Stand-alone LDAP registry


<sdo:datagraph xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:config="http://www.ibm.com/websphere/wim/config" xmlns:sdo="commonj.sdo">
<config:configurationProvider maxPagingResults="500" maxSearchResults="4500" maxTotalPagingResults="1000"
pagedCacheTimeOut="900" pagingEntityObject="true" searchTimeOut="600000">
<config:dynamicModel xsdFileName="wimdatagraph.xsd"/>
<config:supportedEntityTypes defaultParent="cn=groups,dc=ibm,dc=com" name="Group">
<config:rdnProperties>cn</config:rdnProperties>
</config:supportedEntityTypes>
<config:supportedEntityTypes defaultParent="o=defaultWIMFileBasedRealm" name="OrgContainer">
<config:rdnProperties>o</config:rdnProperties>
<config:rdnProperties>ou</config:rdnProperties>
<config:rdnProperties>dc</config:rdnProperties>
<config:rdnProperties>cn</config:rdnProperties>
</config:supportedEntityTypes>
<config:supportedEntityTypes defaultParent="cn=users,dc=ibm,dc=com" name="PersonAccount">
<config:rdnProperties>uid</config:rdnProperties>
</config:supportedEntityTypes>
<config:repositories xsi:type="config:LdapRepositoryType" adapterClassName="com.ibm.ws.wim.adapter.ldap.LdapAdapter"
id="localldap" isExtIdUnique="true" supportAsyncMode="false" supportExternalName="false"
supportPaging="false" supportSorting="false" supportTransactions="false" certificateFilter=""
certificateMapMode="EXACT_DN" ldapServerType="IDS6" translateRDN="false">
<config:baseEntries name="dc=ibm,dc=com" nameInRepository="dc=ibm,dc=com"/>
<config:loginProperties>uid</config:loginProperties>
<config:ldapServerConfiguration primaryServerQueryTimeInterval="15" returnToPrimaryServer="true"
searchCountLimit="500" searchTimeLimit="120000" sslConfiguration="">
<config:ldapServers authentication="simple" bindDN="uid=wpsbind,cn=users,dc=ibm,dc=com"
bindPassword="{xor}KC8sPTYxOw==" connectionPool="false" connectTimeout="0"
derefAliases="always" referal="ignore" sslEnabled="false">
<config:connections host="localhost" port="389"/>
</config:ldapServers>
</config:ldapServerConfiguration>
<config:ldapEntityTypes name="OrgContainer">
<config:rdnAttributes name="o" objectClass="organization"/>
<config:rdnAttributes name="ou" objectClass="organizationalUnit"/>
<config:rdnAttributes name="dc" objectClass="domain"/>
<config:rdnAttributes name="cn" objectClass="container"/>
<config:objectClasses>organization</config:objectClasses>
<config:objectClasses>organizationalUnit</config:objectClasses>
<config:objectClasses>domain</config:objectClasses>
<config:objectClasses>container</config:objectClasses>
</config:ldapEntityTypes>
<config:ldapEntityTypes name="PersonAccount" searchFilter="">
<config:objectClasses>inetOrgPerson</config:objectClasses>
</config:ldapEntityTypes>
<config:ldapEntityTypes name="Group" searchFilter="">
<config:objectClasses>groupOfUniqueNames</config:objectClasses>
</config:ldapEntityTypes>
<config:groupConfiguration>
<config:memberAttributes dummyMember="uid=dummy" name="member" objectClass="groupOfNames"
scope="direct"/>
<config:memberAttributes dummyMember="uid=dummy" name="uniqueMember" objectClass="groupOfUniqueNames"
scope="direct"/>
</config:groupConfiguration>
<config:attributeConfiguration>
<config:attributes name="userPassword" propertyName="password"/>
<config:propertiesNotSupported name="homeAddress"/>
<config:propertiesNotSupported name="businessAddress"/>
</config:attributeConfiguration>
<config:contextPool enabled="true" initPoolSize="1" maxPoolSize="20" poolTimeOut="0"
poolWaitTime="3000" prefPoolSize="3"/>
<config:cacheConfiguration>
<config:attributesCache attributeSizeLimit="2000" cacheSize="4000" cacheTimeOut="1200"
enabled="true"/>
<config:searchResultsCache cacheSize="2000" cacheTimeOut="600" enabled="true"
searchResultSizeLimit="1000"/>
</config:cacheConfiguration>
</config:repositories>
<config:realmConfiguration defaultRealm="replacewithyourrealm">
<config:realms delimiter="/" name="replacewithyourrealm" securityUse="active"
allowOperationIfReposDown="false">
<config:participatingBaseEntries name="dc=ibm,dc=com"/>
<config:uniqueUserIdMapping propertyForInput="uniqueName" propertyForOutput="uniqueName"/>
<config:userSecurityNameMapping propertyForInput="principalName" propertyForOutput="externalName"/>
<config:userDisplayNameMapping propertyForInput="principalName" propertyForOutput="principalName"/>
<config:uniqueGroupIdMapping propertyForInput="uniqueName" propertyForOutput="uniqueName"/>
<config:groupSecurityNameMapping propertyForInput="cn" propertyForOutput="externalName"/>
<config:groupDisplayNameMapping propertyForInput="cn" propertyForOutput="cn"/>
</config:realms>
</config:realmConfiguration>
<config:pluginManagerConfiguration>
<config:topicSubscriberList>
<config:topicSubscriber topicSubscriberName="DefaultDAViewProcessor" topicSubscriberType="ModificationSubscriber">
<config:className>com.ibm.ws.wim.plugins.orgview.impl.DefaultDAViewProcessorImpl</config:className>
</config:topicSubscriber>
</config:topicSubscriberList>
<config:topicRegistrationList>
<config:topicEmitter topicEmitterName="com.ibm.ws.wim.ProfileManager.create">
<config:preExit>
<config:notificationSubscriberList/>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:preExit>
<config:inlineExit inlineExitName="createInViewExplicit">
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:inlineExit>
<config:postExit>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
<config:notificationSubscriberList/>
</config:postExit>
</config:topicEmitter>
<config:topicEmitter topicEmitterName="com.ibm.ws.wim.ProfileManager.delete">
<config:preExit>
<config:notificationSubscriberList/>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:preExit>
<config:inlineExit inlineExitName="deleteInViewExplicit">
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:inlineExit>
<config:postExit>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
<config:notificationSubscriberList/>
</config:postExit>
</config:topicEmitter>
<config:topicEmitter topicEmitterName="com.ibm.ws.wim.ProfileManager.update">
<config:preExit>
<config:notificationSubscriberList/>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:preExit>
<config:postExit>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
<config:notificationSubscriberList/>
</config:postExit>
</config:topicEmitter>
<config:topicEmitter topicEmitterName="com.ibm.ws.wim.ProfileManager.get">
<config:preExit>
<config:notificationSubscriberList/>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:preExit>
<config:inlineExit inlineExitName="getInViewExplicit">
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:inlineExit>
<config:postExit>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
<config:notificationSubscriberList/>
</config:postExit>
</config:topicEmitter>
<config:topicEmitter topicEmitterName="com.ibm.ws.wim.authz.ProfileSecurityManager">
<config:preExit>
<config:notificationSubscriberList/>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:preExit>
<config:inlineExit inlineExitName="getInViewExplicit">
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
</config:inlineExit>
<config:postExit>
<config:modificationSubscriberList>
<config:modificationSubscriber>
<config:modificationSubscriberReference>DefaultDAViewProcessor</config:modificationSubscriberReference>
<config:realmList>All</config:realmList>
</config:modificationSubscriber>
</config:modificationSubscriberList>
<config:notificationSubscriberList/>
</config:postExit>
</config:topicEmitter>
</config:topicRegistrationList>
</config:pluginManagerConfiguration>
<config:authorization defaultAttributeGroup="default" importPolicyFromFile="true"
isAttributeGroupingEnabled="true" isSecurityEnabled="true" jaccPolicyClass="com.ibm.sec.authz.provider.CommonAuthzPolicy"
jaccPolicyConfigFactoryClass="com.ibm.sec.authz.provider.CommonAuthzPolicyConfigurationFactory"
jaccPrincipalToRolePolicyFileName="wim-rolemapping.xml" jaccPrincipalToRolePolicyId="WIM Policy"
jaccRoleMappingClass="com.ibm.sec.authz.provider.CommonAuthzRoleMapping" jaccRoleMappingConfigFactoryClass="com.ibm.sec.authz.provider.CommonAuthzRoleMappingConfigurationFactory"
jaccRoleToPermissionPolicyFileName="wim-policy.xml" jaccRoleToPermissionPolicyId="WIM Policy"
useSystemJACCProvider="false">
<config:attributeGroups>
<config:groupName>general</config:groupName>
<config:attributeNames>cn</config:attributeNames>
<config:attributeNames>sn</config:attributeNames>
<config:attributeNames>uid</config:attributeNames>
</config:attributeGroups>
<config:attributeGroups>
<config:groupName>sensitive</config:groupName>
<config:attributeNames>password</config:attributeNames>
</config:attributeGroups>
<config:attributeGroups>
<config:groupName>unchecked</config:groupName>
<config:attributeNames>identifier</config:attributeNames>
<config:attributeNames>createTimestamp</config:attributeNames>
<config:attributeNames>modifyTimestamp</config:attributeNames>
<config:attributeNames>entitlementInfo</config:attributeNames>
</config:attributeGroups>
</config:authorization>
</config:configurationProvider>
</sdo:datagraph>

No comments:

Post a Comment