUNITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>OFFICE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>SECURITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>PROJECT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>PEOPLE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ </relationships>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>picture</name>
+ <mapping>user.picture</mapping>
+ <type>binary</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>PEOPLE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>PROJECT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DIVISION</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PROJECT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PEOPLE</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ADMINISTRATION</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>COMMUNITY</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SECURITY</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SYSTEM</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>SECURITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>COMMUNITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <!--<option>-->
+ <!--<name>hibernateConfiguration</name>-->
+ <!--<value>hibernate-jboss-identity.cfg.xml</value>-->
+ <!--</option>-->
+ <option>
+ <name>hibernateSessionFactoryJNDIName</name>
+
<value>java:/jbossidentity/HibernateStoreSessionFactory</value>
+ </option>
+ <option>
+ <name>populateRelationshipTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>populateIdentityObjectTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>isRealmAware</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </identity-store>
+ <identity-store>
+ <id>LDAP Identity Store</id>
+
<class>org.jboss.identity.idm.impl.store.ldap.LDAPIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+
<relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships/>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>phone</name>
+ <mapping>telephoneNumber</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>carLicense</name>
+ <mapping>carLicense</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>uid</value>
+ </option>
+ <option>
+ <name>passwordAttributeName</name>
+ <value>userPassword</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=inetOrgPerson</value>
+ <value>sn= </value>
+ <value>cn= </value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>GROUP</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ROLE</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <option>
+ <name>providerURL</name>
+ <value>ldap://dev39.qa.atl.jboss.com:10389</value>
+ </option>
+ <option>
+ <name>adminDN</name>
+ <value>cn=Directory Manager</value>
+ </option>
+ <option>
+ <name>adminPassword</name>
+ <value>qpq123qpq</value>
+ </option>
+ <option>
+ <name>searchTimeLimit</name>
+ <value>10000</value>
+ </option>
+ </options>
+ </identity-store>
+ </identity-stores>
+ </stores>
+</jboss-identity>
\ No newline at end of file
Copied: idm/trunk/idm-testsuite/src/test/resources/test-identity-config-sunds.xml (from
rev 676, idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml)
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/test-identity-config-sunds.xml
(rev 0)
+++ idm/trunk/idm-testsuite/src/test/resources/test-identity-config-sunds.xml 2009-08-07
22:56:43 UTC (rev 681)
@@ -0,0 +1,910 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<jboss-identity xmlns="urn:jboss:identity:idm:config:v1_0_beta"
+
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="urn:jboss:identity:idm:config:v1_0_beta
identity-config.xsd">
+ <realms>
+ <realm>
+ <id>realm://RedHat/DB</id>
+ <repository-id-ref>RedHat Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB</id>
+ <repository-id-ref>Sample Portal Repository DB</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://RedHat/DB_LDAP</id>
+ <repository-id-ref>RedHat Repository DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ <realm>
+ <id>realm://portal/SamplePortal/DB_LDAP</id>
+ <repository-id-ref>Sample Portal Repository
DB+LDAP</repository-id-ref>
+ <identity-type-mappings>
+ <user-mapping>USER</user-mapping>
+ </identity-type-mappings>
+ </realm>
+ </realms>
+ <repositories>
+ <repository>
+ <id>RedHat Repository DB</id>
+
<class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity
Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity
Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB</id>
+
<class>org.jboss.identity.idm.impl.repository.WrapperIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity
Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity
Store</default-attribute-store-id>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>RedHat Repository DB+LDAP</id>
+
<class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity
Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity
Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity
Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>PROJECT</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+
<identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+
<value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ <repository>
+ <id>Sample Portal Repository DB+LDAP</id>
+
<class>org.jboss.identity.idm.impl.repository.FallbackIdentityStoreRepository</class>
+ <external-config/>
+ <default-identity-store-id>Hibernate Identity
Store</default-identity-store-id>
+ <default-attribute-store-id>Hibernate Identity
Store</default-attribute-store-id>
+ <identity-store-mappings>
+ <identity-store-mapping>
+ <identity-store-id>Hibernate Identity
Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>SYSTEM</identity-object-type>
+
<identity-object-type>ADMINISTRATION</identity-object-type>
+ <identity-object-type>COMMUNITY</identity-object-type>
+ <identity-object-type>DIVISION</identity-object-type>
+ <identity-object-type>SECURITY</identity-object-type>
+ <identity-object-type>PEOPLE</identity-object-type>
+ </identity-object-types>
+ <options/>
+ </identity-store-mapping>
+ <identity-store-mapping>
+ <identity-store-id>LDAP Identity Store</identity-store-id>
+ <identity-object-types>
+ <identity-object-type>USER</identity-object-type>
+ <identity-object-type>DEPARTMENT</identity-object-type>
+ <identity-object-type>ORGANIZATION</identity-object-type>
+
<identity-object-type>ORGANIZATION_UNIT</identity-object-type>
+ <identity-object-type>OFFICE</identity-object-type>
+ </identity-object-types>
+ <options>
+ <option>
+ <name>cache</name>
+ <value>false</value>
+ </option>
+ <option>
+ <name>cache.provider.class</name>
+
<value>org.jboss.identity.idm.impl.cache.IdentityStoreCacheProviderImpl</value>
+ </option>
+ <option>
+ <name>cache.config-file</name>
+ <value>jboss-cache-config.xml</value>
+ </option>
+ </options>
+ </identity-store-mapping>
+ </identity-store-mappings>
+ <options>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </repository>
+ </repositories>
+ <stores>
+ <attribute-stores/>
+ <identity-stores>
+ <identity-store>
+ <id>Hibernate Identity Store</id>
+
<class>org.jboss.identity.idm.impl.store.hibernate.HibernateIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+
<relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ <relationship-type>JBOSS_IDENTITY_ROLE</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships>
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>COMMUNITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>OFFICE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>SECURITY</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>PROJECT</identity-object-type-ref>-->
+ <!--</relationship>-->
+ <!--<relationship>-->
+
<!--<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>-->
+
<!--<identity-object-type-ref>PEOPLE</identity-object-type-ref>-->
+ <!--</relationship>-->
+ </relationships>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>picture</name>
+ <mapping>user.picture</mapping>
+ <type>binary</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DIVISION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>PEOPLE</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>PROJECT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DIVISION</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PROJECT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>PEOPLE</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ADMINISTRATION</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>COMMUNITY</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SECURITY</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ <identity-object-type>
+ <name>SYSTEM</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_ROLE</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>SECURITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>COMMUNITY</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options/>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <!--<option>-->
+ <!--<name>hibernateConfiguration</name>-->
+ <!--<value>hibernate-jboss-identity.cfg.xml</value>-->
+ <!--</option>-->
+ <option>
+ <name>hibernateSessionFactoryJNDIName</name>
+
<value>java:/jbossidentity/HibernateStoreSessionFactory</value>
+ </option>
+ <option>
+ <name>populateRelationshipTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>populateIdentityObjectTypes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>isRealmAware</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowNotDefinedAttributes</name>
+ <value>true</value>
+ </option>
+ </options>
+ </identity-store>
+ <identity-store>
+ <id>LDAP Identity Store</id>
+
<class>org.jboss.identity.idm.impl.store.ldap.LDAPIdentityStoreImpl</class>
+ <external-config/>
+ <supported-relationship-types>
+
<relationship-type>JBOSS_IDENTITY_MEMBERSHIP</relationship-type>
+ </supported-relationship-types>
+ <supported-identity-object-types>
+ <identity-object-type>
+ <name>USER</name>
+ <relationships/>
+ <credentials>
+ <credential-type>PASSWORD</credential-type>
+ </credentials>
+ <attributes>
+ <attribute>
+ <name>phone</name>
+ <mapping>telephoneNumber</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>description</name>
+ <mapping>description</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>carLicense</name>
+ <mapping>carLicense</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ </attribute>
+ <attribute>
+ <name>email</name>
+ <mapping>mail</mapping>
+ <type>text</type>
+ <isRequired>false</isRequired>
+ <isMultivalued>false</isMultivalued>
+ <isReadOnly>false</isReadOnly>
+ <isUnique>true</isUnique>
+ </attribute>
+ </attributes>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>uid</value>
+ </option>
+ <option>
+ <name>passwordAttributeName</name>
+ <value>userPassword</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=inetOrgPerson</value>
+ <value>sn= </value>
+ <value>cn= </value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ORGANIZATION_UNIT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>OFFICE</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>DEPARTMENT</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>DEPARTMENT</identity-object-type-ref>
+ </relationship>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>ORGANIZATION_UNIT</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>OFFICE</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>GROUP</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ROLE</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ </supported-identity-object-types>
+ <options>
+ <option>
+ <name>providerURL</name>
+ <value>ldap://dev39.qa.atl.jboss.com:1389</value>
+ </option>
+ <option>
+ <name>adminDN</name>
+ <value>cn=Directory Manager</value>
+ </option>
+ <option>
+ <name>adminPassword</name>
+ <value>testldap</value>
+ </option>
+ <option>
+ <name>searchTimeLimit</name>
+ <value>10000</value>
+ </option>
+ </options>
+ </identity-store>
+ </identity-stores>
+ </stores>
+</jboss-identity>
\ No newline at end of file
Modified: idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml
===================================================================
--- idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml 2009-08-07
21:17:36 UTC (rev 680)
+++ idm/trunk/idm-testsuite/src/test/resources/test-identity-config.xml 2009-08-07
22:56:43 UTC (rev 681)
@@ -558,7 +558,7 @@
</option>
<option>
<name>ctxDNs</name>
-
<value>ou=People,o=test,dc=portal,dc=example,dc=com</value>
+
<value>ou=People,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
</option>
<option>
<name>allowCreateEntry</name>
@@ -606,7 +606,7 @@
</option>
<option>
<name>ctxDNs</name>
-
<value>ou=Organizations,o=test,dc=portal,dc=example,dc=com</value>
+
<value>ou=Organizations,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
</option>
<!--<option>-->
<!--<name>entrySearchFilter</name>-->
@@ -617,11 +617,11 @@
<value>true</value>
</option>
<option>
- <name>membershipAttributeName</name>
+ <name>parentMembershipAttributeName</name>
<value>member</value>
</option>
<option>
- <name>isMembershipAttributeDN</name>
+ <name>isParentMembershipAttributeDN</name>
<value>true</value>
</option>
<option>
@@ -664,7 +664,7 @@
</option>
<option>
<name>ctxDNs</name>
-
<value>ou=OrganizationUnits,o=test,dc=portal,dc=example,dc=com</value>
+
<value>ou=OrganizationUnits,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
</option>
<!--<option>-->
<!--<name>entrySearchFilter</name>-->
@@ -675,11 +675,11 @@
<value>true</value>
</option>
<option>
- <name>membershipAttributeName</name>
+ <name>parentMembershipAttributeName</name>
<value>member</value>
</option>
<option>
- <name>isMembershipAttributeDN</name>
+ <name>isParentMembershipAttributeDN</name>
<value>true</value>
</option>
<option>
@@ -718,7 +718,7 @@
</option>
<option>
<name>ctxDNs</name>
-
<value>ou=Departments,o=test,dc=portal,dc=example,dc=com</value>
+
<value>ou=Departments,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
</option>
<!--<option>-->
<!--<name>entrySearchFilter</name>-->
@@ -729,11 +729,11 @@
<value>true</value>
</option>
<option>
- <name>membershipAttributeName</name>
+ <name>parentMembershipAttributeName</name>
<value>member</value>
</option>
<option>
- <name>isMembershipAttributeDN</name>
+ <name>isParentMembershipAttributeDN</name>
<value>true</value>
</option>
<option>
@@ -764,7 +764,7 @@
</option>
<option>
<name>ctxDNs</name>
-
<value>ou=Offices,o=test,dc=portal,dc=example,dc=com</value>
+
<value>ou=Offices,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
</option>
<!--<option>-->
<!--<name>entrySearchFilter</name>-->
@@ -775,11 +775,11 @@
<value>true</value>
</option>
<option>
- <name>membershipAttributeName</name>
+ <name>parentMembershipAttributeName</name>
<value>member</value>
</option>
<option>
- <name>isMembershipAttributeDN</name>
+ <name>isParentMembershipAttributeDN</name>
<value>true</value>
</option>
<option>
@@ -793,6 +793,98 @@
</option>
</options>
</identity-object-type>
+ <identity-object-type>
+ <name>GROUP</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Groups,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
+ <identity-object-type>
+ <name>ROLE</name>
+ <relationships>
+ <relationship>
+
<relationship-type-ref>JBOSS_IDENTITY_MEMBERSHIP</relationship-type-ref>
+
<identity-object-type-ref>USER</identity-object-type-ref>
+ </relationship>
+ </relationships>
+ <credentials/>
+ <attributes/>
+ <options>
+ <option>
+ <name>idAttributeName</name>
+ <value>cn</value>
+ </option>
+ <option>
+ <name>ctxDNs</name>
+
<value>ou=Roles,o=test,o=trunk,o=idm,o=jbid,dc=example,dc=com</value>
+ </option>
+ <!--<option>-->
+ <!--<name>entrySearchFilter</name>-->
+ <!--<value></value>-->
+ <!--</option>-->
+ <option>
+ <name>allowCreateEntry</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>parentMembershipAttributeName</name>
+ <value>member</value>
+ </option>
+ <option>
+ <name>isParentMembershipAttributeDN</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>allowEmptyMemberships</name>
+ <value>true</value>
+ </option>
+ <option>
+ <name>createEntryAttributeValues</name>
+ <value>objectClass=top</value>
+ <value>objectClass=groupOfNames</value>
+ </option>
+ </options>
+ </identity-object-type>
</supported-identity-object-types>
<options>
<option>