This section includes examples of the userProfile.xml file and ldapUserProfile.xml file, set up to show the implicit linking configuration described in the previous section.
Sample userProfile.xml file
The following code sample shows the SQL profile repository definition file, userProfile.xml, set up to support an LDAP-based user directory. (Note that the example includes only the relevant section of this file.)
<gsa-template> <item-descriptor name="user"> <table name="dps_user"> <!-- Remove properties which are in LDAP --> <property name="password" xml-combine="remove"/> <property name="email" xml-combine="remove"/> <property name="firstName" xml-combine="remove"/> <property name="lastName" xml-combine="remove"/> <!-- Replicate unique id property into LDAP --> <property name="login" property-type="atg.adapter.gsa.ReplicatePropertyDescriptor"> <attribute name="replicateProperty" value="ldapUser.login"/> </property> </table> <!-- Add property which points to the LDAP item --> <property name="ldapUser" property-type="atg.repository.linked.RepositoryLinkPropertyDescriptor" repository="/atg/adapter/ldap/LDAPRepository" item-type="user"> <!-- cascade="insert,update,delete"> --> <attribute name="uniqueIdPropertyLocal" value="login"/> <attribute name="uniqueIdPropertyRemote" value="login"/> </property> </item-descriptor> <item-descriptor name="organization"> <!-- add a link property --> <property name="ldapOrganization" property-type="atg.repository.linked.RepositoryLinkPropertyDescriptor" repository="/atg/adapter/ldap/LDAPRepository" item-type="organizationalUnit"> <attribute name="uniqueIdPropertyLocal" value="name"/> <attribute name="uniqueIdPropertyRemote" value="name"/> </property> </item-descriptor> <import-items> <add-item item-descriptor="organization" repository="/atg/userprofiling/ProfileAdapterRepository" id="root"> <set-property name="name">People</set-property> </add-item> </import-items> </gsa-template>
Sample ldapUserProfile.xml file
The following code sample shows the LDAP profile repository definition file, ldapUserProfile.xml, set up to support an LDAP-based user directory.
<?xml version="1.0" encoding="ISO-8859-1" ?> <!DOCTYPE ldap-adapter-template PUBLIC "-//Art Technology Group, Inc.//DTD LDAP Adapter//EN" "http://www.atg.com/dtds/ldap/ldap_1.0.dtd"> <ldap-adapter-template xml-combine="replace"> <header> <name>ldapUserProfile.xml</name> <author>ATG</author> </header> <!-- organization view --> <view name="organizationalUnit"> <item-descriptor name="organizationalUnit" display-name="Organizational Unit" display-property="name"> <!-- special properties --> <id-property name="id" in-ldap="false"/> <object-classes-property name="objectClasses" ldap-name="objectclass"/> <!-- object classes --> <object-class>top</object-class> <object-class>organizationalUnit</object-class> <!-- properties --> <property name="name" ldap-name="ou" data-type="string" required="true"/> <property name="entryId" ldap-name="entryid" data-type="int" required="true"/> <property name="parentId" ldap-name="parentid" data-type="int" required="true"/> <!-- item creation --> <new-items allowed="false"/> </item-descriptor> <!-- search roots --> <search-root dn="dc=atg.com"/> </view> <!-- user view --> <view name="user" default="true"> <!-- item descriptor --> <item-descriptor name="user" display-name="User" display-property="login"> <!-- special properties --> <id-property name="id" in-ldap="false"/> <object-classes-property name="objectClasses" ldap-name="objectclass"/> <!-- object classes --> <object-class>top</object-class> <object-class>person</object-class> <object-class>organizationalPerson</object-class> <object-class>inetorgPerson</object-class> <!-- properties --> <property name="names" ldap-name="cn" data-type="string" multi="true" required="true"/> <property name="login" ldap-name="uid" data-type="string" required="true"> <attribute name="unique" value="true"/> </property> <property name="password" ldap-name="userpassword" data-type="string" required="false" editor-class="atg.beans.PasswordPropertyEditor"> <attribute name="passwordHasher" bean="/atg/adapter/ldap/NDSPasswordHasher"/> </property> <property name="fullName" ldap-name="cn" data-type="string" required="true"/> <property name="lastName" ldap-name="sn" data-type="string" required="true"/> <property name="firstName" ldap-name="givenName" data-type="string"/> <property name="email" ldap-name="mail" data-type="string"/> <property name="parentId" ldap-name="parentid" data-type="int" required="true"/> <property name="entryId" ldap-name="entryid" data-type="int" required="true"/> <!-- item creation --> <new-items parent-dn="dc=atg.com" rdn-property="login"/> <!-- <new-items parent-dn="DC=atg,DC=com" rdn-property="login"/> --> </item-descriptor> <!-- search roots --> <search-root dn="dc=atg.com"/> <!-- <search-root dn="DC=atg,DC=com"/> --> </view> </ldap-adapter-template>
