Versions Compared

Old Version 4

changes.mady.by.user Laura McCord

Saved on

compared with

New Version Current

changes.mady.by.user Jen Bourey

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

...

Add the following entry in uportal-implwar/src/main/resources/properties/groups/compositeGroupServices.xml:

Code Block
xml
xml

<service>
  <name>smartldap</name>
  <service_factory>org.jasig.portal.groups.ReferenceIndividualGroupServiceFactory</service_factory>
  <entity_store_factory>org.jasig.portal.groups.smartldap.SmartLdapEntityStore$Factory</entity_store_factory>
  <group_store_factory>org.jasig.portal.groups.smartldap.SmartLdapGroupStore$Factory</group_store_factory>
  <entity_searcher_factory>org.jasig.portal.groups.smartldap.SmartLdapEntitySearcher$Factory</entity_searcher_factory>
  <internally_managed>false</internally_managed>
  <caching_enabled>true</caching_enabled>
</service>

...

Next, you must configure SmartLdapGroupStore itself in the uportal-implwar/src/main/resources/properties/groups/SmartLdapGroupStoreConfig.xml file.

...

Example SmartLdapGroupStoreConfig.xml
Code Block
xml
xml

<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">

<beans>

    <!--
     | This bean is the ContextSource instance that will be used to connect to LDAP.
     +-->
    <bean id="ldapContext" class="org.springframework.ldap.core.support.LdapContextSource">
        <property name="url" value="changeme"/>
        <property name="userDn" value="changeme"/>
        <property name="password" value="changeme"/>
    </bean>

    <!--
     | Period, in seconds, after which SmartLdap will drop and re-init the groups 
     | tree.  A value of zero or less (negative) disables this feature.
     +-->
    <bean id="groupsTreeRefreshIntervalSeconds" class="java.lang.Long">
        <constructor-arg><value>900</value></constructor-arg>
    </bean>

    <!--
     | BaseDn that will be passed to the search (not to the context).
     |
     | WARNING:  If you get an error like this...
     |   ...PartialResultException: [LDAP: error code 10...
     | it probably means your baseDn isn't correct!
     +-->
    <bean id="baseDn" class="java.lang.String">
        <constructor-arg><value>changeme</value></constructor-arg>
    </bean>

    <!--
     | NOTE:  The remaining examples in this file are configured correctly for 
     | Active Directory servers.
     +-->

    <!--
     | LDAP query string that will be passed to the search.
     +-->
    <bean id="filter" class="java.lang.String">
        <constructor-arg><value>(objectCategory=group)</value></constructor-arg>
    </bean>

    <!--
     | These beans tell smartLdap whether to gather additional groups that are 
     | members of groups returned by the first baseDn and filter, and where to 
     | look if so.
     |
     |   - resolveMemberGroups=[true|false]
     |   - resolveDn={a different, broader baseDn than the one above}
     |
     | Here's how it works:  smartLdap will first collect all groups under the 
     | baseDn specified above.  If 'resolveMemberGroups' is enabled, it will 
     | also search for additional groups (found within the 'resolveDn' specified 
     | here) that are members of groups in the first collection.
     +-->
    <bean id="resolveMemberGroups" class="java.lang.Boolean">
        <constructor-arg><value>false</value></constructor-arg>
    </bean>
    <bean id="resolveDn" class="java.lang.String">
        <constructor-arg><value>changeme</value></constructor-arg>
    </bean>

    <!--
     | This bean identifies the name of the Person Attribute that
     | lists the SmartLdap groups each person is a member of.
     +-->
    <bean id="memberOfAttributeName" class="java.lang.String">
        <constructor-arg><value>memberOf</value></constructor-arg>
    </bean>

    <!--
     | This bean identifies the org.springframework.ldap.core.AttributesMapper
     | implementation used in reading the groups records from LDAP.
     +-->
    <bean id="attributesMapper" class="org.jasig.portal.groups.smartldap.SimpleAttributesMapper">
        <!--
         | Name of the group attribute that tells you its key.
         +-->
        <property name="keyAttributeName">
            <value>distinguishedName</value>
        </property>
        <!--
         | Name of the group attribute that tells you its name.
         +-->
        <property name="groupNameAttributeName">
            <value>cn</value>
        </property>
        <!--
         | Name of the group attribute that lists its members.
         +-->
        <property name="membershipAttributeName">
            <value>member</value>
        </property>
    </bean>

</beans>

...

You must define a Person Attribute that contains the distinguishedName of each group he/she is a member of, and it must have the name provided above.

...

 

Please send us feedback at uportal-user@lists.ja-sig.org
Info
iconfalse
titleHaving problems with these instructions?
Additional References