In your case you must use a MultiRowJdbcPersonAttributeDao.

https://wiki.jasig.org/display/PDM15/JDBC+Attribute+Source
http://developer.jasig.org/projects/person-directory/1.5.0-RC3/apidocs/org/jasig/services/persondir/support/jdbc/MultiRowJdbcPersonAttributeDao.html


2013/11/15 Idan Fridman <[email protected]>

>   Hi,
> The attr which returning is 'permissions list' each user when logging in
> will get back all its permissions for authorization purposes. Now since
> this scheme is normalized each permission being retrieved on different row.
> Thqtsan example of sql select from deployerConfig.xml:
>
>  deployerConfigContext.xml:
>
> <bean
> class="org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao">
>             <constructor-arg index="0" ref="dataSource"/>
>             <constructor-arg index="1" value="select distinct
> p.PERMISSION_NAME from PERMISSIONS p,USERS_PROFILE u,ROLES_PERMISSIONS rp,
> USERNAME_ROLES ur
>                         where Username=ur.LOGINNAME and
> ur.roleId=rp.ROLE_ID and rp.PER:-) MISSION_ID=p.PERMISSION_ID and {0}"/>
>             <property name="queryAttributeMapping">
>               <map>
>                 <entry key="username" value="Username"/>
>               </map>
>             </property>
>             <property name="resultAttributeMapping">
>               <map>
>                 <entry key="PERMISSION_NAME" value="PERMISSIONS"/>
>               </map>
>             </property>
>           </bean>
>
>  If we look at the ligs cas we actually see all permissions retrieved but
> not being  past ton to the SAML request:
>
>
>
>  2013-11-14 14:16:33,384 DEBUG
> [org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao]
> - <Executed 'select distinct p.PERMISSION_NAME from PERMISSIONS
> p,USERS_PROFILE u,ROLES_PERMISSIONS rp, USERNAME_ROLES ur     where
> Username=ur.LOGINNAME and ur.roleId=rp.ROLE_ID and
> rp.PERMISSION_ID=p.PERMISSION_ID and {0}' with arguments [ifridman] and got
> results
>  [{PERMISSION_NAME=ROLE_PERMISSIONS_MY_EVENTS},
> {PERMISSION_NAME=ROLE_PERMISSIONS_CREATE_EVENTS}]>
>
> We can see here clearly we get two results from the DB:
> ROLE_PERMISSIONS_MY_EVENTS
> ROLE_PERMISSIONS_CREATE_EVENTS
>
> However only the first one is returned:
>
> 2013-11-14 14:16:33,409 DEBUG
>
> [org.jasig.services.persondir.support.MergingPersonAttributeDaoImpl] -
> <Retrieved
> attributes='[NamedPersonImpl[name=ifridman,attributes={PERMISSIONS=[ROLE_PERMISSIONS_MY_EVENTS]}]]'
> for query='{username=[ifridman]}', isFirstQuery=false,
> currentlyConsidering='org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttribute
>  ...
>
>  Thanks
>
>
>
> ----- Reply message -----
> מאת: "Alberto Cabello Sánchez" <[email protected]>
> אל: "[email protected]" <[email protected]>
> עותק: "Idan Fridman" <[email protected]>
> נושא: [cas-user] SingleRowJdbcPersonAttributeDao is not returning the
> whole records in resultset
> תאריך: יום ו׳, נוב 15, 2013 17:44
>
>  El Fri, 15 Nov 2013 14:40:18 +0000
> Idan Fridman <[email protected]> escribió:
>
> > So in case I have resultset from jdbc which contains more than one
> record I won't
> > be able to retrieve all of them via casify client?
>
> I think SingleRowJdbcPersonAttributeDao works assuming a data layout of
>
> a_user_id attr1 attr2 ... attrN
> another_user attr1 attr2 ... attrN
> a_3rd_user attr1 attr2 ... attrN
>
> I can hardly imagine how do you could need more than a row for just an
> user.
> If, for a strange reason, you have something like
>
> a_user_id attr1 attr2 attr3 ... attrN
> same_user attr1 attr2 attr3 ... attrN
>
> What attr set is supposed to be used?
>
> Even in that case, if you know how to manage such schema, you could build a
> database view with the merged attributes.
> Except if you want to have multi-valued attributes, in which case I fear
> it's not supported.
>
> --
> Alberto Cabello Sánchez <[email protected]>
>  This e-mail and the information it contains may be privileged and/or
> confidential. It is intended solely for the use of the named recipient(s).
> If you are not the intended recipient you may not disclose, copy,
> distribute or retain any part of this message or attachments. If you have
> received this e-mail in error please notify the sender immediately [by
> clicking 'Reply'] and delete this e-mail.
>
> --
>
> You are currently subscribed to [email protected] as: [email protected]
>
> To unsubscribe, change settings or access archives, see 
> http://www.ja-sig.org/wiki/display/JSG/cas-user
>
>

-- 
You are currently subscribed to [email protected] as: 
[email protected]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/cas-user

Reply via email to