Yes, you can do something like that in 3.5.2.
In short, you define all your attribute repositories in
deployerConfigContext.xml, giving them unique bean ids other than "
attributeRepository", and then you replace the "attributeRepository" bean
that came out-of-the-box with CAS with a new one that merges the contents
of the other repositories together:
<bean id="attributeRepository"
class="org.jasig.services.persondir.support.MergingPersonAttributeDaoImpl">
<property name="merger">
<bean
class="org.jasig.services.persondir.support.merger.NoncollidingAttributeAdder"
/>
</property>
<property name="personAttributeDaos">
<list>
<ref bean="myActiveDirectoryAttributeRepository" />
<ref bean="myLdapAttributeRepository" />
<ref bean="myOracleAttributeRepository" />
</list>
</property>
</bean>
The NoncollidingAttributeAdder used above adds attributes to the merged
repository only if they aren't already there. This means that, if two
directories both have an attribute of the same name, the first directory's
value will "win." There are other merging strategies available if you don't
like that one.
If you need more background about the above (such as how to configure the
individual attribute repositories), drop me a note off-list and I can send
you some step-by-step documentation.
--Dave
--
DAVID A. CURRY, CISSP
*DIRECTOR OF INFORMATION SECURITY*
INFORMATION TECHNOLOGY
71 FIFTH AVE., 9TH FL., NEW YORK, NY 10003
+1 212 229-5300 x4728 • [email protected]
[image: The New School]
On Wed, Mar 21, 2018 at 5:14 PM, Pablo Vidaurri <[email protected]>
wrote:
> sorry for resurrecting old thread ... is this possible starting with
> 5.1.0? Can I do something similar with 3.5.2?
>
> pull some attributes from ldap, pull additional attributes from oracle db,
> then merge attributes
>
> Yes, I know I need to upgrade :)
>
> -psv
>
> On Wednesday, November 30, 2016 at 2:41:32 PM UTC-6, Misagh Moayyed wrote:
>>
>> Already possible in 5.1.0.
>>
>> https://apereo.github.io/cas/development/integration/Attribu
>> te-Resolution.html
>>
>>
>>
>> --Misagh
>>
>>
>>
>> *From:* [email protected] [mailto:[email protected]] *On Behalf Of *Jeffrey
>> Wong
>> *Sent:* Wednesday, November 30, 2016 1:30 PM
>> *To:* CAS Community <[email protected]>
>>
>> *Subject:* [cas-user] CAS 5 is it possible to configure multiple jdbc
>> attribute repositories?
>>
>>
>>
>> I'm analyzing an upgrade to cas5 today, and I'm wondering if it's
>> possible to merge multiple JDBC attribute repositories together.
>>
>>
>>
>> In the docs, the following attributes are listed:
>>
>>
>>
>> # cas.authn.attributeRepository.jdbc.singleRow=true
>>
>> # cas.authn.attributeRepository.jdbc.requireAllAttributes=true
>>
>> # cas.authn.attributeRepository.jdbc.caseCanonicalization=NONE
>> |LOWER|UPPER
>>
>> # cas.authn.attributeRepository.jdbc.queryType=OR|AND
>>
>> # cas.authn.attributeRepository.jdbc.sql=SELECT * FROM table WHERE {0}
>>
>>
>>
>> Would it be possible to set up multiple repository queries so that
>> multiple jdbcs can be configured, similar to the jdbc auth handlers?
>>
>> (such as cas.authn.jdbc.query[0].sql=SELECT password FROM table WHERE
>> name=?)
>>
>>
>>
>> The above would be able to be configured as:
>>
>>
>>
>> # cas.authn.attributeRepository.jdbc[0].singleRow=true
>>
>> # cas.authn.attributeRepository.jdbc[0].requireAllAttributes=true
>>
>> # cas.authn.attributeRepository.jdbc[0].caseCanonicalization=N
>> ONE|LOWER|UPPER
>>
>> # cas.authn.attributeRepository.jdbc[0].queryType=OR|AND
>>
>> # cas.authn.attributeRepository.jdbc[0].sql=SELECT * FROM table WHERE {0}
>>
>>
>>
>> If this is possible it should at least be documented so other folks don't
>> have the same question :)
>>
>>
>>
>> Thanks!
>>
>> -Jeff
>>
>> --
>> - CAS gitter chatroom: https://gitter.im/apereo/cas
>> - CAS mailing list guidelines: https://apereo.github.io/cas/M
>> ailing-Lists.html
>> - CAS documentation website: https://apereo.github.io/cas
>> - CAS project website: https://github.com/apereo/cas
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>> To view this discussion on the web visit https://groups.google.com/a/ap
>> ereo.org/d/msgid/cas-user/82e9bf80-e646-403b-b17d-ead6a338dd
>> 9a%40apereo.org
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/82e9bf80-e646-403b-b17d-ead6a338dd9a%40apereo.org?utm_medium=email&utm_source=footer>
>> .
>>
>> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/2fd52e95-118e-4c03-9952-
> d9e5f4cc5d49%40apereo.org
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/2fd52e95-118e-4c03-9952-d9e5f4cc5d49%40apereo.org?utm_medium=email&utm_source=footer>
> .
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2Bd9XANgzHFS8nK8UxPQ2jppV_C1SgaksDwZW_SQ-oGUu3BUbQ%40mail.gmail.com.
