hello,
your extension point is targetting LDAPDirectoryFactory whereas it shoud use
MultiDirectoryFactory in order to achieve a multi directory configuration.
Below is the skeleton of the contributions you need
*default-ldap-directories-bundle.xml*
<?xml version="1.0"?>
<component name="org.nuxeo.ecm.directory.ldap.storage">
<implementation class="org.nuxeo.ecm.directory.ldap.LDAPDirectoryDescriptor"
/>
<implementation class="org.nuxeo.ecm.directory.ldap.LDAPServerDescriptor" />
<require>org.nuxeo.ecm.directory.sql.storage</require>
<require>org.nuxeo.ecm.platform.usermanager.UserManagerImpl</require>
<require>org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory</require>
<require>org.nuxeo.ecm.directory.multi.MultiDirectoryFactory</require>
<extension target="org.nuxeo.ecm.directory.multi.MultiDirectoryFactory"
point="directories">
<directory name="userDirectory">
<schema>user</schema>
<idField>username</idField>
<passwordField>password</passwordField>
<source name="ldap" creation="false">
<subDirectory name="userDirectoryLdap"/>
</source>
<source name="sql" creation="true">
<subDirectory name="userDirectorySql"/>
</source>
</directory>
</extension>
<extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory"
point="servers">
<!-- Configuration of a server connection
A single server declaration can point to a cluster of replicated
servers (using OpenLDAP's slapd + sluprd for instance). To leverage
such a cluster and improve availibility, please provide one
<ldapUrl/> tag for each replica of the cluster.
-->
<server name="default">
<ldapUrl>ldap://localhost:389</ldapUrl>
<!-- Optional servers from the same cluster for failover
and load balancing:-->
<!-- Credentials used by Nuxeo5 to browse the directory, create
and modify entries.
Only the authentication of users (bind) use the credentials entered
through the login form if any.
-->
<bindDn>cn=nuxeo5,ou=applications,dc=example,dc=com</bindDn>
<bindPassword>changeme</bindPassword>
</server>
</extension>
<extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory"
point="directories">
<directory name="userDirectoryLdap">
<server>default</server>
<schema>user</schema>
<idField>username</idField>
<passwordField>password</passwordField>
<searchBaseDn>ou=people,dc=example,dc=com</searchBaseDn>
<searchClass>person</searchClass>
<!-- To additionally restricte entries you can add an
arbitrary search filter such as the following:
<searchFilter>(&(sn=toto*)(myCustomAttribute=somevalue))</searchFilter>
Beware that "&" writes "&" in XML.
-->
<!-- use subtree if the people branch is nested -->
<searchScope>onelevel</searchScope>
<!-- using 'subany', search will match *toto*. use 'subfinal' to
match *toto and 'subinitial' to match toto*. subinitial is the
default behaviour-->
<substringMatchType>subany</substringMatchType>
<readOnly>true</readOnly>
<!-- comment <cache* /> tags to disable the cache -->
<!-- cache timeout in seconds -->
<cacheTimeout>3600</cacheTimeout>
<!-- maximum number of cached entries before global invalidation -->
<cacheMaxSize>1000</cacheMaxSize>
<!--
If the id field is not returned by the search, we set it with the
searched entry, probably the login.
Before setting it, you can change its case. Accepted values are
'lower' and 'upper',
anything else will not change the case.
-->
<missingIdFieldCase>lower</missingIdFieldCase>
<!-- Maximum number of entries returned by the search -->
<querySizeLimit>200</querySizeLimit>
<!-- Time to wait for a search to finish. 0 to wait indefinitely -->
<queryTimeLimit>0</queryTimeLimit>
<creationBaseDn>ou=people,dc=example,dc=com</creationBaseDn>
<creationClass>top</creationClass>
<creationClass>person</creationClass>
<creationClass>organizationalPerson</creationClass>
<creationClass>inetOrgPerson</creationClass>
<rdnAttribute>uid</rdnAttribute>
<fieldMapping name="username">uid</fieldMapping>
<fieldMapping name="password">userPassword</fieldMapping>
<fieldMapping name="firstName">givenName</fieldMapping>
<fieldMapping name="lastName">sn</fieldMapping>
<fieldMapping name="company">o</fieldMapping>
<fieldMapping name="email">mail</fieldMapping>
<references>
<inverseReference field="groups" directory="groupDirectory"
dualReferenceField="members" />
</references>
</directory>
</extension>
</component>
* default-sql-directories-bundle.xml
<?xml version="1.0"?>
<component name="org.nuxeo.ecm.directory.sql.storage">
<implementation class="org.nuxeo.ecm.directory.sql.SQLDirectoryDescriptor" />
<require>org.nuxeo.ecm.directory.sql.SQLDirectoryFactory</require>
<extension target="org.nuxeo.ecm.directory.sql.SQLDirectoryFactory"
point="directories">
<directory name="userDirectorySql">
<schema>user</schema>
<dataSource>java:/nxsqldirectory</dataSource>
<table>users</table>
<idField>username</idField>
<passwordField>password</passwordField>
<autoincrementIdField>false</autoincrementIdField>
<dataFile>users.csv</dataFile>
<createTablePolicy>on_missing_columns</createTablePolicy>
<querySizeLimit>15</querySizeLimit>
<references>
<inverseReference field="groups" directory="groupDirectorySql"
dualReferenceField="members" />
</references>
</directory>
</extension>
</component>
Hope this will help you.
Thierry
--
Posted by "tmartins" at Nuxeo Discussions <http://nuxeo.org/discussions>
View the complete thread:
<http://www.nuxeo.org/discussions/thread.jspa?threadID=3154#10256>
_______________________________________________
ECM mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm
To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm
