[uportal-dev] Retrieving Person Attributes from LDAP (UPortal 2.6.1 GA)

[Matthew Phillipps]

Request from a new uPortal developer:

 

I have successfully enabled LDAP authentication following instructions
gleaned from the wonderful community resources freely available (wiki
and mailing list archives).

 

However, I want to populate the iPerson attributes for a user from the
same LDAP source.

 

It would seem that I should just be able to edit personDirectory.xml to:

1.      Disable the use of the JDBC Person Attribute Source
2.      Enable the use of the LDAP Person Attribute Source

 

Which I have done.  But it is not populating the attributes as expected.
In fact - they are all defined, but empty.  

 

As our ldap source is not the same as the example, I have had to modify
the mapping of elements.

 

Here is a fragment of my code from personDirectory.xml:

 

       <!-- LDAP Person Attribute Source, uses the default ILdapServer
via the LdapServices.getDefaultLdapServer method call -->

       <bean id="uPortalLdapAttributeSource"
class="org.jasig.portal.services.persondir.support.LdapPersonAttributeDa
oImpl">

              <property name="ldapServer">

                     <ref bean="defaultLdapServer"/>

              </property>

              <property name="queryAttributes">

                     <list>

                           <value>username</value>

                     </list>

              </property>

              

              <property name="query">

                     <value>(cn={0})</value>

              </property>

              

 

              <property name="ldapAttributesToPortalAttributes">

                     <map>

                           <entry key="uid">
<value>uid</value></entry>

                           <entry key="affiliation">

 
<set>

 
<value>affiliation</value>

 
<value>uPortalTemplateUserName</value>

 
</set>

                           </entry>

                           <entry key="anuStaffType">
<value>anuStaffType</value></entry>

                           <entry key="departmentNumber">

                                                    <set>

 
<value>departmentNumber</value>

 
<value>user.department</value>

                                                    </set>

        </entry>

                           <entry key="c">
<value>c</value></entry>

                           <entry key="cn">
<value>cn</value></entry>

                           <entry key="telephoneNumber">
<value>telephoneNumber</value></entry>

                           <entry key="givenName">

                                                    <set>

 
<value>givenName</value>

 
<value>user.name.given</value>

                                                    </set>

        </entry>

                           <entry key="l">
<value>l</value></entry>

                           <entry key="mail">

                                                    <set>

 
<value>mail</value>

 
<value>user.home-info.online.email</value>

                                                    </set>

        </entry>

                           <entry key="o">
<value>o</value></entry>

                           <entry key="ou">
<value>ou</value></entry>

                           <entry key="sn">

                                                    <set>

                                                      <value>sn</value>

 
<value>user.name.family</value>

                                                    </set>

        </entry>

                           <entry key="telephoneNumber">
<value>telephoneNumber</value></entry>

                     </map>

              </property>

       </bean>

       

       <bean id="defaultLdapServer"
class="org.springframework.beans.factory.config.MethodInvokingFactoryBea
n">

              <property name="staticMethod">

 
<value>org.jasig.portal.ldap.LdapServices.getDefaultLdapServer</value>

              </property>

 

Is there something that I am missing?

 

NOTE: I am *NOT* using ldap.properties, but I am using ldap.xml.

 

The log file indicates that:

1.      When a user is authenticated the name is returned (which is
good), but the name appears to be discarded when the user is
auto-created
2.      There are ERRORs interpreting ldap.xml, but these do not
interfere with authentication

 

The 3 ERRORs (from the log) are:

ERROR [main] utils.SAXErrorHandler.[] (SAXErrorHandler.java:38) Feb/06
11:58:03 - ResourceLoader.getResourceAsDocument(/properties/ldap.xml)

org.xml.sax.SAXParseException: Document is invalid: no grammar found.

 

ERROR [main] utils.SAXErrorHandler.[] (SAXErrorHandler.java:38) Feb/06
11:58:03 - ResourceLoader.getResourceAsDocument(/properties/ldap.xml)

org.xml.sax.SAXParseException: Document root element "ldapConnections",
must match DOCTYPE root "null".

 

ERROR [http-8080-Processor25] provider.SimpleLdapSecurityContext.[]
(SimpleLdapSecurityContext.java:199) Feb/06 11:58:34 - Principal or
OpaqueCredentials not initialized prior to authenticate

 

 

Successful authentication, returning the name, is logged as:

DEBUG [http-8080-Processor25] provider.SimpleLdapSecurityContext.[]
(SimpleLdapSecurityContext.java:164) Feb/06 11:58:18 -
SimpleLdapSecurityContext: User u8808913 (Matthew Anthony John
Phillipps) is authenticated

 

Thanks

Matthew

__________________________________________________

Matthew Phillipps

Enterprise Systems Program

Division of Information

 

Building 3K

The Australian National University

Canberra ACT 0200

Ph: +61 2 6125 9337

Fx: +61 2 6125 0449

 

CRICOS Provider #00120C

 


-- 
You are currently subscribed to uportal-dev@lists.ja-sig.org as: [EMAIL 
PROTECTED]
To unsubscribe, change settings or access archives, see 
http://www.ja-sig.org/wiki/display/JSG/uportal-dev