| Sun Java System Content Delivery Server Integration Guide
|
   
|
The Sun Java System Content Delivery Server uses an Oracle database to manage subscriber profiles. If you already have extensive subscriber data, you do not need to duplicate this information. The Content Delivery Server can be configured to work with your existing subscriber data.
A subscriber adapter maps external subscriber data to the data required by the Content Delivery Server when processing subscriber-related functions.
The subscriber adapter provided with the Content Delivery Server is described in Section 3.1, Subscriber Adapter Provided. You can create your own subscriber adapter using the User Profile API. See the Sun Java System Content Delivery Server Customization Guide for information on this API.
3.1 Subscriber Adapter Provided
Currently, the subscriber adapter provided with the Content Delivery Server supports the Lightweight Directory Access Protocol (LDAP) format. The LDAP subscriber adapter uses an XML file to map data between the Content Delivery Server and your LDAP directory.
3.2 Using a Subscriber Adapter
To specify the subscriber adapter that you want to use, you must set the module.security.subscriber.usermanager property to the fully qualified class name of the subscriber adapter. This property is in the security.conf file found in the $CDS_HOME/deployment/deployment-name/conf directory. Use one of the values shown in the following table.
|
Adapter
|
Value for the module.security.subscriber.usermanager property
|
|
Oracle
|
com.sun.content.server.server.security.user.SubscriberImpl
Use this value to use the Content Delivery Server database to store all subscriber data. This is the default setting.
|
|
LDAP
|
com.sun.content.server.server.security.user.ldap.ldapusermanager.LDAPUserManager
Use this value to use an external LDAP directory for subscriber data.
|
To use the subscriber adapter for LDAP, you must also provide an XML file that describes the mapping to be used. This file is described in Section 3.3.1, Creating the Mapping File for LDAP.
3.3 Working with LDAP
This section provides additional information on setting up your system to work with the Content Delivery Server when your subscriber data is stored in an LDAP directory. Section 3.3.1, Creating the Mapping File for LDAP describes how to create a file that maps the fields in the LDAP directory to the fields in the Content Delivery Server. Section 3.3.2, Tuning LDAP describes how to set up LDAP to improve performance.
3.3.1 Creating the Mapping File for LDAP
To use subscriber data in an LDAP directory, you must create a mapping file in XML that maps the data needed by the Content Delivery Server to the information in the LDAP directory. The conf.xml file in the $CDS_HOME/deployment/deployment-name/conf directory contains a sample mapping. Edit this file and save your version to a new file in the same directory, for example, cdsmapping.xml.
Section 3.3.1.1, Subscriber Data for the Content Delivery Server identifies the data that must be provided to the Content Delivery Server. Section 3.3.1.2, Sample Mapping File provides a sample file.
3.3.1.1 Subscriber Data for the Content Delivery Server
The first few lines of the mapping file contain the connection information for the LDAP server. The following tables describe the properties in the mapping file.
TABLE 3-1 describes the configuration properties that must be set.
TABLE 3-1 Configuration Properties
|
Property
|
Description
|
|
search_scope
|
Scope of the search. Specify one of the following values:
- 0 - Searches the named object.
- 1 - Searches only one level of the named object. This is the default.
- 2 - Searches the entire sub-tree of the named object.
|
|
max_search_wait_time
|
Maximum time in milliseconds that LDAP executes a search request.
|
TABLE 3-2 describes the properties that define your LDAP environment.
TABLE 3-2 LDAP Properties
|
Property
|
Description
|
|
initial_context_factory
|
Fully qualified class name of the initial context factory.
|
|
provider_url
|
URL of the provider (LDAP server).
Note: If you are using Sun Java System Application Server, the URL must not contain spaces.
|
|
prefix
|
Prefix used.
|
|
username
|
User distinguished name used to access LDAP.
|
|
password
|
Password associated with the user name.
|
|
master_username
|
User name for the master server. This property is optional.
|
|
master_password
|
Password associated with the master user name. This property is optional.
|
|
object
|
One or more objects from LDAP.
|
TABLE 3-3 identifies the subscriber data used by the Content Delivery Server. Add an element with the field name in the XML file that you create. The required fields are noted.
TABLE 3-3 Subscriber Data
|
Content Delivery Server Field
|
Description
|
|
loginId
|
Login ID used by the subscriber to access the Subscriber Portal.
Note: This field is required and must be mapped.
|
|
password
|
Password for the login ID provided.
Note: This field is required and must be mapped.
|
|
uniqueDeviceId
|
Unique ID that identifies the subscriber by the device being used. Typically, this is the same as the MSISDN.
Note: This field is required and must be mapped.
|
|
firstName
|
First name of the subscriber.
Note: This field is required and must be mapped.
|
|
middleName
|
Middle initial of the subscriber.
|
|
lastName
|
Last name of the subscriber.
Note: This field is required and must be mapped.
|
|
gender
|
Gender of the subscriber.
|
|
street1
|
Street address for the subscriber.
|
|
street2
|
Any additional address information required for the subscriber.
|
|
city
|
City information for the subscriber.
|
|
state
|
State information for the subscriber.
|
|
postalcode
|
Postal code for the subscriber.
|
|
country
|
Country where the subscriber resides.
|
|
email
|
Email address for the subscriber, used when sending password reminders or campaign notifications.
Note: This field is required and must be mapped.
|
|
phone
|
Phone number for the subscriber.
|
|
activatedate
|
Date on which the subscriber account was activated.
|
|
deactivatedate
|
Date on which the subscriber account was deactivated.
|
|
salutation
|
Salutation by which the subscriber prefers to be addressed.
|
|
enabled
|
Status of the subscriber. If no value is provided, the default is enabled.
|
|
msisdn
|
TMSISDN number for the subscriber, used when sending messages to the subscriber's device.
Note: This field is required and must be mapped.
|
The mapping is contained in the <mapping>...</mapping> section of the XML file. The mapping element has the following attributes:
- isDeletable. Set to true to allow user records to be deleted by the Content Delivery Server. Set to false to prevent user records from being deleted.
- isAddable. Set to true to allow user records to be created by the Content Delivery Server. Set to false to prevent user records from being created.
Each element in the mapping section can have one or more of the following attributes:
- isRequired. Set to true to indicate that the mapped field must not be null or empty. Set to false to indicate that the mapped field can be null or empty. If this attribute is set to true and a null or empty value is returned from the LDAP directory, an error message is generated.
- isModifiable. Set to true to allow the field to be modified by Content Delivery Server. Set to false to prevent the field from being modified.
- isMultiple. Set to true to indicate that more than one field in LDAP maps to the field in the Content Delivery Server. If this attribute is true, you must include a valuen element for each LDAP field, where n is a sequential number from 0 to number of fields - 1. For example, if the uniqueDeviceId field maps to handsetID and mobileID, you would add the following statements:
<uniqueDeviceID isMultiple="true">
<value0>handsetID</value0>
<value1>mobileID</value1>
</uniqueDeviceID>
|
The password element can also have the attribute isEncoded. Set this attribute to true if the password is stored as an encoded string. Set to false if the password is stored without encoding. The default is false.
See Section 3.3.1.2, Sample Mapping File for an example.
3.3.1.2 Sample Mapping File
TABLE 3-4 describes sample data that is mapped in the sample mapping file that follows. Fields identified as having no mapping do not appear in the sample.
TABLE 3-4 Data for Sample LDAP File
|
Content Delivery Server Field
|
LDAP Field
|
|
loginId
|
SSN
|
|
password
|
pwd
|
|
uniqueDeviceId
|
handsetID, mobileID
|
|
firstName
|
givenName
|
|
middleName
|
(no mapping)
|
|
lastName
|
familyName
|
|
gender
|
(no mapping)
|
|
street1
|
street
|
|
street2
|
(no mapping)
|
|
city
|
city
|
|
state
|
(no mapping)
|
|
postalcode
|
zipcode
|
|
country
|
(no mapping)
|
|
email
|
email
|
|
phone
|
(no mapping)
|
|
activatedate
|
(no mapping)
|
|
deactivatedate
|
(no mapping)
|
|
salutation
|
(no mapping)
|
|
enabled
|
status
|
|
msisdn
|
msisdn
|
CODE EXAMPLE 3-1 Sample Mapping File for LDAP Data
<ldapusermanager>
<config>
<search_scope>1</search_scope>
<max_search_wait_time>1000</max_search_wait_time>
</config>
<ldap>
<initial_context_factory>com.sun.jndi.ldap.LdapCtxFactory
</initial_context_factory>
<provider_url>ldap://t1:389/ou=Users,o=LDAPUserManager
</provider_url>
<prefix>uid=</prefix>
<username>cn=directory manager</username>
<password>ldappwd</password>
<master_username>cn=directory manager</master_username>
<master_password>ldappwd</master_password>
</ldap>
<object>
<obj0>top</obj0>
<obj1>person</obj1>
<obj2>organizationalPerson</obj1>
</object>
<mapping isDeletable="true" isAddable="true">
<loginId isRequired="true">SSN</loginId>
<password isRequired="true" isEncoded="false">pwd</password>
<uniqueDeviceId isRequired="true" isModifiable="true" isMultiple="true">
<value0>handsetID</value0>
<value1>mobileID</value1>
</uniqueDeviceId>
<firstName isRequired="true">givenName</firstName>
<lastName isRequired="true">familyName</lastName>
<street1>street</street1>
<city>city</city>
<postalcode>zipcode<postalcode>
<email isRequired="true">email</email>
<enabled isRequired="true">status</enabled>
<msisdn isRequired="true" isModifiable="true">msisdn</msisdn>
</mapping>
</ldapusermanager>
|
3.3.2 Tuning LDAP
When using an LDAP directory as the subscriber database, you might want to create an index on the attribute mapped to the unique device ID to improve performance. See the documentation for the LDAP directory that you are using for instructions on creating an index. Create the index on the attribute that is mapped to uniqueDeviceId in the mapping file that you created.
Creating an index is resource intensive and could affect system performance. Choose a time to create the index that is least likely to impact users.
| Sun Java System Content Delivery Server Integration Guide
|
819-3216-10
|
|
Copyright © 2005, Sun Microsystems, Inc. All Rights Reserved.