Name: wso2-static-attributes-injector
Owner: Unicon, Inc.
Description: Extends UserStoreManagers to support injecting static attributes into user property responses.
Created: 2016-10-13 20:08:19.0
Updated: 2016-10-13 20:40:23.0
Pushed: 2016-10-13 21:26:01.0
Homepage: null
Size: 14
Language: Java
GitHub Committers
User | Most Recent Commit | # Commits |
---|
Other Committers
User | Most Recent Commit | # Commits |
---|
The WSO2 Static Attributes Injector supports a short coming in WSO2 Identity Server (IS) in that it can't support hardcoded (i.e. static) attributes that can apply to all users.
This plugin allows an IS server admin to specify user properties (attributes) and values that will be applied to all users. This can be handy when a service provider
needs organization specific information.
This plugin is designed to work with WSO2 Identity Server 4.2/Ellucian Identity Service 1.1.
The following steps are needed to apply this plugin:
mvn clean package
.wso2-static-attributes-injector-<VERSION>.jar
to <EIS-CARBON_HOME>/repository/components/lib/
.<EIS-CARBON_HOME>/repository/conf/user-mgt.xml
as described below.adusmsai.xml
to <EIS-CARBON_HOME>/repository/conf/
.adusmsai.xml
as described below.user-mgt.xml
SettingsUpdate user-mgt.xml
to utilize the ActiveDirectoryUserStoreManagerStaticAttributeInjector
class instead of
ActiveDirectoryUserStoreManager
by changing:
rStoreManager class="org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager">
to:
rStoreManager class="net.unicon.carbon.user.ldap.ActiveDirectoryUserStoreManagerStaticAttributeInjector">
adusmsai.xml
File Description and Formatadusmsai.xml
is used to instruct the plugin as to which attributes and values should be injected into the user profile when IS query user properties.
The following example provides two attributes (schoolCode and eduPersonAffiliation) and their respective values that all users will receive regardless of what the AD/LDAP server indicates:
l version="1.0" encoding="UTF-8"?>
ticAttributes>
<attribute name="schoolCode">
<value>123456</value>
</attribute>
<attribute name="eduPersonAffiliation">
<value>member</value>
<value>student</value>
</attribute>
aticAttributes>
It should be trivial to clone the ActiveDirectoryUserStoreManagerStaticAttributeInjector
class so that its logic can support other UserStoreManager implementations.