[Building Sakai] Usage of LDAP attributes for Signon and Course/Site Management
mizematr at notes.udayton.edu
mizematr at notes.udayton.edu
Thu Mar 11 12:28:46 PST 2010
This is something that I also have been working on this week. I think I
got it working, but in order to do so I had to make some very slight
changes to the JLDAP Provider, site-manage project, and
BaseUserDirectoryService.java in the kernel. We will be testing this fix
all next week before deploying in production. However, changing the
kernel makes me nervous and I was hoping the community would be willing to
look at these patches for me (they're very small) and tell me if I did
anything the wrong way.
Thanks in advance for any feedback you might have.
==========
UDaytonLdapDirectoryProvider extends JLDAPDirectoryProvider so that I
could implement DisplayAdvisorUDP. This allowed me to control what is
used for the display ID and overrides the default which is to display the
EID.
==========
UDaytonLdapAttributeMapper extends SimpleLdapAttributeMapper so that I
could override mapUserDataOntoUserEdit
==========
The diff in kernel-impl.diff is for the BaseUserDirectoryService.java. I
had to change the function call from ensureMappedIdForProvidedUser to
checkAndEnsureMappedIdForProvidedUser because the first time Sakai
searches for the Sakai ID, it does so with the login id which is not what
we want to use as the EID. Changing the function call forces Sakai to
look for an internal ID using the correct EID obtained from LDAP.
==========
The diff in site-manage.diff is me using the display ID instead of the EID
on the add participants pages. There might be other locations which are
using EID instead of display ID, but we have not yet found them.
==========
The diff in providers.diff is mostly adding new entries to
jldap-config.xml (although I've removed the values that we are using for
security's sake) and a new constant I added to AttributeMappingConstants.
I also, however, had to change a function call in JLDAPDirectoryProvider
because it was using the EID from before it was mapped from LDAP and so it
overwrote the new EID. I simply replaced the parameter with the correct
EID.
--------------------------------------------------
Matt Mize, Systems Administrator
- Pay no attention to the man in the back office....
Matt.Mize at notes.udayton.edu
(937) 229-1024
UDit Department, University of Dayton
300 College Park, Dayton, OH, 45469-1302
Ishtiaq Ahmad <organic.ishtiaq at gmail.com>
03/09/10 11:22 PM
Please respond to
organic.ishtiaq at gmail.com
To
mizematr at notes.udayton.edu
cc
Subject
Re: [Building Sakai] Usage of LDAP attributes for Signon and Course/Site
Management
Ishtiaq Ahmad <organic.ishtiaq at gmail.com>
Sent by: sakai-dev-bounces at collab.sakaiproject.org
03/09/10 08:02 AM
Please respond to
organic.ishtiaq at gmail.com
To
"sakai-dev at collab.sakaiproject.org Developers" <
sakai-dev at collab.sakaiproject.org>
cc
Subject
Re: [Building Sakai] Usage of LDAP attributes for Signon and
Course/Site Management
any one can help me to achieve the following behavior?
On Tue, Mar 9, 2010 at 12:48 PM, Ishtiaq Ahmad <organic.ishtiaq at gmail.com>
wrote:
Hi All,
I am using Sakai 2.5.4 as a LMS and Active Directory for authentication.
I need to achieve the following behavior, Let me know how can I achieve
this.?
Following is the format of active directory Person.
cn (commonName) = abc.efg
sn (sirName) = efg
displayName = abc efg
employeeNumber = 12345
uid = abc.efg
I would like to use uid for login name, and for further processing i want
that sakai use employeeNumber for site search and any other operation in
the SAKAI.
For Example
When I log In to sakai, I would like to use uid for authentication (This
is is clear to me how to do this configuration) and after authentication
Sakai use employeeNumber for course sites search of the logged In person.
let suppose site with ID 1 has member as instructor with employeeNumber
12345. If any user abc.efg logged in then sakai display site with
employeeNumber 12345 in his member sites.
How can I change jldapbean.xml file configurations to achieve the above
mapping behavior.
--
Regards,
Ishtiaq Ahmad
--
Regards,
Ishtiaq Ahmad_______________________________________________
sakai-dev mailing list
sakai-dev at collab.sakaiproject.org
http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
TO UNSUBSCRIBE: send email to
sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
"unsubscribe"
--
Regards,
Ishtiaq Ahmad
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20100311/d4dbd9c3/attachment.html
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: UDaytonLdapDirectoryProvider.java
Url: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20100311/d4dbd9c3/attachment.pl
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: UDaytonLdapAttributeMapper.java
Url: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20100311/d4dbd9c3/attachment-0001.pl
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kernel-impl.diff
Type: application/octet-stream
Size: 579 bytes
Desc: not available
Url : http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20100311/d4dbd9c3/attachment.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: site-manage.diff
Type: application/octet-stream
Size: 4309 bytes
Desc: not available
Url : http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20100311/d4dbd9c3/attachment-0001.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: providers.diff
Type: application/octet-stream
Size: 3161 bytes
Desc: not available
Url : http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20100311/d4dbd9c3/attachment-0002.obj
More information about the sakai-dev
mailing list