Marteau Christophe wrote: > > For those who are interrested in deploying Ldap Service Registry.
Disclaimer: I'm not really familiar with the CAS service registry since up to now I don't deploy it myself but I'm always curious looking at LDAP schema files. ;-) Just looking at the schema for now I have some remarks/questions which you might want to consider: 1. It would be nice to have a description of the semantics of the attribute types and the valid values. Maybe a reference to the accompanying CAS service property would be sufficient? 2. The attribute types casServiceEnabled and casServiceSsoEnabled look just like boolean flags. How about using LDAP syntax Boolean 1.3.6.1.4.1.1466.115.121.1.7 (TRUE/FALSE) for these? Then a schema-aware LDAP client is able to provide a more restrictive input field for these attributes. 3. Object class 'casService' is STRUCTURAL which seems appropriate at first glance. I guess the CAS service entries are also managed by the built-in CAS service manager application? Now if one wants to add more administrative data (e.g. attribute 'manager' pointing to the entry of the responsible admin, etc.) how is that done? One could specify a new STRUCTURAL object class like this: objectclass ( <oid> NAME 'myCASService' STRUCTURAL SUP ( casService $ applicationProcess ) ) But is the CAS service manager application capable to handle this? Another option would be to add an AUXILIARY object class as supplemental class to an entry with object class 'casService'. But how does the manager app handle this? Ciao, Michael. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
