Author: bdaw
Date: 2007-04-30 05:25:49 -0400 (Mon, 30 Apr 2007)
New Revision: 7139
Added:
trunk/identity/src/resources/test/config/staticgroup/
trunk/identity/src/resources/test/config/staticgroup/rhds-config-nonDNMember.xml
trunk/identity/src/resources/test/config/staticrole/rhds-config-nonDNMember.xml
trunk/test/src/etc/ldap/ldif/initial-tests-qa-nonDNMember.ldif
Modified:
trunk/identity/build.xml
trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPStaticGroupMembershipModuleImpl.java
trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPStaticRoleMembershipModuleImpl.java
trunk/test/src/etc/directories-staticgroupmembership.xml
trunk/test/src/etc/directories-staticrolemembership.xml
Log:
- [JBPORTAL-1366] LDAP membership not handled properly for member attribute not as DN. Bug
fix + test cases
Modified: trunk/identity/build.xml
===================================================================
--- trunk/identity/build.xml 2007-04-30 09:06:19 UTC (rev 7138)
+++ trunk/identity/build.xml 2007-04-30 09:25:49 UTC (rev 7139)
@@ -456,12 +456,12 @@
<!--<test todir="${test.reports}"
name="org.jboss.portal.test.identity.db.DBIdentityTestCase"/>-->
<!--<test todir="${test.reports}"
name="org.jboss.portal.test.identity.ldap.LDAPIdentityTestCase"/>-->
<!--<test todir="${test.reports}"
name="org.jboss.portal.test.identity.ldap.LDAPSimpleUserModuleTestCase"/>-->
- <!--<test todir="${test.reports}"
name="org.jboss.portal.test.identity.ldap.LDAPSimpleRoleModuleTestCase"/>
+ <!--<test todir="${test.reports}"
name="org.jboss.portal.test.identity.ldap.LDAPSimpleRoleModuleTestCase"/>-->
<test todir="${test.reports}"
name="org.jboss.portal.test.identity.ldap.LDAPStaticGroupMembershipModuleTestCase"/>
- <test todir="${test.reports}"
name="org.jboss.portal.test.identity.ldap.LDAPStaticRoleMembershipModuleTestCase"/>
- <test todir="${test.reports}"
name="org.jboss.portal.test.identity.ldap.LDAPUserProfileModuleTestCase"/>-->
- <test todir="${test.reports}"
name="org.jboss.portal.test.identity.ldap.LDAPExtUserModuleTestCase"/>
- <test todir="${test.reports}"
name="org.jboss.portal.test.identity.ldap.LDAPExtRoleModuleTestCase"/>
+ <!--<test todir="${test.reports}"
name="org.jboss.portal.test.identity.ldap.LDAPStaticRoleMembershipModuleTestCase"/>-->
+ <!--<test todir="${test.reports}"
name="org.jboss.portal.test.identity.ldap.LDAPUserProfileModuleTestCase"/>-->
+ <!--<test todir="${test.reports}"
name="org.jboss.portal.test.identity.ldap.LDAPExtUserModuleTestCase"/>
+ <test todir="${test.reports}"
name="org.jboss.portal.test.identity.ldap.LDAPExtRoleModuleTestCase"/>-->
</x-test>
<x-classpath>
<pathelement
location="${build.lib}/portal-identity-lib.jar"/>
Modified:
trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPStaticGroupMembershipModuleImpl.java
===================================================================
---
trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPStaticGroupMembershipModuleImpl.java 2007-04-30
09:06:19 UTC (rev 7138)
+++
trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPStaticGroupMembershipModuleImpl.java 2007-04-30
09:25:49 UTC (rev 7139)
@@ -79,7 +79,7 @@
String memberName = "";
- if (isUidAttributeIsDN())
+ if (isUidAttributeIsDN())
{
memberName = ldapUser.getDn();
}
@@ -175,14 +175,13 @@
try
{
//if user is pointed as DN get only it's name
- if (!isUidAttributeIsDN())
+ if (isUidAttributeIsDN())
{
- name = LDAPTools.stripDnToName(name);
- users.add(getUserModule().findUserByUserName(name));
+ users.add(getUserModule().findUserByDN(name));
}
else
{
- users.add(getUserModule().findUserByDN(name));
+ users.add(getUserModule().findUserByUserName(name));
}
}
catch(IdentityException ie)
Modified:
trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPStaticRoleMembershipModuleImpl.java
===================================================================
---
trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPStaticRoleMembershipModuleImpl.java 2007-04-30
09:06:19 UTC (rev 7138)
+++
trunk/identity/src/main/org/jboss/portal/identity/ldap/LDAPStaticRoleMembershipModuleImpl.java 2007-04-30
09:25:49 UTC (rev 7139)
@@ -108,14 +108,13 @@
try
{
//if user is pointed as DN get only it's name
- if (!isUidAttributeIsDN())
+ if (isUidAttributeIsDN())
{
- name = LDAPTools.stripDnToName(name);
- roles.add(getRoleModule().findRoleByName(name));
+ roles.add(getRoleModule().findRoleByDN(name));
}
else
{
- roles.add(getRoleModule().findRoleByDN(name));
+ roles.add(getRoleModule().findRoleByName(name));
}
}
catch(IdentityException ie)
Added: trunk/identity/src/resources/test/config/staticgroup/rhds-config-nonDNMember.xml
===================================================================
--- trunk/identity/src/resources/test/config/staticgroup/rhds-config-nonDNMember.xml
(rev 0)
+++
trunk/identity/src/resources/test/config/staticgroup/rhds-config-nonDNMember.xml 2007-04-30
09:25:49 UTC (rev 7139)
@@ -0,0 +1,147 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ ~ JBoss, a division of Red Hat ~
+ ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~
+ ~ contributors as indicated by the @authors tag. See the ~
+ ~ copyright.txt in the distribution for a full listing of ~
+ ~ individual contributors. ~
+ ~ ~
+ ~ This is free software; you can redistribute it and/or modify it ~
+ ~ under the terms of the GNU Lesser General Public License as ~
+ ~ published by the Free Software Foundation; either version 2.1 of ~
+ ~ the License, or (at your option) any later version. ~
+ ~ ~
+ ~ This software is distributed in the hope that it will be useful, ~
+ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~
+ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~
+ ~ Lesser General Public License for more details. ~
+ ~ ~
+ ~ You should have received a copy of the GNU Lesser General Public ~
+ ~ License along with this software; if not, write to the Free ~
+ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~
+ ~ 02110-1301 USA, or see the FSF site:
http://www.fsf.org. ~
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~-->
+
+ <!--<!DOCTYPE identity-configuration PUBLIC
+ "-//JBoss Portal//DTD JBoss Identity Configuration 1.0//EN"
+ "http://www.jboss.org/portal/dtd/identity-config_1_0.dtd">-->
+
+<identity-configuration>
+ <datasources>
+ <datasource>
+ <name>LDAP</name>
+ <config>
+ <option>
+ <name>host</name>
+ <value>dev39.qa.atl.jboss.com</value>
+ </option>
+ <option>
+ <name>port</name>
+ <value>10389</value>
+ </option>
+ <option>
+ <name>adminDN</name>
+ <value>cn=Directory Manager</value>
+ </option>
+ <option>
+ <name>adminPassword</name>
+ <value>qpq123qpq</value>
+ </option>
+ </config>
+ </datasource>
+ </datasources>
+ <modules>
+ <module>
+ <!--type used to correctly map in IdentityContext registry-->
+ <type>User</type>
+ <implementation>LDAP</implementation>
+ <config/>
+ </module>
+ <module>
+ <type>Role</type>
+ <implementation>LDAP</implementation>
+ <config/>
+ </module>
+ <module>
+ <type>Membership</type>
+ <implementation>LDAP</implementation>
+ <config/>
+ </module>
+
+ <module>
+ <type>UserProfile</type>
+ <implementation>DELEGATING</implementation>
+ <config>
+ <option>
+ <name>profileConfigFile</name>
+ <value>test/config/profile-config.xml</value>
+ </option>
+ <option>
+ <name>ldapModuleJNDIName</name>
+ <value>java:/portal/LDAPUserProfileModule</value>
+ </option>
+ </config>
+ </module>
+ <module>
+ <type>DBDelegateUserProfile</type>
+ <implementation>DB</implementation>
+ <config/>
+ </module>
+ <module>
+ <type>LDAPDelegateUserProfile</type>
+ <implementation>LDAP</implementation>
+ <config/>
+ </module>
+ </modules>
+
+ <options>
+ <option-group>
+ <group-name>common</group-name>
+ <option>
+ <name>userCtxDN</name>
+
<value>ou=People,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com</value>
+ </option>
+ <option>
+ <name>roleCtxDN</name>
+
<value>ou=Roles,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com</value>
+ </option>
+ <option>
+ <name>membershipAttributeIsDN</name>
+ <value>false</value>
+ </option>
+ </option-group>
+ <option-group>
+ <group-name>userCreateAttibutes</group-name>
+ <option>
+ <name>objectClass</name>
+ <!--This objectclasses should work with Red Hat Directory-->
+ <value>top</value>
+ <value>person</value>
+ <value>inetOrgPerson</value>
+ </option>
+ <!--Schema requires those to have initial value-->
+ <option>
+ <name>cn</name>
+ <value>none</value>
+ </option>
+ <option>
+ <name>sn</name>
+ <value>none</value>
+ </option>
+ </option-group>
+ <option-group>
+ <group-name>roleCreateAttibutes</group-name>
+ <!--Schema requires those to have initial value-->
+ <option>
+ <name>cn</name>
+ <value>none</value>
+ </option>
+ <!--Some directory servers require this attribute to be valid DN-->
+ <!--For safety reasons point to the admin user here-->
+ <option>
+ <name>member</name>
+
<value>uid=dummynonexistinguser,ou=People,dc=jboss,dc=org</value>
+ </option>
+ </option-group>
+ </options>
+</identity-configuration>
\ No newline at end of file
Added: trunk/identity/src/resources/test/config/staticrole/rhds-config-nonDNMember.xml
===================================================================
--- trunk/identity/src/resources/test/config/staticrole/rhds-config-nonDNMember.xml
(rev 0)
+++
trunk/identity/src/resources/test/config/staticrole/rhds-config-nonDNMember.xml 2007-04-30
09:25:49 UTC (rev 7139)
@@ -0,0 +1,152 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ ~ JBoss, a division of Red Hat ~
+ ~ Copyright 2006, Red Hat Middleware, LLC, and individual ~
+ ~ contributors as indicated by the @authors tag. See the ~
+ ~ copyright.txt in the distribution for a full listing of ~
+ ~ individual contributors. ~
+ ~ ~
+ ~ This is free software; you can redistribute it and/or modify it ~
+ ~ under the terms of the GNU Lesser General Public License as ~
+ ~ published by the Free Software Foundation; either version 2.1 of ~
+ ~ the License, or (at your option) any later version. ~
+ ~ ~
+ ~ This software is distributed in the hope that it will be useful, ~
+ ~ but WITHOUT ANY WARRANTY; without even the implied warranty of ~
+ ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ~
+ ~ Lesser General Public License for more details. ~
+ ~ ~
+ ~ You should have received a copy of the GNU Lesser General Public ~
+ ~ License along with this software; if not, write to the Free ~
+ ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA ~
+ ~ 02110-1301 USA, or see the FSF site:
http://www.fsf.org. ~
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~-->
+
+ <!--<!DOCTYPE identity-configuration PUBLIC
+ "-//JBoss Portal//DTD JBoss Identity Configuration 1.0//EN"
+ "http://www.jboss.org/portal/dtd/identity-config_1_0.dtd">-->
+
+<identity-configuration>
+ <datasources>
+ <datasource>
+ <name>LDAP</name>
+ <config>
+ <option>
+ <name>host</name>
+ <value>dev39.qa.atl.jboss.com</value>
+ </option>
+ <option>
+ <name>port</name>
+ <value>10389</value>
+ </option>
+ <option>
+ <name>adminDN</name>
+ <value>cn=Directory Manager</value>
+ </option>
+ <option>
+ <name>adminPassword</name>
+ <value>qpq123qpq</value>
+ </option>
+ </config>
+ </datasource>
+ </datasources>
+ <modules>
+ <module>
+ <!--type used to correctly map in IdentityContext registry-->
+ <type>User</type>
+ <implementation>LDAP</implementation>
+ <config/>
+ </module>
+ <module>
+ <type>Role</type>
+ <implementation>LDAP</implementation>
+ <config/>
+ </module>
+ <module>
+ <type>Membership</type>
+ <implementation>LDAP</implementation>
+
<class>org.jboss.portal.identity.ldap.LDAPStaticRoleMembershipModuleImpl</class>
+ <config/>
+ </module>
+
+ <module>
+ <type>UserProfile</type>
+ <implementation>DELEGATING</implementation>
+ <config>
+ <option>
+ <name>profileConfigFile</name>
+ <value>test/config/profile-config.xml</value>
+ </option>
+ <option>
+ <name>ldapModuleJNDIName</name>
+ <value>java:/portal/LDAPUserProfileModule</value>
+ </option>
+ </config>
+ </module>
+ <module>
+ <type>DBDelegateUserProfile</type>
+ <implementation>DB</implementation>
+ <config/>
+ </module>
+ <module>
+ <type>LDAPDelegateUserProfile</type>
+ <implementation>LDAP</implementation>
+ <config/>
+ </module>
+ </modules>
+
+ <options>
+ <option-group>
+ <group-name>common</group-name>
+ <option>
+ <name>userCtxDN</name>
+
<value>ou=People,o=example2,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com</value>
+ </option>
+ <option>
+ <name>roleCtxDN</name>
+
<value>ou=Roles,o=example2,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com</value>
+ </option>
+ <option>
+ <name>membershipAttributeID</name>
+ <value>memberOf</value>
+ </option>
+ <option>
+ <name>membershipAttributeIsDN</name>
+ <value>false</value>
+ </option>
+ </option-group>
+ <option-group>
+ <group-name>userCreateAttibutes</group-name>
+ <option>
+ <name>objectClass</name>
+ <!--This objectclasses should work with Red Hat Directory-->
+ <value>top</value>
+ <value>person</value>
+ <value>inetOrgPerson</value>
+ <value>inetUser</value>
+ </option>
+ <!--Schema requires those to have initial value-->
+ <option>
+ <name>cn</name>
+ <value>none</value>
+ </option>
+ <option>
+ <name>sn</name>
+ <value>none</value>
+ </option>
+ </option-group>
+ <option-group>
+ <group-name>roleCreateAttibutes</group-name>
+ <!--Schema requires those to have initial value-->
+ <option>
+ <name>cn</name>
+ <value>none</value>
+ </option>
+ <option>
+ <name>objectClass</name>
+ <value>top</value>
+ <value>organizationalRole</value>
+ </option>
+ </option-group>
+ </options>
+</identity-configuration>
\ No newline at end of file
Modified: trunk/test/src/etc/directories-staticgroupmembership.xml
===================================================================
--- trunk/test/src/etc/directories-staticgroupmembership.xml 2007-04-30 09:06:19 UTC (rev
7138)
+++ trunk/test/src/etc/directories-staticgroupmembership.xml 2007-04-30 09:25:49 UTC (rev
7139)
@@ -53,6 +53,21 @@
<cleanup-dn>dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com</cleanup-dn>
</directory>
<directory>
+ <directory-name>RedHatDS</directory-name>
+ <description>RedHat Directory in QA Labs (need vpn
access)</description>
+
+
<config-file>test/config/staticgroup/rhds-config-nonDNMember.xml</config-file>
+ <host>dev39.qa.atl.jboss.com</host>
+ <port>10389</port>
+ <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory>
+ <admin-dn>cn=Directory Manager</admin-dn>
+ <admin-password>qpq123qpq</admin-password>
+
+
<populate-ldif>ldap/ldif/initial-tests-qa-nonDNMember.ldif</populate-ldif>
+
+
<cleanup-dn>dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com</cleanup-dn>
+ </directory>
+ <directory>
<directory-name>OpenLDAP</directory-name>
<description>OpenLDAP Directory in QA Labs (need vpn
access)</description>
Modified: trunk/test/src/etc/directories-staticrolemembership.xml
===================================================================
--- trunk/test/src/etc/directories-staticrolemembership.xml 2007-04-30 09:06:19 UTC (rev
7138)
+++ trunk/test/src/etc/directories-staticrolemembership.xml 2007-04-30 09:25:49 UTC (rev
7139)
@@ -52,6 +52,21 @@
<cleanup-dn>dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com</cleanup-dn>
</directory>
+ <directory>
+ <directory-name>RedHatDS</directory-name>
+ <description>RedHat Directory in QA Labs (need vpn
access)</description>
+
+
<config-file>test/config/staticrole/rhds-config-nonDNMember.xml</config-file>
+ <host>dev39.qa.atl.jboss.com</host>
+ <port>10389</port>
+ <context-factory>com.sun.jndi.ldap.LdapCtxFactory</context-factory>
+ <admin-dn>cn=Directory Manager</admin-dn>
+ <admin-password>qpq123qpq</admin-password>
+
+
<populate-ldif>ldap/ldif/initial-tests-qa-nonDNMember.ldif</populate-ldif>
+
+
<cleanup-dn>dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com</cleanup-dn>
+ </directory>
<!--<directory>
<directory-name>OpenLDAP</directory-name>
<description>OpenLDAP Directory in QA Labs (need vpn
access)</description>
Added: trunk/test/src/etc/ldap/ldif/initial-tests-qa-nonDNMember.ldif
===================================================================
--- trunk/test/src/etc/ldap/ldif/initial-tests-qa-nonDNMember.ldif
(rev 0)
+++ trunk/test/src/etc/ldap/ldif/initial-tests-qa-nonDNMember.ldif 2007-04-30 09:25:49 UTC
(rev 7139)
@@ -0,0 +1,194 @@
+dn: dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectclass: top
+objectclass: dcObject
+objectclass: organization
+dc: testsuite
+o: testsuite
+
+dn: ou=People,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: People
+
+dn: uid=jduke,ou=People,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: jduke
+cn: Java Duke
+sn: Duke
+userPassword: theduke
+mail: email(a)email.com
+
+dn: uid=jduke1,ou=People,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: jduke1
+cn: Java Duke1
+sn: Duke1
+userPassword: theduke
+mail: email(a)email.com
+
+
+dn: uid=jduke2,ou=People,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: jduke2
+cn: Java Duke2
+sn: Duke2
+userPassword: theduke
+mail: email(a)email.com
+
+dn: uid=jduke3,ou=People,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: jduke3
+cn: Java Duke3
+sn: Duke3
+userPassword: theduke
+mail: email(a)email.com
+
+dn: uid=jduke4,ou=People,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: person
+uid: jduke4
+cn: Java Duke4
+sn: Duke4
+userPassword: theduke
+mail: email(a)email.com
+
+dn: ou=Roles,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Roles
+
+dn: cn=Echo,ou=Roles,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: Echo
+description: the JBossAdmin group
+member: jduke1
+member: jduke3
+member: jduke4
+
+dn: cn=Echo1,ou=Roles,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectClass: top
+objectClass: groupOfNames
+cn: Echo1
+description: the JBossAdmin group 2
+member: duke2
+member: jduke3
+member: jduke5
+
+dn: cn=TheDuke,ou=Roles,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectClass: groupOfNames
+objectClass: top
+cn: TheDuke
+description: TheDuke role context
+member: jduke
+
+
+# tree2
+dn: o=example2,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectclass: top
+objectclass: organization
+o: example2
+
+dn: ou=People,o=example2,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: People
+
+dn: uid=jduke,ou=People,o=example2,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: inetUser
+uid: jduke
+cn: Java Duke
+sn: Duke
+userPassword: theduke
+mail: email(a)email.com
+memberOf: Echo
+
+dn: uid=jduke1,ou=People,o=example2,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: inetUser
+uid: jduke1
+cn: Java Duke1
+sn: Duke1
+userPassword: theduke
+mail: email(a)email.com
+memberOf: Echo
+memberOf: Echo1
+
+
+dn: uid=jduke2,ou=People,o=example2,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: inetUser
+uid: jduke2
+cn: Java Duke2
+sn: Duke2
+userPassword: theduke
+mail: email(a)email.com
+memberOf: Echo
+memberOf: Echo1
+memberOf: TheDuke
+
+
+dn: uid=jduke3,ou=People,o=example2,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: inetUser
+uid: jduke3
+cn: Java Duke3
+sn: Duke3
+userPassword: theduke
+mail: email(a)email.com
+
+dn: uid=jduke4,ou=People,o=example2,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectclass: top
+objectclass: inetOrgPerson
+objectclass: inetUser
+uid: jduke4
+cn: Java Duke4
+sn: Duke4
+userPassword: theduke
+mail: email(a)email.com
+
+dn: ou=Roles,o=example2,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectclass: top
+objectclass: organizationalUnit
+ou: Roles
+
+dn: cn=Echo,ou=Roles,o=example2,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectClass: top
+objectClass: organizationalRole
+cn: Echo
+description: the JBossAdmin group
+
+dn: cn=Echo1,ou=Roles,o=example2,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectClass: top
+objectClass: organizationalRole
+cn: Echo1
+description: the JBossAdmin group 2
+
+
+dn: cn=TheDuke,ou=Roles,o=example2,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectClass: top
+objectClass: organizationalRole
+cn: TheDuke
+description: TheDuke role context
+
+dn: cn=EmptyRole,ou=Roles,o=example2,dc=testsuite,dc=portal,dc=qa,dc=atl,dc=jboss,dc=com
+objectClass: top
+objectClass: organizationalRole
+cn: EmptyRole
+description: EmptyRole role context
+
+