support for AD's range retrieval of attribute values in LDAP data connector?
Daniel Fisher
dfisher at vt.edu
Thu Dec 17 17:51:51 EST 2015
On Thu, Dec 17, 2015 at 5:37 PM, Robert A Basch <rbasch at mit.edu> wrote:
> On Dec 13, 2015, at 11:09 PM, Daniel Fisher <dfisher at vt.edu> wrote:
>
> > On Fri, Dec 11, 2015 at 3:40 PM, Robert A Basch <rbasch at mit.edu> wrote:
> > Is there any to configure the v2 resolver to support this?
> >
> > I think it's possible, but I've never tried it. If you're willing to do
> some testing, I can walk you through the changes.
>
> I now have a v2 test environment set up for trying it. What changes are
> needed to support this?
Ok, here goes.
Compile the class found here:
https://code.google.com/p/vt-middleware/wiki/vtldapAD#Range_Attributes
Put that class in your container's classpath.
Change your DataConnector configuration to include a new LDAPProperty:
<LDAPProperty
name="edu.vt.middleware.ldap.searchResultHandlers"
value="edu.vt.middleware.ldap.handler.FqdnSearchResultHandler,edu.vt.middleware.ldap.handler.EntryDnSearchResultHandler,edu.vt.middleware.ldap.handler.BinarySearchResultHandler,custom.package.RangeSearchResultHandler"
/>
Note that if you're using the mergeResults or lowercaseAttributeNames
flags, you'll have to add even more handlers.
Lastly, configure a search filter that returns ranged results.
I might have missed something, but give that a try and let me know what
happens.
--Daniel Fisher
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20151217/f418b511/attachment.html>
More information about the users
mailing list