default-ldap-users-directory-bundle.xml

Revision 29936, 3.6 kB (checked in by atchertchian, 1 year ago)
NXP-2051: make it possible to query an ldap directory with substring search subfinal or subany (fwd from r29934)
Property svn:eol-style set to `native` Property svn:keywords set to `Id`

Line
1	<?xml version="1.0"?>
2
3	<component name="org.nuxeo.ecm.directory.ldap.storage.users">
4	<implementation class="org.nuxeo.ecm.directory.ldap.LDAPDirectoryDescriptor" />
5	<implementation class="org.nuxeo.ecm.directory.ldap.LDAPServerDescriptor" />
6	<require>org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory</require>
7
8	<!-- the groups SQL directories are required to make this bundle work -->
9	<require>org.nuxeo.ecm.directory.sql.storage</require>
10
11	<extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory"
12	point="servers">
13
14	<!-- Configuration of a server connection
15
16	A single server declaration can point to a cluster of replicated
17	servers (using OpenLDAP's slapd + sluprd for instance). To leverage
18	such a cluster and improve availibility, please provide one
19	<ldapUrl/> tag for each replica of the cluster.
20	-->
21	<server name="default">
22
23	<ldapUrl>ldap://localhost:389</ldapUrl>
24	<!-- Optional servers from the same cluster for failover
25	and load balancing:
26
27	<ldapUrl>ldap://server2:389</ldapUrl>
28	<ldapUrl>ldaps://server3:389</ldapUrl>
29
30	"ldaps" means TLS/SSL connection.
31	-->
32
33	<!-- Credentials used by Nuxeo5 to browse the directory, create
34	and modify entries.
35
36	Only the authentication of users (bind) use the credentials entered
37	through the login form if any.
38	-->
39	<bindDn>cn=nuxeo5,ou=applications,dc=example,dc=com</bindDn>
40	<bindPassword>changeme</bindPassword>
41	</server>
42
43	</extension>
44
45	<extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory"
46	point="directories">
47
48	<directory name="userDirectory">
49	<server>default</server>
50	<schema>user</schema>
51	<idField>username</idField>
52	<passwordField>password</passwordField>
53
54	<searchBaseDn>ou=people,dc=example,dc=com</searchBaseDn>
55	<searchClass>person</searchClass>
56	<!-- To additionally restricte entries you can add an
57	arbitrary search filter such as the following:
58
59	<searchFilter>(&(sn=toto*)(myCustomAttribute=somevalue))</searchFilter>
60
61	Beware that "&" writes "&" in XML.
62	-->
63
64	<!-- use subtree if the people branch is nested -->
65	<searchScope>onelevel</searchScope>
66
67	<!-- using 'subany', search will match toto. use 'subfinal' to
68	match toto and 'subinitial' to match toto. subinitial is the
69	default behaviour-->
70	<substringMatchType>subany</substringMatchType>
71
72	<readOnly>false</readOnly>
73
74	<!-- comment <cache* /> tags to disable the cache -->
75	<!-- cache timeout in seconds -->
76	<cacheTimeout>3600</cacheTimeout>
77
78	<!-- maximum number of cached entries before global invalidation -->
79	<cacheMaxSize>1000</cacheMaxSize>
80
81	<creationBaseDn>ou=people,dc=example,dc=com</creationBaseDn>
82	<creationClass>top</creationClass>
83	<creationClass>person</creationClass>
84	<creationClass>organizationalPerson</creationClass>
85	<creationClass>inetOrgPerson</creationClass>
86	<rdnAttribute>uid</rdnAttribute>
87
88	<fieldMapping name="username">uid</fieldMapping>
89	<fieldMapping name="password">userPassword</fieldMapping>
90	<fieldMapping name="firstName">givenName</fieldMapping>
91	<fieldMapping name="lastName">sn</fieldMapping>
92	<fieldMapping name="company">o</fieldMapping>
93	<fieldMapping name="email">mail</fieldMapping>
94
95	<references>
96
97	<inverseReference field="groups" directory="groupDirectory"
98	dualReferenceField="members" />
99
100	</references>
101
102	</directory>
103
104	</extension>
105
106	</component>

Note: See TracBrowser for help on using the browser.

root/org.nuxeo.ecm.platform/trunk/nuxeo-platform-directory-ldap/examples/default-ldap-users-directory-bundle.xml

Download in other formats: