I can not understand. Having this structure LDAP Version: 1
dn: ou = agents, fdr dc =, dc = com objectClass: MyOU objectClass: organizationalUnit objectClass: top ou: myou MyPassword: myPassValue MyUser: myUserValue Description: Tree root dn: uid = user1, ou = agents, fdr dc =, dc = com objectClass: inetOrgPerson objectClass: organizationalPerson objectClass: person objectClass: top cn: user1 sn: user1 Description: Tree root uid: user1 userPassword:: e1NTSEF9T1BiUHgwS3ZXQStBVmcrTnlOSGhkUFFtNitCbm5zSkduZ3lkY3c9P Q == How can I retrieve information for MyUser and MyPassword logging in as user1? Best regards Thanks _________________________________________ Paolo Giammarco / Capgemini / Rome, Italy Consultant / Java Factory e-mail: [email protected] tel: +39 06231901 _________________________________________ ________________________________________ Da: Marvin Addison [[email protected]] Inviato: venerdì 11 giugno 2010 15.27 A: [email protected] Oggetto: Re: [cas-user] Ldap Query > I need to extract attributes from my OpenLDAP server. > These attributes are on the upper branch of the user I'm authenticated. > There is no way to tell LdapPersonAttributeDao also recover that information? This is a common case that CAS supports nicely. The definition for the LDAP search query for the authentication handler is entirely separate from that of the PersonDirectory LdapPersonAttributeDao. Just define the search base of LdapPersonAttributeDao so it searches higher up in your directory tree, e.g.: <bean class="org.jasig.cas.adaptors.ldap.BindLdapAuthenticationHandler"> <property name="filter" value="uupid=%u" /> <property name="searchBase" value="ou=SomeDepartment,ou=People,dc=vt,dc=edu" /> <property name="contextSource" ref="contextSourceBean" /> </bean> <bean id="attributeRepository" class="org.jasig.services.persondir.support.ldap.LdapPersonAttributeDao"> p:contextSource-ref="pooledContextSourceBean" p:baseDN="ou=People,dc=vt,dc=edu" p:requireAllQueryAttributes="true"> <property name="queryAttributeMapping"> <map> <entry key="username" value="uupid" /> </map> </property> <!-- Attribute mapping beetween LDAP (key) and principal (value). Value may be either String or Set of String for multivalued mappings. --> <property name="resultAttributeMapping"> <map> <entry key="accountState" value="accountState" /> <entry key="groupMembership" value="groupMembership" /> <entry key="passwordState" value="passwordState" /> <entry key="uid" value="uid" /> <entry key="virginiaTechAffiliation" value="virginiaTechAffiliation" /> </map> </property> </bean> M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
