PPLDAP Attribute Map List (Sun Java System Federation Manager 7.0 User's Guide)

Sun Java System Federation Manager 7.0 User's Guide

PPLDAP Attribute Map List

Each identity attribute defined in the Liberty Personal Profile Service maps one-to-one with an LDAP attribute. (For example, JobTitle=sunIdentityServerPPEmploymentIdentityJobTitle maps the Liberty JobTitle attribute to the sunIdentityServerPPEmploymentIdentityJobTitle attribute.) The value of PPLDAP Attribute Map List is a list that specifies the mappings. The list is used by the attribute mapper defined in the Attribute Mapper attribute which is, by default, com.sun.identity.liberty.ws.idpp.plugin.IDPPAttributeMapper.

In the following code sample, the Liberty Personal Profile Service informalName attribute mapping to the LDAP attribute uid is added to the mappings already present in the Liberty Personal Profile Service XML service file, amLibertyPersonalProfile.xml.

Note –

Attribute mappings are defined as global attributes under the name sunIdentityServerPPDSAttributeMapList in amLibertyPersonalProfile.xml. This attribute corresponds to that sunIdentityServerPPDSAttributeMapList global attribute.

Example 9–2 Attribute Mappings as Defined in XML Service File

<AttributeSchema name="sunIdentityServerPPDSAttributeMapList"
                      type="list"
                      syntax="string"
                      i18nKey="p108">
                      <DefaultValues>
                         <Value>CN=sunIdentityServerPPCommonNameCN</Value>
                         <Value>FN=sunIdentityServerPPCommonNameFN</Value>
                         <Value>MN=sunIdentityServerPPCommonNameMN</Value>
                         <Value>SN=sunIdentityServerPPCommonNameSN</Value>
                         <Value>InformalName=uid</Value>
              </AttributeSchema>

Note –

When adding new attributes to the Liberty Personal Profile Service or the LDAP data store, ensure that the new attribute mappings are configured in the PPLDAP Attribute Map List attribute. See To Configure an Attribute Mapping.

To Configure an Attribute Mapping

A mapping is an attribute that defines a holder for a piece of identity data. The following procedure is for adding new attributes to the Liberty Personal Profile Service. The starting point is the Liberty Personal Profile Service screen under Web Services.

In the Federation Manager Console, click the Web Services tab.

Under Web Services, select the Personal Profile tab.

Under PPLDAP Attribute Map List, click Add or click on the name of a configured mapping to modify it.

The New LDAP Attribute Mapping page is displayed.

Provide values for the container attributes.

Name Prefix

Enter the name of the Liberty Personal Profile Service identity attribute to be mapped.

LDAP Attribute

Enter the name of the LDAP attribute to which the Name Prefix maps.

Click OK to complete the Mapping configuration.

Click Save on the Liberty Personal Profile Service page to complete the service configuration.