LDAP User Registry in Federated repository

After Adding LDAP Server to Federated REpository you can take a look at Admin Console. You will notice that there is one more repository added in the realm, the name of the repository would be adminldap (this is what i set as value of federated.ldap in the wp_add_federated_ids.properties), the type of the repository is LDAP.IDS6.


Now click on the adminldap link and you will see details of the configuration like this.


You see name of the LDAP server, bind user name and password,..etc.

If you open the wimconfig.xml file you will notice that it is updated to add one new <config:repositories> element. It has the bind user id and the bind user password is XOR encoded.

<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:config="http://www.ibm.com/websphere/wim/config" xmlns:sdo="commonj.sdo">
<config:configurationProvider maxPagingResults="500" maxSearchResults="4500" maxTotalPagingResults="1000"
pagedCacheTimeOut="900" pagingEntityObject="true" searchTimeOut="600000">
<config:dynamicModel xsdFileName="wimdatagraph.xsd"/>
<config:supportedEntityTypes defaultParent="o=defaultWIMFileBasedRealm" name="Group">
<config:rdnProperties>cn</config:rdnProperties>
</config:supportedEntityTypes>
<config:supportedEntityTypes defaultParent="o=defaultWIMFileBasedRealm" name="OrgContainer">
<config:rdnProperties>o</config:rdnProperties>
<config:rdnProperties>ou</config:rdnProperties>
<config:rdnProperties>dc</config:rdnProperties>
<config:rdnProperties>cn</config:rdnProperties>
</config:supportedEntityTypes>
<config:supportedEntityTypes defaultParent="o=defaultWIMFileBasedRealm" name="PersonAccount">
<config:rdnProperties>uid</config:rdnProperties>
</config:supportedEntityTypes>
<config:repositories xsi:type="config:FileRepositoryType" adapterClassName="com.ibm.ws.wim.adapter.file.was.FileAdapter"
id="InternalFileRepository" supportPaging="false" messageDigestAlgorithm="SHA-1">
<config:baseEntries name="o=defaultWIMFileBasedRealm"/>
</config:repositories>
<config:repositories xsi:type="config:LdapRepositoryType" adapterClassName="com.ibm.ws.wim.adapter.ldap.LdapAdapter"
id="adminldap" isExtIdUnique="true" supportAsyncMode="false" supportExternalName="false"
supportPaging="false" supportSorting="false" supportTransactions="false" certificateFilter=""
certificateMapMode="EXACT_DN" ldapServerType="IDS6" translateRDN="false">
<config:baseEntries name="dc=ibm,dc=com" nameInRepository="dc=ibm,dc=com"/>
<config:loginProperties>uid</config:loginProperties>
<config:ldapServerConfiguration primaryServerQueryTimeInterval="15" returnToPrimaryServer="true"
searchCountLimit="500" searchTimeLimit="120000" sslConfiguration="">
<config:ldapServers authentication="simple" bindDN="uid=wpsbind,cn=users,dc=ibm,dc=com"
bindPassword="{xor}KC8sPTYxOw==" connectionPool="false" connectTimeout="0"
derefAliases="always" referal="ignore" sslEnabled="false">
<config:connections host="localhost" port="389"/>
</config:ldapServers>
</config:ldapServerConfiguration>
<config:ldapEntityTypes name="OrgContainer">
<config:rdnAttributes name="o" objectClass="organization"/>
<config:rdnAttributes name="ou" objectClass="organizationalUnit"/>
<config:rdnAttributes name="dc" objectClass="domain"/>
<config:rdnAttributes name="cn" objectClass="container"/>
<config:objectClasses>organization</config:objectClasses>
<config:objectClasses>organizationalUnit</config:objectClasses>
<config:objectClasses>domain</config:objectClasses>
<config:objectClasses>container</config:objectClasses>
</config:ldapEntityTypes>
<config:ldapEntityTypes name="PersonAccount" searchFilter="(objectclass=inetOrgPerson)">
<config:objectClasses>inetOrgPerson</config:objectClasses>
<config:searchBases>cn=users,dc=ibm,dc=com</config:searchBases>
</config:ldapEntityTypes>
<config:ldapEntityTypes name="Group" searchFilter="(objectclass=groupOfUniqueNames)">
<config:objectClasses>groupOfUniqueNames</config:objectClasses>
<config:searchBases>cn=groups,dc=ibm,dc=com</config:searchBases>
</config:ldapEntityTypes>
<config:groupConfiguration>
<config:memberAttributes dummyMember="uid=dummy" name="member" objectClass="groupOfNames"
scope="direct"/>
<config:memberAttributes dummyMember="uid=dummy" name="uniqueMember" objectClass="groupOfUniqueNames"
scope="direct"/>
<config:membershipAttribute name="ibm-allGroups" scope="direct"/>
</config:groupConfiguration>
<config:attributeConfiguration>
<config:attributes name="userPassword" propertyName="password"/>
<config:propertiesNotSupported name="homeAddress"/>
<config:propertiesNotSupported name="businessAddress"/>
</config:attributeConfiguration>
<config:contextPool enabled="true" initPoolSize="1" maxPoolSize="20" poolTimeOut="0"
poolWaitTime="3000" prefPoolSize="3"/>
<config:cacheConfiguration>
<config:attributesCache attributeSizeLimit="2000" cacheSize="4000" cacheTimeOut="1200"
enabled="true"/>
<config:searchResultsCache cacheSize="2000" cacheTimeOut="600" enabled="true"
searchResultSizeLimit="1000"/>
</config:cacheConfiguration>
</config:repositories>
<config:realmConfiguration defaultRealm="defaultWIMFileBasedRealm">
<config:realms delimiter="/" name="defaultWIMFileBasedRealm" securityUse="active">
<config:participatingBaseEntries name="o=defaultWIMFileBasedRealm"/>
<config:participatingBaseEntries name="dc=ibm,dc=com"/>
<config:uniqueUserIdMapping propertyForInput="uniqueName" propertyForOutput="uniqueName"/>
<config:userSecurityNameMapping propertyForInput="principalName" propertyForOutput="principalName"/>
<config:userDisplayNameMapping propertyForInput="principalName" propertyForOutput="principalName"/>
<config:uniqueGroupIdMapping propertyForInput="uniqueName" propertyForOutput="uniqueName"/>
<config:groupSecurityNameMapping propertyForInput="cn" propertyForOutput="cn"/>
<config:groupDisplayNameMapping propertyForInput="cn" propertyForOutput="cn"/>
</config:realms>
</config:realmConfiguration>
<config:pluginManagerConfiguration>
<config:topicSubscriberList>
<config:topicSubscriber topicSubscriberName="DefaultDAViewProcessor" topicSubscriberType="ModificationSubscriber">
<config:className>com.ibm.ws.wim.plugins.orgview.impl.DefaultDAViewProcessorImpl</config:className>
</config:topicSubscriber>
</config:topicSubscriberList>
<config:topicRegistrationList>
<config:topicEmitter topicEmitterName="com.ibm.ws.wim.ProfileManager.create">
<config:preExit>
<config:notificationSubscriberList/>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:preExit>
<config:inlineExit inlineExitName="createInViewExplicit">
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:inlineExit>
<config:postExit>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
<config:notificationSubscriberList/>
</config:postExit>
</config:topicEmitter>
<config:topicEmitter topicEmitterName="com.ibm.ws.wim.ProfileManager.delete">
<config:preExit>
<config:notificationSubscriberList/>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:preExit>
<config:inlineExit inlineExitName="deleteInViewExplicit">
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:inlineExit>
<config:postExit>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
<config:notificationSubscriberList/>
</config:postExit>
</config:topicEmitter>
<config:topicEmitter topicEmitterName="com.ibm.ws.wim.ProfileManager.update">
<config:preExit>
<config:notificationSubscriberList/>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:preExit>
<config:postExit>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
<config:notificationSubscriberList/>
</config:postExit>
</config:topicEmitter>
<config:topicEmitter topicEmitterName="com.ibm.ws.wim.ProfileManager.get">
<config:preExit>
<config:notificationSubscriberList/>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:preExit>
<config:inlineExit inlineExitName="getInViewExplicit">
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:inlineExit>
<config:postExit>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
<config:notificationSubscriberList/>
</config:postExit>
</config:topicEmitter>
<config:topicEmitter topicEmitterName="com.ibm.ws.wim.authz.ProfileSecurityManager">
<config:preExit>
<config:notificationSubscriberList/>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:preExit>
<config:inlineExit inlineExitName="getInViewExplicit">
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:inlineExit>
<config:postExit>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
<config:notificationSubscriberList/>
</config:postExit>
</config:topicEmitter>
</config:topicRegistrationList>
</config:pluginManagerConfiguration>
<config:authorization defaultAttributeGroup="default" importPolicyFromFile="true"
isAttributeGroupingEnabled="true" isSecurityEnabled="true" jaccPolicyClass="com.ibm.sec.authz.provider.CommonAuthzPolicy"
jaccPolicyConfigFactoryClass="com.ibm.sec.authz.provider.CommonAuthzPolicyConfigurationFactory"
jaccPrincipalToRolePolicyFileName="wim-rolemapping.xml" jaccPrincipalToRolePolicyId="WIM Policy"
jaccRoleMappingClass="com.ibm.sec.authz.provider.CommonAuthzRoleMapping" jaccRoleMappingConfigFactoryClass="com.ibm.sec.authz.provider.CommonAuthzRoleMappingConfigurationFactory"
jaccRoleToPermissionPolicyFileName="wim-policy.xml" jaccRoleToPermissionPolicyId="WIM Policy"
useSystemJACCProvider="false">
<config:attributeGroups>
<config:groupName>general</config:groupName>
<config:attributeNames>cn</config:attributeNames>
<config:attributeNames>sn</config:attributeNames>
<config:attributeNames>uid</config:attributeNames>
</config:attributeGroups>
<config:attributeGroups>
<config:groupName>sensitive</config:groupName>
<config:attributeNames>password</config:attributeNames>
</config:attributeGroups>
<config:attributeGroups>
<config:groupName>unchecked</config:groupName>
<config:attributeNames>identifier</config:attributeNames>
<config:attributeNames>createTimestamp</config:attributeNames>
<config:attributeNames>modifyTimestamp</config:attributeNames>
<config:attributeNames>entitlementInfo</config:attributeNames>
</config:attributeGroups>
</config:authorization>
</config:configurationProvider>
</sdo:datagraph>

3 comments:

srjwebsolutions said...


We are leading responsive website designing and development company in Noida.
We are offering mobile friendly responsive website designing, website development, e-commerce website, seo service and sem services in Noida.

Responsive Website Designing Company in Noida
Website Designing Company in Noida
SEO Services in Noida
SMO Services in Noida

Vikas Chaudhary said...

Battery Mantra is Authorized exide car battery dealer in Noida and Greater Noida. We are providing our service in Indirapuram, Delhi, Ashok Nagar.

Exide Battery Dealer in Noida
Battery Dealer in Noida
Authorized Battery Dealer in Noida
Car Battery Dealer in Noida
Car Battery Dealer
Exide Battery Dealer

EG MEDI said...

Egmedi.com is online medical store pharmacy in laxmi nagar Delhi. You can Order prescription/OTC medicines online.
Cash on Delivery available. Free Home Delivery


Online Pharmacy in Delhi
Buy Online medicine in Delhi
Online Pharmacy in laxmi nagar
Buy Online medicine in laxmi nagar
Onine Medical Store in Delhi
Online Medical store in laxmi nagar
Online medicine store in delhi
online medicine store in laxmi nagar
Purchase Medicine Online
Online Pharmacy India
Online Medical Store