Off the Applications container we have stored our Actions and our Application Roles. We are building a new application to allow us to programatically add the role privileges into the LDAP.
I am able to add my actions (an ou entry), but not the final leaf off my actions (a cn entry).
My java code for adding the action (node prior to the role) is:
// This works fine
String newfpRoleDn = preFix + "=" + fpRole + "," + fpRoleDn;
ctx = ldapSearcher.getDirContext();
BasicAttributes attrs = null;
Attribute attr = null;
attrs = new BasicAttributes();
attr = new BasicAttribute(preFix, fpRole);
attrs.put(attr);
attr = new BasicAttribute("objectClass", "organizationalUnit");
attrs.put(attr);
ctx.createSubcontext(newfpRoleDn, attrs);
ctx.close();
My java code for adding the role is something like this:
// this is not working
BasicAttributes myAttrs = new BasicAttributes(true);
Attribute oc = new BasicAttribute("objectclass");
oc.add("top");
oc.add("organizationalRole");
myAttrs.put(oc);
myAttrs.put("cn",newRoleDn);
// When I use bind I get the error:
// [LDAP: error code 17 - Undefined Attribute Type]; remaining name 'ou=ReportAdministrator_EVENSTEVENOLD,ou=DHFSDCFSdWAccess,ou=dWisacwis,ou=Applications,ou='
ctx.bind(roleDn, newRoleDn, myAttrs);
// When I use the createSubcontext I get the error:
// [LDAP: error code 19 - NDS error: syntax violation (-613)]; remaining name 'cn=DHFSDCFSdWReportAdministrator_VVVVEEEEEODS,ou=Re ...
ctx.createSubcontext(newRoleDn, myAttrs);
ctx.close();
I can add organizations, I can add individuals, I can add attributes to organizations or individuals. I can add actions, but I am not able to add an Application Role.
Can someone help me please? Every example I see is adding a person. Not all adds are people.
Thanks
-
No Profile PictureRegistered UserDevshed Newbie (0 - 499 posts)
- Join Date
- Jan 2009
- Posts
- 2
- Rep Power
- 0
Using Novels LDAP unable to add leaf that is not a User
-
No Profile PictureRegistered UserDevshed Newbie (0 - 499 posts)
- Join Date
- Jan 2009
- Posts
- 2
- Rep Power
- 0
Originally Posted by sharvancik
Should be able to use the
ctx.createSubcontext(newRoleDn, myAttrs);
but remove the line prior to it
myAttrs.put("cn",newRoleDn);
and it indeed works!!!!! -
No Profile PictureContributing UserDevshed Newbie (0 - 499 posts)
- Join Date
- Jan 2009
- Location
- Charlotte, NC
- Posts
- 111
- Rep Power
- 13
I'm not a developer but I know LDAP pretty well. All entries added to LDAP are done the same, you build and LDIF formatted entry and then import it into the Directory server.
My java code for adding the action (node prior to the role) is:
// This works fine
String newfpRoleDn = preFix + "=" + fpRole + "," + fpRoleDn;
ctx = ldapSearcher.getDirContext();
BasicAttributes attrs = null;
Attribute attr = null;
attrs = new BasicAttributes();
attr = new BasicAttribute(preFix, fpRole);
attrs.put(attr);
attr = new BasicAttribute("objectClass", "organizationalUnit");
attrs.put(attr);
ctx.createSubcontext(newfpRoleDn, attrs);
ctx.close();
Now based on your code for adding the ACTION, this is what your variables mean
preFix=ou
fpRole=<name of Action>
fpRoleDn=<ldap base you want to add Action to>
BasicAttribute Objectclass=organizationalUnit
This will build an LDIF entry like;
dn: ou=MyAction,dc=MyDomain,dc=com
objectclass: organizationalUnit
ou: MyAction
So to add a ROLE (cn=) will be the same code different vaiable values
preFix=cn
fpRole=<name of Role>
fpRoleDn=<ldap base you want to add Role to which is now ou=MyAction,dc=MyDomain,dc=com>
BasicAttribute Objectclass=organizationalRole
This will now build an LDIF entry like;
dn: cn=Myrole,ou=MyAction,dc=MyDomain,dc=com
objectclass: organizationalRole
cn: Myrole
NOTE: objectclass=organizationalRole may have other REQUIRED attributes.
Objectclass=organizationalUnit only requires attributes (objectclass, ou)
January 27th, 2009, 03:36 PM
Reply With Quote
January 28th, 2009, 01:45 PM
January 28th, 2009, 04:44 PM
