Hi Kishore, Thanks for the nice explanation...
This is doable - we have an extension for this. You need to have an implementation of IdentityAttributeService - there you can add any custom attributes/values to the response... Thanks & regards, -Prabath On Wed, Mar 9, 2011 at 9:50 PM, Kishore R <[email protected]> wrote: > > For example we created a user call testuser in the LDAP and assume he is a meember of Testing group. > > user : testuser > groups : Testing > > So when I run STS Client, the STS Token (saml token) being generated by the wso2 server. I am interested in seeing the attribute value Testing in the STS Token generated. because currently I was able to configure the claims managemet and added new claims and also updated the existing claims to get the attributes info. defined in the user DN of LDAP > > Assume for user I have following attributes > FirstName, LastName, DOB, SSN, Country etc., and I configued the Claims Management Claims Dialect to map to the LDAP-User attributes ex: sn for LastName where sn is defined in the LDAP > > But I am not sure how to configure for the groups because groups is not part of User DN as it is a different DN and I dont have the ability to configure and fetch through the STS Token like I did for the User DN attributes. > > Please let me know I can provide you more info on this. > > Thanks > Kishore > > > > > --- On Tue, 3/8/11, Prabath Siriwardana <[email protected]> wrote: > > From: Prabath Siriwardana <[email protected]> > Subject: Re: WSO2 - LDAP - Groups Mapping Data > To: "Kishore R" <[email protected]> > Cc: "carbon-dev-group" <[email protected]> > Date: Tuesday, March 8, 2011, 9:28 PM > > [added carbon-dev-group] > Hi Kishore; > >>but the missing things it is just showing all instead I would like to see only the groups which the user is member of. How can I see that info. Also I would like to configure claims to get >>the groups info. > This is a very valid requirement. Although we have underlying API ti get this info - currently UI is unable to display this.. We need to add this support... Can you please create a JIRA for this... > >> for the user I loggedIn but when I configure claims I was able to do it only for the users not for the groups. because lets cn represents a group name, but cn also defined in the users >>section so it always fetch the user's cn rather than groups cn ...how can I do that ? > Please elaborate more in this.. Do you want the ability to define claims for a group - in other words a group profile..? > Thanks & regards, > -Prabath > > On Wed, Mar 9, 2011 at 4:20 AM, Kishore R <[email protected]> wrote: > > Hi Prabath > > I was wondering how we can retirve the groups from the LDAP for a specific user. > > These are the steps I followed > > 1. we installed the LDAP. setup the users and the groups > > 2. I installed wso2 3.x version and configured the user-mgmt.xml in the conf folder with the LDAP configuration > > 3. I did login into the wso2 with credentials defined in the LDAP (ex: testuser/testuser (un /pwd) defined in the ldap > > 4. I was also able to authenticate with STS with my testclient programmatically and able to get the STS token successfully with the user in the LDAP > > Here are the things I would like to try but I wasnt able to can you please help me on this. > > when I login to wso2 as a testuser I can see all the info. lets say I created some attributed for first name, last name, email etc,, and I configured the claims management with the attributes I can see the info. in the profile. > > Also I can see all the groups (in the roles section of wso2) available in the LDAP in the wso2 console. but the missing things it is just showing all instead I would like to see only the groups which the user is member of. How can I see that info. Also I would like to configure claims to get the groups info. for the user I loggedIn but when I configure claims I was able to do it only for the users not for the groups. because lets cn represents a group name, but cn also defined in the users section so it always fetch the user's cn rather than groups cn ...how can I do that ? > > Please help me in this evaluation > > Thanks > Kishore > > > > -- > Thanks & Regards, > Prabath > > http://blog.facilelogin.com > http://RampartFAQ.com > -- Thanks & Regards, Prabath http://blog.facilelogin.com http://RampartFAQ.com
_______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
