Versions Compared

Old Version 5

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migration of unmigrated content due to installation of a new plugin

...

Let's add the role Anonymous to the list of all authorities (aka roles). By default, the "all authorities search" is the bean with id allAuthoritiesSearch in applicationContext-pentaho-security-ldap.xml. We want to edit allAuthoritiesSearch by first wrapping the existing search into a UnionizingLdapSearch. This is shown below. Note how the id attribute has been moved from the GenericLdapSearch below to the UnionizingLdapSearch.

Code Block
xml
xml
titleWrapping the allAuthoritiesSearch bean with a UnionizingLdapSearchxml
<bean id="allAuthoritiesSearch" class="org.pentaho.platform.plugin.services.security.userrole.ldap.search.UnionizingLdapSearch">
  <property name="searches">
    <set>
      <bean class="org.pentaho.platform.plugin.services.security.userrole.ldap.search.GenericLdapSearch">
        <!-- omitted for brevity; notice that the id has been removed for this bean -->
      </bean>
    </set>
  </property>
</bean>

Now we have the ability to add other searches and UnionizingLdapSearch will automatically merge all the search results. Here's where StaticListLdapSearch comes in. We'll add that as the "other" search. As stated before, it simply returns the list that is set as its staticList property. Shown below is how a StaticListLdapSearch would be used alone.

Code Block
xml
xml
titleUsing the StaticListLdapSearchxml
<bean class="org.pentaho.platform.plugin.services.security.userrole.ldap.search.StaticListLdapSearch">
  <property name="staticList">
    <list>
      <!-- could be any bean or string value -->
      <bean class="org.springframework.security.GrantedAuthorityImpl">
        <constructor-arg value="Anonymous" />
      </bean>
    </list>
  </property>
</bean>

Finally, let's put it all together. Shown below is the complete solution.

Code Block
xml
xml
titleapplicationContext-pentaho-security-ldap.xmlxml
<bean id="allAuthoritiesSearch" class="org.pentaho.platform.plugin.services.security.userrole.ldap.search.UnionizingLdapSearch">
  <property name="searches">
    <set>
      <bean class="org.pentaho.platform.plugin.services.security.userrole.ldap.search.GenericLdapSearch">
        <constructor-arg index="0" ref="contextSource" />
        <constructor-arg index="1">
          <bean class="org.pentaho.platform.plugin.services.security.userrole.ldap.search.LdapSearchParamsFactoryImpl">
            <constructor-arg index="0" value="ou=roles" />
            <constructor-arg index="1" value="objectClass=organizationalRole" />
          </bean>
        </constructor-arg>
        <constructor-arg index="2">
          <bean class="org.apache.commons.collections.functors.ChainedTransformer">
            <constructor-arg index="0">
              <list>
                <bean class="org.pentaho.platform.plugin.services.security.userrole.ldap.transform.SearchResultToAttrValueList">
                  <constructor-arg index="0" value="cn" />
                </bean>
                <bean class="org.pentaho.platform.plugin.services.security.userrole.ldap.transform.StringToGrantedAuthority">
                  <property name="rolePrefix" value="" />
                  <property name="convertToUpperCase" value="false" />
                </bean>
              </list>
            </constructor-arg>
          </bean>
        </constructor-arg>
      </bean>
      <bean class="org.pentaho.platform.plugin.services.security.userrole.ldap.search.StaticListLdapSearch">
        <property name="staticList">
          <list>
            <bean class="org.springframework.security.GrantedAuthorityImpl">
              <constructor-arg value="Anonymous" />
            </bean>
          </list>
        </property>
      </bean>
    </set>
  </property>
</bean>