Hi, I wonder if you had a chance to look at this response? Thank you.
From: Idan Fridman Sent: Sunday, November 17, 2013 10:21 AM To: [email protected] Subject: RE: [cas-user] Re: [cas-user] השב: [cas-user] SingleRowJdbcPersonAttributeDao is not returning the whole records in resultset Hi, I tried the MultiRowJdbcPersonAttributeDao way. It didn’t work. This time I didn’t get any permissions at all: If you run the select straight on DB you get this results: Permissions Name ROLE_PERMISSIONS_MY_EVENTS ROLE_PERMISSIONS_CREATE_EVENTS Now this is the new code after modifying it into MultiRowJdbcPersonAttributeDao: <bean class="org.jasig.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao"> <constructor-arg index="0" ref="dataSource"/> <constructor-arg index="1" value="select distinct p.PERMISSION_NAME from PERMISSIONS p,USERS_PROFILE u,ROLES_PERMISSIONS rp, USERNAME_ROLES ur where Username=ur.LOGINNAME and ur.roleId=rp.ROLE_ID and rp.PERMISSION_ID=p.PERMISSION_ID and {0}"/> <property name="nameValueColumnMappings"> <map> <entry key="PERMISSION_NAME" value="PERMISSION_NAME" /> </map> </property> <property name="queryAttributeMapping"> <map> <entry key="username" value="Username"/> </map> </property> <property name="resultAttributeMapping"> <map> <entry key="PERMISSION_NAME" value="PERMISSIONS"/> </map> </property> </bean> And this is the result from CAS logs: 2013-11-17 10:14:23,571 DEBUG [org.jasig.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao] - <Adding attribute 'Username' with value '[ifridman]' to query builder 'null'> 2013-11-17 10:14:23,572 DEBUG [org.jasig.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao] - <Generated query builder 'sql=[Username = ?] args=[ifridman]' from query Map {username=[ifridman]}.> 2013-11-17 10:14:23,595 DEBUG [org.jasig.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao] - <Executed 'select distinct p.PERMISSION_NAME from PERMISSIONS p,USERS_PROFILE u,ROLES_PERMISSIONS rp, USERNAME_ROLES ur where Username=ur.LOGINNAME and ur.roleId=rp.ROLE_ID and rp.PERMISSION_ID=p.PERMISSION_ID and {0}' with arguments [ifridman] and got results [{PERMISSION_NAME=ROLE_PERMISSIONS_MY_EVENTS}, {PERMISSION_NAME=ROLE_PERMISSIONS_CREATE_EVENTS}]> 2013-11-17 10:14:23,619 DEBUG [org.jasig.services.persondir.support.MergingPersonAttributeDaoImpl] - <Retrieved attributes='[NamedPersonImpl[name=ifridman,attributes={}]]' for query='{username=[ifridman]}', isFirstQuery=false, currentlyConsidering='org.jasig.services.persondir.support.jdbc.MultiRowJdbcPersonAttributeDao@207c9fcf', resultAttributes='null'> As you can see this time I don’t even get the first result. I get none results. Any ideas? Kind of desperate with this issue. Thanks. From: KaTeLmE [mailto:[email protected]] Sent: Saturday, November 16, 2013 12:13 AM To: [email protected]<mailto:[email protected]> Subject: [cas-user] Re: [cas-user] השב: [cas-user] SingleRowJdbcPersonAttributeDao is not returning the whole records in resultset In your case you must use a MultiRowJdbcPersonAttributeDao. https://wiki.jasig.org/display/PDM15/JDBC+Attribute+Source http://developer.jasig.org/projects/person-directory/1.5.0-RC3/apidocs/org/jasig/services/persondir/support/jdbc/MultiRowJdbcPersonAttributeDao.html 2013/11/15 Idan Fridman <[email protected]<mailto:[email protected]>> Hi, The attr which returning is 'permissions list' each user when logging in will get back all its permissions for authorization purposes. Now since this scheme is normalized each permission being retrieved on different row. Thqtsan example of sql select from deployerConfig.xml: deployerConfigContext.xml: <bean class="org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao"> <constructor-arg index="0" ref="dataSource"/> <constructor-arg index="1" value="select distinct p.PERMISSION_NAME from PERMISSIONS p,USERS_PROFILE u,ROLES_PERMISSIONS rp, USERNAME_ROLES ur where Username=ur.LOGINNAME and ur.roleId=rp.ROLE_ID and rp.PER:-) MISSION_ID=p.PERMISSION_ID and {0}"/> <property name="queryAttributeMapping"> <map> <entry key="username" value="Username"/> </map> </property> <property name="resultAttributeMapping"> <map> <entry key="PERMISSION_NAME" value="PERMISSIONS"/> </map> </property> </bean> If we look at the ligs cas we actually see all permissions retrieved but not being past ton to the SAML request: 2013-11-14 14:16:33,384 DEBUG [org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttributeDao] - <Executed 'select distinct p.PERMISSION_NAME from PERMISSIONS p,USERS_PROFILE u,ROLES_PERMISSIONS rp, USERNAME_ROLES ur where Username=ur.LOGINNAME and ur.roleId=rp.ROLE_ID and rp.PERMISSION_ID=p.PERMISSION_ID and {0}' with arguments [ifridman] and got results [{PERMISSION_NAME=ROLE_PERMISSIONS_MY_EVENTS}, {PERMISSION_NAME=ROLE_PERMISSIONS_CREATE_EVENTS}]> We can see here clearly we get two results from the DB: ROLE_PERMISSIONS_MY_EVENTS ROLE_PERMISSIONS_CREATE_EVENTS However only the first one is returned: 2013-11-14 14:16:33,409 DEBUG [org.jasig.services.persondir.support.MergingPersonAttributeDaoImpl] - <Retrieved attributes='[NamedPersonImpl[name=ifridman,attributes={PERMISSIONS=[ROLE_PERMISSIONS_MY_EVENTS]}]]' for query='{username=[ifridman]}', isFirstQuery=false, currentlyConsidering='org.jasig.services.persondir.support.jdbc.SingleRowJdbcPersonAttribute ... Thanks ----- Reply message ----- מאת: "Alberto Cabello Sánchez" <[email protected]<mailto:[email protected]>> אל: "[email protected]<mailto:[email protected]>" <[email protected]<mailto:[email protected]>> עותק: "Idan Fridman" <[email protected]<mailto:[email protected]>> נושא: [cas-user] SingleRowJdbcPersonAttributeDao is not returning the whole records in resultset תאריך: יום ו׳, נוב 15, 2013 17:44 El Fri, 15 Nov 2013 14:40:18 +0000 Idan Fridman <[email protected]<mailto:[email protected]>> escribió: > So in case I have resultset from jdbc which contains more than one record I > won't > be able to retrieve all of them via casify client? I think SingleRowJdbcPersonAttributeDao works assuming a data layout of a_user_id attr1 attr2 ... attrN another_user attr1 attr2 ... attrN a_3rd_user attr1 attr2 ... attrN I can hardly imagine how do you could need more than a row for just an user. If, for a strange reason, you have something like a_user_id attr1 attr2 attr3 ... attrN same_user attr1 attr2 attr3 ... attrN What attr set is supposed to be used? Even in that case, if you know how to manage such schema, you could build a database view with the merged attributes. Except if you want to have multi-valued attributes, in which case I fear it's not supported. -- Alberto Cabello Sánchez <[email protected]<mailto:[email protected]>> This e-mail and the information it contains may be privileged and/or confidential. It is intended solely for the use of the named recipient(s). If you are not the intended recipient you may not disclose, copy, distribute or retain any part of this message or attachments. If you have received this e-mail in error please notify the sender immediately [by clicking 'Reply'] and delete this e-mail. -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user This e-mail and the information it contains may be privileged and/or confidential. It is intended solely for the use of the named recipient(s). If you are not the intended recipient you may not disclose, copy, distribute or retain any part of this message or attachments. If you have received this e-mail in error please notify the sender immediately [by clicking 'Reply'] and delete this e-mail. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
