[Building Sakai] External User search in Sakai
Aaron Zeckoski
azeckoski at unicon.net
Mon Jul 9 04:32:41 PDT 2012
> separateIdEid at org.sakaiproject.user.api.UserDirectoryService=false
>
> Not sure what exactly this property is used for.
This property means that the internal id of the user will match with
the external id (the eid).
This is not used very often for a few reasons:
1) if a user ever has their username (e.g. azeckoski) changed because
they got married, changed their name, were being stalked, etc. then
you have to go through the DB and remap all the items (assignments,
grades, resources, etc.) to the new one
2) this is a little less secure since the id that is presented
externally (the eid) matches the internal id therefore revealing
information about the internal data structure keys to a would-be
attacker
3) this is not the default and most people will leave it as is OOTB
My guess is that this query either never worked with this setting or
something changed more recently. The fix should generally be to assume
the id and eid are the same and chop out the portion of the query that
attempts to link to the SAKAI_USER_ID_MAP table.
-AZ
On Fri, Jul 6, 2012 at 1:39 AM, Jaco Gillman <jaco at opencollab.co.za> wrote:
> Hi Steve
>
> Yes we have implemented a LDAP integration but that's about it. Also we have
> the following property in sakai.properties:
>
> separateIdEid at org.sakaiproject.user.api.UserDirectoryService=false
>
> Not sure what exactly this property is used for.
>
> Regards,
>
> Jaco Gillman
>
> Java Developer
>
> opencollab
>
> Tel: +27 21 970 4017 | Fax: +27 21 914 3098
>
> Email: jaco at opencollab.co.za | Skype: gillmanjc
>
> Web: www.opencollab.co.za
>
>
>
>
> On 6 July 2012 07:10, Steve Swinsburg <steve.swinsburg at gmail.com> wrote:
>>
>> Hi Jaco,
>>
>> That's odd. It works fine on nightly 2.8.x, have you any local
>> modifications? Also, do the logs show anything interesting?
>> http://nightly2.sakaiproject.org:8081/portal
>>
>> cheers,
>> Steve
>>
>>
>> On 06/07/2012, at 2:53 PM, Jaco Gillman wrote:
>>
>> Hi Steve
>>
>> I have added these screen shots you have requested. I have also tried 3
>> different user searches and none of them is found in the search.
>>
>> <image.png>
>>
>>
>>
>>
>>
>> <image.png>
>>
>> <image.png>
>>
>> <image.png>
>>
>>
>>
>>
>> Regards,
>>
>>
>> Jaco Gillman
>>
>> Java Developer
>> opencollab
>> Tel: +27 21 970 4017 | Fax: +27 21 914 3098
>> Email: jaco at opencollab.co.za | Skype: gillmanjc
>> Web: www.opencollab.co.za
>>
>>
>>
>>
>>
>>
>>
>>
>> On 6 July 2012 06:41, Steve Swinsburg <steve.swinsburg at gmail.com> wrote:
>>>
>>> Hi Jaco,
>>>
>>> Do you mean the Admin users tool? That should search all internal users.
>>> Could you perhaps send a screenshot of the search result, and then another
>>> without any search term so we can see what the normal list looks like?
>>>
>>> thanks,
>>> Steve
>>>
>>>
>>> On 06/07/2012, at 2:11 PM, Jaco Gillman wrote:
>>>
>>> Hi Bryan
>>> This "user" tool search does not even bring back any results for internal
>>> users that we have added manually. Any ideas around what this might be? We
>>> have installed Sakai 2.8.2.
>>>
>>>
>>>
>>> Regards,
>>>
>>>
>>> Jaco Gillman
>>> Java Developer
>>> opencollab
>>> Tel: +27 21 970 4017 | Fax: +27 21 914 3098
>>> Email: jaco at opencollab.co.za | Skype: gillmanjc
>>> Web: www.opencollab.co.za
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> On 5 July 2012 18:30, Bryan Holladay <holladay at longsight.com> wrote:
>>>>
>>>> The membership tool uses this search and will return the information
>>>> for you. The "users" tool is for internal users only.
>>>>
>>>> -Bryan
>>>>
>>>> On Thu, Jul 5, 2012 at 12:12 PM, Jaco Gillman <jaco at opencollab.co.za>
>>>> wrote:
>>>> > Thanks for the reply Bryan.
>>>> >
>>>> > I saw an example of what you mention below online, but is it at all
>>>> > possible
>>>> > for Sakai to do external searches "out-of-the-box"? I would like to
>>>> > log in
>>>> > with a Admin user, and do a search on external users using the Users
>>>> > tool
>>>> > performing a normal user search functionality.
>>>> >
>>>> > Regards,
>>>> >
>>>> > Jaco Gillman
>>>> >
>>>> > Java Developer
>>>> >
>>>> > opencollab
>>>> >
>>>> > Tel: +27 21 970 4017 | Fax: +27 21 914 3098
>>>> >
>>>> > Email: jaco at opencollab.co.za | Skype: gillmanjc
>>>> >
>>>> > Web: www.opencollab.co.za
>>>> >
>>>> >
>>>> >
>>>> >
>>>> > On 5 July 2012 18:06, Bryan Holladay <holladay at longsight.com> wrote:
>>>> >>
>>>> >> Theres a separate function for external (ldap) users:
>>>> >>
>>>> >> userDirectoryService.searchExternalUsers(search, -1, -1)
>>>> >>
>>>> >> On Thu, Jul 5, 2012 at 12:02 PM, Jaco Gillman <jaco at opencollab.co.za>
>>>> >> wrote:
>>>> >> > Hi All
>>>> >> >
>>>> >> > I am having difficulty doing users searches in Sakai. We have an
>>>> >> > LDAP
>>>> >> > integration implementation.
>>>> >> >
>>>> >> > Are there any sakai.properties settings that I need to be aware of
>>>> >> > to
>>>> >> > accomplish external user searches in Sakai?
>>>> >> >
>>>> >> > Regards,
>>>> >> >
>>>> >> > Jaco Gillman
>>>> >> >
>>>> >> > Java Developer
>>>> >> >
>>>> >> > opencollab
>>>> >> >
>>>> >> > Tel: +27 21 970 4017 | Fax: +27 21 914 3098
>>>> >> >
>>>> >> > Email: jaco at opencollab.co.za | Skype: gillmanjc
>>>> >> >
>>>> >> > Web: www.opencollab.co.za
>>>> >> >
>>>> >> >
>>>> >> >
>>>> >> > _______________________________________________
>>>> >> > sakai-dev mailing list
>>>> >> > sakai-dev at collab.sakaiproject.org
>>>> >> > http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>>>> >> >
>>>> >> > TO UNSUBSCRIBE: send email to
>>>> >> > sakai-dev-unsubscribe at collab.sakaiproject.org
>>>> >> > with a subject of "unsubscribe"
>>>> >
>>>> >
>>>
>>>
>>> _______________________________________________
>>> sakai-dev mailing list
>>> sakai-dev at collab.sakaiproject.org
>>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>>>
>>> TO UNSUBSCRIBE: send email to
>>> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
>>> "unsubscribe"
>>>
>>>
>>
>>
>
>
> _______________________________________________
> sakai-dev mailing list
> sakai-dev at collab.sakaiproject.org
> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>
> TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org
> with a subject of "unsubscribe"
--
Aaron Zeckoski - Software Architect - http://tinyurl.com/azprofile
More information about the sakai-dev
mailing list