Child pages
  • Grouper LDAP GSH example
Skip to end of metadata
Go to start of metadata

This example shows how to do ldap stuff with GSH, e.g. to add members to a group based on LDAP results:

Add these to the grouper.properties, configure for your environment

ldap.url = ldaps://someldap.school.edu:636
ldap.baseDn = dc=school,dc=edu
ldap.user = uid=user,ou=people,dc=school,dc=edu
ldap.pass = xxxxxx

Then, add the vt-ldap.jar to the classpath (lib/custom dir?)

http://code.google.com/p/vt-middleware/downloads/detail?name=vt-ldap-3.3.4-dist.zip&can=2&qhttp://code.google.com/p/vt-middleware/downloads/detail?name=vt-ldap-3.3.4-dist.zip&can=2&q=

Run a GSH script:

gsh 0% grouperSession = GrouperSession.startRootSession();
edu.internet2.middleware.grouper.GrouperSession: 0980d118337042f0846c27bb45c57f39,'GrouperSystem','application'
gsh 1% groupName = "test:testGroup";
test:testGroup
gsh 2% searchDn = "ou=pennnames,dc=upenn,dc=edu";
ou=pennnames,dc=upenn,dc=edu
gsh 3% searchFilter = "(|(pennname=mchyzer)(pennname=bwh))";
(|(pennname=mchyzer)(pennname=bwh))
gsh 4% attributeName = "pennname";
pennname
gsh 5% group = new GroupSave(grouperSession).assignName(groupName).assignGroupNameToEdit(groupName).assignSaveMode(SaveMode.INSERT_OR_UPDATE).assignCreateParentStemsIfNotExist(true).save();
group: name='test:testGroup' displayName='test:testGroup' uuid='e7b54e4b2c4c42e288f7b6a667ffaec3'
gsh 7% ldapConfig = new edu.vt.middleware.ldap.LdapConfig(edu.internet2.middleware.grouper.cfg.GrouperConfig.getProperty("ldap.url"), edu.internet2.middleware.grouper.cfg.GrouperConfig.getProperty("ldap.baseDn"));
edu.vt.middleware.ldap.LdapConfig: edu.vt.middleware.ldap.LdapConfig@8836503::env={java.naming.provider.url=ldaps://penngroups.upenn.edu:636, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory}
gsh 8% ldapConfig.setBindDn(edu.internet2.middleware.grouper.cfg.GrouperConfig.getProperty("ldap.user"));
gsh 9% ldapConfig.setBindCredential(edu.internet2.middleware.grouper.cfg.GrouperConfig.getProperty("ldap.pass"));
gsh 10% factory = new edu.vt.middleware.ldap.pool.DefaultLdapFactory(ldapConfig);
edu.vt.middleware.ldap.pool.DefaultLdapFactory: edu.vt.middleware.ldap.pool.DefaultLdapFactory@252a17
gsh 11% pool = new edu.vt.middleware.ldap.pool.BlockingLdapPool(factory);
edu.vt.middleware.ldap.pool.BlockingLdapPool: edu.vt.middleware.ldap.pool.BlockingLdapPool@13e3940
gsh 12% ldap = pool.checkOut();
edu.vt.middleware.ldap.Ldap: edu.vt.middleware.ldap.Ldap@27078507::config=edu.vt.middleware.ldap.LdapConfig@8836503::env={java.naming.provider.url=ldaps://penngroups.upenn.edu:636, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory}
gsh 13% results = ldap.search(searchDn, new edu.vt.middleware.ldap.SearchFilter(searchFilter), new String[]{attributeName});
java.util.AbstractList$Itr: java.util.AbstractList$Itr@18a80d4
gsh 15% idSet = new LinkedHashSet();
gsh 16% while (results.hasNext()) {idSet.add(results.next().getAttributes().get(attributeName).get());}
gsh 17% pool.checkIn(ldap);
gsh 22% i = 0;
0
gsh 23% for (id : idSet) { print((i++) + ": '" + id + "'"); }
0: 'mchyzer'
1: 'bwh'
gsh 24% subjectSet = new LinkedHashSet();
gsh 25% for (id : idSet) {subjectSet.add(SubjectFinder.findByIdOrIdentifier(id, true)); }
gsh 26% i = 0;
0
gsh 27% for (subject : subjectSet) { print((i++) + ": " + GrouperUtil.subjectToString(subject)); }
0: Subject id: 10021368, sourceId: pennperson
1: Subject id: 12345678, sourceId: pennperson
gsh 30% for (subject : subjectSet) {if (subject != null) {group.addMember(subject, false);}}
gsh 31% getMembers(groupName);
member: id='12345678' type='person' source='pennperson' uuid='198871f13ea348398ec2259671e8c751'
member: id='10021368' type='person' source='pennperson' uuid='8f747990d45b44a99371efb256682d20'

sdf

  • No labels