[uportal-dev] SmartLdapGroupStore plus MediatingFactoryBean

Tue, 24 Nov 2009 14:00:49 -0800

I am struggling with SmartLdapGroupStore spring configuration.  I would like to use the org.jasig.portal.spring.beans.factory.MediatingFactoryBean to allow two versions of the ldap config - one has the parameter values in the SmartLdapGroupStore.xml and the other uses parameter values that are defined as jndi resources in the Tomcat context.xml.  The idea allow commands such as ant crn-import run without changing the ldap config files. 

The configuration works fine when running under Tomcat but not on the command line.  The strategy also works perfectly for the portal datasource but from the command line the SmartLdapGroupStore initialization fails even when using the mediating bean.  Can anyone shed some light on this? 

My SmartLdapGroupStore.xml (except for some redacted values) is attached.
Thanks for any insights.
Susan
--

Susan Bramhall ([email protected])
Senior Developer, Infrastructure Systems and Architecture (formerly T&P)
Yale University Information Technology Services (ITS)
25 Science Park, 150 Munson St, New Haven, CT 06520
Phone:  203 432 6697

-- 

You are currently subscribed to [email protected] as: [email protected]
To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/uportal-dev



<?xml version="1.0" encoding="UTF-8"?>
<!--

    Copyright (c) 2000-2009, Jasig, Inc.
    See license distributed with this file and available online at
    https://www.ja-sig.org/svn/jasig-parent/tags/rel-10/license-header.txt

-->
<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd";>

<beans>
    <bean id="ldapContext" class="org.jasig.portal.spring.beans.factory.MediatingFactoryBean">
        <property name="type" value="org.springframework.ldap.core.support.LdapContextSource" />
        <property name="delegateBeanNames">
            <list>
                <value>JNDILdapContext</value>
                <value>LocalLdapContext</value>
            </list>
        </property>
    </bean>
    
    <bean id="LocalLdapContext" class="org.springframework.ldap.core.support.LdapContextSource">
        <property name="password" value="pw"/>
        <property name="userDn" value="user"/>
        <property name="url" value="ldaps://domain.yale.edu"/>       
    </bean>
    

 <!--
     | This bean is the ContextSource instance that will be used to connect to LDAP.
     | properties are externalized to jndi context file
     +-->
    <bean id="JNDILdapContext" class="org.springframework.ldap.core.support.LdapContextSource">
    <property name="url">
     <bean class="org.springframework.jndi.JndiObjectFactoryBean">
      <property name="jndiName" value="java:comp/env/ad-ldap/config/url"/>
     </bean>
    </property>
  
     <property name="userDn">
     <bean class="org.springframework.jndi.JndiObjectFactoryBean">
      <property name="jndiName" value="java:comp/env/ad-ldap/config/userDn"/>
     </bean>
    </property>
  
    <property name="password">
     <bean class="org.springframework.jndi.JndiObjectFactoryBean">
      <property name="jndiName" value="java:comp/env/ad-ldap/config/password"/>
     </bean>
    </property>
  
 </bean>


 <!--
     | BaseDn that will be passed to the search (not to the context).
     |
     | WARNING:  If you get an error like this...
     |   ...PartialResultException: [LDAP: error code 10...
     | it probably means your baseDn isn't correct!
     +-->
    <bean id="baseDn" class="org.jasig.portal.spring.beans.factory.MediatingFactoryBean">
        <property name="type" value="java.lang.String" />
        <property name="delegateBeanNames">
            <list>
                <value>JNDIBaseDN</value>
                <value>LocalBaseDn</value>
            </list>
        </property>
    </bean>
    <bean id="JNDIBaseDN" class="org.springframework.jndi.JndiObjectFactoryBean">
        <property name="jndiName" value="java:comp/env/ad-ldap/config/groupOu"></property>       
    </bean>

    <bean id="LocalBaseDn" class="java.lang.String">
        <constructor-arg><value>ou</value></constructor-arg>
    </bean>
    
 <!--
     | NOTE:  The remaining examples in this file are configured correctly for 
     | Active Directory servers.
     +-->

 <!--
     | LDAP query string that will be passed to the search.
     +-->
 <bean id="filter" class="java.lang.String">
  <constructor-arg>
   <value>(&amp;(objectClass=group)(objectCategory=group))</value>
  </constructor-arg>
 </bean>

 <!--
     | This bean identifies the name of the Person Attribute that
     | lists the SmartLdap groups each person is a member of.
     +-->
 <bean id="memberOfAttributeName" class="java.lang.String">
  <constructor-arg>
   <value>memberOf</value>
  </constructor-arg>
 </bean>

 <!--
     | This bean identifies the org.springframework.ldap.core.AttributesMapper
     | implementation used in reading the groups records from LDAP.
     +-->
 <bean id="attributesMapper" class="org.jasig.portal.groups.smartldap.SimpleAttributesMapper">
  <!--
         | Name of the group attribute that tells you its key.
         +-->
  <property name="keyAttributeName">
   <value>distinguishedName</value>
  </property>
  <!--
         | Name of the group attribute that tells you its name.
         +-->
  <property name="groupNameAttributeName">
   <value>cn</value>
  </property>
  <!--
         | Name of the group attribute that lists its members.
         +-->
  <property name="membershipAttributeName">
   <value>member</value>
  </property>
 </bean>

</beans>

Reply via email to