...
| Code Block |
|---|
#####################################
## External subjects
#####################################
externalSubjects.desc.el = ${grouperUtil.appendIfNotBlankString(externalSubject.name, ' - ', externalSubject.institution)}
# true if the description should be managed via EL (config above)
externalSubjects.desc.manual = false
# quartz cron where subjects are recalculated if necessary (empty means dont run), e.g. everyday at 3am
externalSubjects.calc.fields.cron = 0 0 3 * * ?
externalSubjects.name.required = true
externalSubjects.email.required = false
externalSubjects.email.enabled = true
# these field names (uuid, institution, identifier, uuid, email, name) or attribute names
# will be toLowered, and appended with comma separators
externalSubjects.searchStringFields = name, institution, identifier, uuid, email, jabber
externalSubjects.institution.required = false
externalSubjects.institution.enabled = true
# this can change, and is shown on screen
externalSubjects.attributes.jabber.friendlyName = Jabber ID
# note, this must be only alphanumeric lower case or underscore
# (valid db column name, subject attribute name)
externalSubjects.attributes.jabber.systemName = jabber
externalSubjects.attributes.jabber.required = false
# comment on column in DB (no special characters allowed)
externalSubjects.attributes.jabber.comment = The jabber ID of the user
# if wheel or root can edit external users
externalSubjects.wheelOrRootCanEdit = true
# group which is allowed to edit external users
externalSubjects.groupAllowedForEdit =
# if the view on the external subjects should be created.
# turn this off if it doesnt compile, othrewise should be fine
externalSubjects.createView = true
# grouper can auto create a jdbc2 source for the external subjects
externalSubjects.autoCreateSource = true
# put in fully qualified classes to add to the EL context. Note that they need a default constructor
# comma separated. The alias will be the simple class name without a first cap.
# e.g. if the class is test.Test the alias is "test"
externalSubjects.customElClasses =
|
Built in field metadata
The built in subject fields can be enabled/disabled or required or not. Things like email are in the subject table since they might be common in deployments.
| Code Block |
|---|
externalSubjects.name.required = true
externalSubjects.email.required = false
externalSubjects.email.enabled = true
externalSubjects.institution.required = false
externalSubjects.institution.enabled = true
|
External subject attributes
Grouper will allow configuration of which external subject attributes to keep for all external users. E.g. phone, email, jabber, firstName, lastName, etc. This will be in the grouper.properties. You can configure the friendly name, comment, if required, etc
| Code Block |
|---|
# this can change, and is shown on screen
externalSubjects.attributes.jabber.friendlyName = Jabber ID
# note, this must be only alphanumeric lower case or underscore
# (valid db column name, subject attribute name)
externalSubjects.attributes.jabber.systemName = jabber
externalSubjects.attributes.jabber.required = false
# comment on column in DB (no special characters allowed)
externalSubjects.attributes.jabber.comment = The jabber ID of the user
|
Pluggability
...
# change these to affect the storage where external subjects live (e.g. to store in ldap),
# must implement each respective storable interface
externalSubjects.storage.ExternalSubjectStorable.class = edu.internet2.middleware.grouper.externalSubjects.ExternalSubjectDbStorage
externalSubjects.storage.ExternalSubjectAttributeStorable.class = edu.internet2.middleware.grouper.externalSubjects.ExternalSubjectAttributeDbStorage
|
Built in field metadata
The built in subject fields can be enabled/disabled or required or not. Things like email are in the subject table since they might be common in deployments.
| Code Block |
|---|
externalSubjects.name.required = true
externalSubjects.email.required = false
externalSubjects.email.enabled = true
externalSubjects.institution.required = false
externalSubjects.institution.enabled = true
|
External subject attributes
Grouper will allow configuration of which external subject attributes to keep for all external users. E.g. phone, email, jabber, firstName, lastName, etc. This will be in the grouper.properties. You can configure the friendly name, comment, if required, etc
| Code Block |
|---|
# this can change, and is shown on screen
externalSubjects.attributes.jabber.friendlyName = Jabber ID
# note, this must be only alphanumeric lower case or underscore
# (valid db column name, subject attribute name)
externalSubjects.attributes.jabber.systemName = jabber
externalSubjects.attributes.jabber.required = false
# comment on column in DB (no special characters allowed)
externalSubjects.attributes.jabber.comment = The jabber ID of the user
|
Pluggability
This should use the Grouper UI pluggable authenticator so that Shib or non-Shib authentication would work or would be pluggable.
The storage needs to be pluggable also so someone could use a different storage e.g. ldap. Implement the external subject storable interfaces (one for subject, one for attribute). The built in implementation just call the Grouper DAO to store in the Grouper DB
| Code Block |
|---|
# change these to affect the storage where external subjects live (e.g. to store in ldap),
# must implement each respective storable interface
externalSubjects.storage.ExternalSubjectStorable.class = edu.internet2.middleware.grouper.externalSubjects.ExternalSubjectDbStorage
externalSubjects.storage.ExternalSubjectAttributeStorable.class = edu.internet2.middleware.grouper.externalSubjects.ExternalSubjectAttributeDbStorage
|
Here are examples of the interfaces:
| Code Block |
|---|
package edu.internet2.middleware.grouper.externalSubjects;
import java.util.Set;
import edu.internet2.middleware.grouper.internal.dao.QueryOptions;
/**
* implement this to change how external subjects are stored
* @author mchyzer
*/
public interface ExternalSubjectStorable {
/**
* find all external subjects which have a disabled date which are not disabled
* @return the set of subjects
*/
public Set<ExternalSubject> findAllDisabledMismatch();
/**
* find all external subjects
* @return the set of subjects
*/
public Set<ExternalSubject> findAll();
/**
* find an external subject by identifier
* @param identifier
* @param exceptionIfNotFound
* @param queryOptions
* @return the external subject or null or exception
*/
ExternalSubject findByIdentifier(String identifier, boolean exceptionIfNotFound, QueryOptions queryOptions);
/**
* delete an external subject and all its attributes
* @param externalSubject
*/
void delete(ExternalSubject externalSubject);
/**
* insert or update an external subject to the DB
* @param externalSubject
*/
void saveOrUpdate( ExternalSubject externalSubject );
}
|
| Code Block |
|---|
package edu.internet2.middleware.grouper.externalSubjects;
import java.util.Set;
import edu.internet2.middleware.grouper.internal.dao.QueryOptions;
/**
* implement this to change how external subjects are stored
* @author mchyzer
*/
public interface ExternalSubjectStorable {
/**
* find all external subjects which have a disabled date which are not disabled
* @return the set of subjects
*/
public Set<ExternalSubject> findAllDisabledMismatch();
/**
* find all external subjects
* @return the set of subjects
*/
public Set<ExternalSubject> findAll();
/**
* find an external subject by identifier
* @param identifier
* @param exceptionIfNotFound
* @param queryOptions
* @return the external subject or null or exception
*/
ExternalSubject findByIdentifier(String identifier, boolean exceptionIfNotFound, QueryOptions queryOptions);
/**
* delete an external subject and all its attributes
* @param externalSubject
*/
void delete(ExternalSubject externalSubject);
/**
* insert or update an external subject to the DB
* @param externalSubject
*/
void saveOrUpdate( ExternalSubject externalSubject );
}
|
Calculated fields
Some fields are or can be calculated. The search string (string where subject searches are based on) is based on certain fields, and the description can be based on expression language. These calculations will be recalculated whenever a subject is changed (or attributes), or when the daemon runs.
...