In your case you must use a MultiRowJdbcPersonAttributeDao. https://wiki.jasig.org/display/PDM15/JDBC+Attribute+Source http://developer.jasig.org/projects/person-directory/1.5.0-RC3/apidocs/org/jasig/services/persondir/support/jdbc/MultiRowJdbcPersonAttributeDao.html
2013/11/15 Idan Fridman <[email protected]> > Hi, > The attr which returning is 'permissions list' each user when logging in > will get back all its permissions for authorization purposes. Now since > this scheme is normalized each permission being retrieved on different row. > Thqtsan example of sql select from deployerConfig.xml: > > deployerConfigContext.xml: > > <bean > class="org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao"> > <constructor-arg index="0" ref="dataSource"/> > <constructor-arg index="1" value="select distinct > p.PERMISSION_NAME from PERMISSIONS p,USERS_PROFILE u,ROLES_PERMISSIONS rp, > USERNAME_ROLES ur > where Username=ur.LOGINNAME and > ur.roleId=rp.ROLE_ID and rp.PER:-) MISSION_ID=p.PERMISSION_ID and {0}"/> > <property name="queryAttributeMapping"> > <map> > <entry key="username" value="Username"/> > </map> > </property> > <property name="resultAttributeMapping"> > <map> > <entry key="PERMISSION_NAME" value="PERMISSIONS"/> > </map> > </property> > </bean> > > If we look at the ligs cas we actually see all permissions retrieved but > not being past ton to the SAML request: > > > > 2013-11-14 14:16:33,384 DEBUG > [org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao] > - <Executed 'select distinct p.PERMISSION_NAME from PERMISSIONS > p,USERS_PROFILE u,ROLES_PERMISSIONS rp, USERNAME_ROLES ur where > Username=ur.LOGINNAME and ur.roleId=rp.ROLE_ID and > rp.PERMISSION_ID=p.PERMISSION_ID and {0}' with arguments [ifridman] and got > results > [{PERMISSION_NAME=ROLE_PERMISSIONS_MY_EVENTS}, > {PERMISSION_NAME=ROLE_PERMISSIONS_CREATE_EVENTS}]> > > We can see here clearly we get two results from the DB: > ROLE_PERMISSIONS_MY_EVENTS > ROLE_PERMISSIONS_CREATE_EVENTS > > However only the first one is returned: > > 2013-11-14 14:16:33,409 DEBUG > > [org.jasig.services.persondir.support.MergingPersonAttributeDaoImpl] - > <Retrieved > attributes='[NamedPersonImpl[name=ifridman,attributes={PERMISSIONS=[ROLE_PERMISSIONS_MY_EVENTS]}]]' > for query='{username=[ifridman]}', isFirstQuery=false, > currentlyConsidering='org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttribute > ... > > Thanks > > > > ----- Reply message ----- > מאת: "Alberto Cabello Sánchez" <[email protected]> > אל: "[email protected]" <[email protected]> > עותק: "Idan Fridman" <[email protected]> > נושא: [cas-user] SingleRowJdbcPersonAttributeDao is not returning the > whole records in resultset > תאריך: יום ו׳, נוב 15, 2013 17:44 > > El Fri, 15 Nov 2013 14:40:18 +0000 > Idan Fridman <[email protected]> escribió: > > > So in case I have resultset from jdbc which contains more than one > record I won't > > be able to retrieve all of them via casify client? > > I think SingleRowJdbcPersonAttributeDao works assuming a data layout of > > a_user_id attr1 attr2 ... attrN > another_user attr1 attr2 ... attrN > a_3rd_user attr1 attr2 ... attrN > > I can hardly imagine how do you could need more than a row for just an > user. > If, for a strange reason, you have something like > > a_user_id attr1 attr2 attr3 ... attrN > same_user attr1 attr2 attr3 ... attrN > > What attr set is supposed to be used? > > Even in that case, if you know how to manage such schema, you could build a > database view with the merged attributes. > Except if you want to have multi-valued attributes, in which case I fear > it's not supported. > > -- > Alberto Cabello Sánchez <[email protected]> > This e-mail and the information it contains may be privileged and/or > confidential. It is intended solely for the use of the named recipient(s). > If you are not the intended recipient you may not disclose, copy, > distribute or retain any part of this message or attachments. If you have > received this e-mail in error please notify the sender immediately [by > clicking 'Reply'] and delete this e-mail. > > -- > > You are currently subscribed to [email protected] as: [email protected] > > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
