Adapting the LDAP transformation file

Describes how to adapt the LDAP transformation XSL file to suit your LDAP schema.

The default LDAPTransformation.xsl file maps predefined staff verbs to LDAP queries, which make use of elements of the default LDAP schema assumed by WebSphere. This schema assumes the following:
If your LDAP schema features different object class and attribute names, you must change these settings in the LDAP transformation files that you use. For the default LDAPTransformation.xsl file, changing the setting can be done in the variable declaration part of the file:
  <xsl:variable name="DefaultGroupClass">groupOfNames</xsl:variable>
  <xsl:variable name="DefaultGroupClassMemberAttribute">member</xsl:variable>
  
  <xsl:variable name="DefaultPersonClass">inetOrgPerson</xsl:variable>
  <xsl:variable name="DefaultUserIDAttribute">uid</xsl:variable>
  <xsl:variable name="DefaultMailAttribute">mail</xsl:variable>  
  <xsl:variable name="DefaultManagerAttribute">manager</xsl:variable>

You can apply changes within the XSL templates that transform the individual staff verbs, as illustrated in the following examples.

Example: DepartmentMembers

Changing the object class for person entries to ePerson and the login ID attribute to cn:
<sldap:StaffQueries>
  <xsl:attribute name="threshold">
    <xsl:value-of select="$Threshold">
  </xsl:attribute> 

  <sldap:search>
...
    <sldap:attribute>
      <xsl:attribute name="name">cn</xsl:attribute>
      <xsl:attribute name="objectclass">ePerson</xsl:attribute>
      <xsl:attribute name="usage">simple</xsl:attribute>
    </sldap:attribute>

  </sldap:search>
</sldap:StaffQueries>

Example: GroupMembers

Changing the object class for group entries to groupOfUniqueNames, the group entry attribute containing the member DN list to uniqueMember, and the person entry attribute containing the login in to cn:
<sldap:usersOfGroup>
...

  <sldap:attribute>
    <xsl:attribute name="name">uniqueMember</xsl:attribute>
    <xsl:attribute name="objectclass">groupOfUniqueNames</xsl:attribute>
    <xsl:attribute name="usage">recursive</xsl:attribute>
  </sldap:attribute> 

  ...
  <sldap:attribute>
    <xsl:attribute name="name">cn</xsl:attribute>
    <xsl:attribute name="objectclass">inetOrgPerson</xsl:attribute>
    <xsl:attribute name="usage">simple</xsl:attribute>
  </sldap:attribute>

</sldap:usersOfGroup>

Example: GroupMembersWithoutFilteredUsers

Changing the LDAP filter operator to >=.
<sldap:StaffQueries>
  <sldap:usersOfGroup>
    ...
  </sldap:usersOfGroup>

  <sldap:intermediateResult> 
    <xsl:attribute name="name">filteredusers</xsl:attribute>
    <sldap:search>
      <xsl:attribute name="filter">
        <xsl:value-of select="staff:parameter[@id='FilterAttribute']"/>
         >=
        <xsl:value-of select="staff:parameter[@id='FilterValue']"/>
      </xsl:attribute> 
     ...
    <sldap:search>
     ...
    
  </sldap:intermediateResult>
   ...
</sldap:StaffQueries>

Example: GroupSearch

Changing the search attribute to MyType, the object class to mypersonclass, and the attribute containing the login ID to myuid.
<sldap:StaffQueries>
 ...
  <sldap:search>
    <xsl:attribute name="filter">
      (&amp;
       ...
      <xsl:if test="staff:parameter[@id='MyType']!="">
       (<xsl:value-of select="$GS_Type"/>=
        <xsl:value-of select=staff:parameter[@id='Type']"/>)
      </xsl:if>
      )
       ...
    </xsl:attribute>

    <sldap:attribute> 
      <xsl:attribute name="name">myuid</xsl:attribute>
      <xsl:attribute name="objectclass">mypersonclass</xsl:attribute>
      <xsl:attribute name="usage">simple</xsl:attribute>
    </sldap:attribute> 
     ...
  <sldap:search>
</sldap:StaffQueries>

Example: Manager of Employee

Changing the attribute containing the manager DN to managerentry and the source of the manager login ID attribute to name.
<sldap:StaffQueries>
 
  <sldap:intermediateResult>
   ...
    <sldap:user>
     ...
      <xsl:attribute name="name">managerentry</xsl:attribute>
       ...
     </sldap:user>
   </sldap:intermediateResult>

  <sldap:user>
   ...
    <xsl:attribute name="name">name</xsl:attribute>
     ...
  </sldap:user>
</sldap:StaffQueries>

Example: PersonSearch

Changing the search attribute to MyAttribute, the object class to mypersonclass, and the source of the return attribute to myuid.
<sldap:StaffQueries>
 ...
  <sldap:search>
    <xsl:attribute name="filter">
      (&amp;
       ...
      <xsl:if test="staff:parameter[@id='MyAttribute']!="">
       (<xsl:value-of select="$PS_UserID"/>=
        <xsl:value-of select=staff:parameter[@id='UserID']"/>)
      )
      </xsl:if>
       ...
    </xsl:attribute>

    <sldap:attribute> 
      <xsl:attribute name="name">myuid</xsl:attribute>
      <xsl:attribute name="objectclass">mypersonclass</xsl:attribute>
      <xsl:attribute name="usage">simple</xsl:attribute>
    </sldap:attribute> 
     ...
  </sldap:search>
</sldap:StaffQueries>

Example: Users

Changing the source of the return attribute to myuid and the object class to mypersonclass.
<sldap:user>
 ...
  <xsl:attribute name="attribute">myuid</xsl:attribute>
  <xsl:attribute name="objectclass">mypersonclass</xsl:attribute>
</sldap:user>

Terms of use | | Broken links

Last updated: Tue Dec 06 04:14:39 2005

(c) Copyright IBM Corporation 2005.
This information center is powered by Eclipse technology (http://www.eclipse.org)