1 Reply Latest reply on Aug 24, 2015 5:09 AM by moghaddam

    Where to put PicketLink XML configuration initialization code?

    moghaddam

      Hi

       

      As mentioned in PicketLink reference documentation, it's possible to configure its store by XML as:

       

      String configFilePath = "config/embedded-file-config.xml";

      ClassLoader tcl = Thread.currentThread().getContextClassLoader();

      InputStream configStream = tcl.getResourceAsStream(configFilePath);

      XMLConfigurationProvider xmlConfigurationProvider = new XMLConfigurationProvider();

      IdentityConfigurationBuilder idmConfigBuilder =

      xmlConfigurationProvider.readIDMConfiguration(configStream);

       

       

      I put the above code in my IdentityManagementConfiguration class as below:

       

      public class IdentityManagementConfiguration {

         public void observeIdentityConfigurationEvent(@Observes IdentityConfigurationEvent event){

        String configFilePath = "idm-bootstrap.xml";
         ClassLoader tcl = Thread.currentThread().getContextClassLoader();
         InputStream configStream = tcl.getResourceAsStream(configFilePath);
         XMLConfigurationProvider xmlConfigurationProvider = new XMLConfigurationProvider();
         IdentityConfigurationBuilder identityConfigurationBuilder = xmlConfigurationProvider.readIDMConfiguration(configStream);
         identityConfigurationBuilder.buildAll();
         }

      }

       

      Here is my XML configuration:

       

      <PicketLink xmlns="urn:picketlink:identity-federation:config:2.1">
        <PicketLinkIDM>
             <named value="ldap.config">
                  <stores>
                       <ldap>
                            <baseDN value="dc=moghaddam,dc=com"/>
                            <bindDN value="cn=Directory Manager"/>
                            <bindCredential value="111"/>
                            <url value="ldap://localhost:389"/>
                            <supportCredentials value="true"/>
                            <mapping value="org.picketlink.idm.model.basic.User">
                                 <baseDN value="ou=Users,dc=moghaddam,dc=com"/>
                                 <objectClasses value="inetOrgPerson"/>
                                 <attribute propertyName="firstName" ldapAttributeName="givenName" />
                                 <attribute propertyName="lastName" ldapAttributeName="sn" />
                                 <attribute propertyName="email" ldapAttributeName="mail" />
                                 <attribute propertyName="loginName" ldapAttributeName="cn" identifier="true" />
                                 <attribute propertyName="employeeNumber" ldapAttributeName="employeeNumber" />
                            </mapping>
                       </ldap>
                  </stores>
             </named>
        </PicketLinkIDM>
      </PicketLink>

       

      The observeIdentityConfigurationEvent method is being called successfully. But when I try to query a user that I'm sure exists in LDAP server, it returns no results. By debugging the getResultList method in DefaultIdentityQuery, I noticed the only identity store returned by the storeSelector is the default FileIdentityStore and there is no ldap store.

       

      What I've missed in my configuration or bootstrapping process? Is it correct to place the xml configuration code in the @Observes method or it should be placed somewhere else?

       

      Regards

      Ehsan

        • 1. Re: Where to put PicketLink XML configuration initialization code?
          moghaddam

          Finally I found the answer by reviewing the source of IdentityManagementConfiguration. The IdentityConfiguration generated through XMLConfigurationProvider has to be returned in a @Produces methods. It will then be picked up by IdentityManagementConfiguration. So my final code is something like this:

           

          @Produces
          public IdentityConfiguration generateIdentityConfiguration(){

            String configFilePath = "idm-bootstrap.xml";
             ClassLoader tcl = Thread.currentThread().getContextClassLoader();
             InputStream configStream = tcl.getResourceAsStream(configFilePath);
             XMLConfigurationProvider xmlConfigurationProvider = new XMLConfigurationProvider();
             IdentityConfigurationBuilder identityConfigurationBuilder = xmlConfigurationProvider.readIDMConfiguration(configStream);
             IdentityConfiguration identityConfiguration = identityConfigurationBuilder.build();

            return identityConfiguration;
          }

           

          Here is an excerpt from documentation of IdentityManagementConfiguration.java:

           

          /**
          * <p>The configuration is built depending on the existence of any {@link IdentityConfiguration} produced by the
          * application. If any configuration is found, it will be used. Otherwise the default configuration will be used.</p>
          *
          * <p>It's also possible to observe a specific event during the startup of the PicketLink IDM subsystem. In such
          * situations the application can provide any additional information as a last attempt before the subsystem is fully
          * initialized. See {@link org.picketlink.event.IdentityConfigurationEvent}.
          * </p>

          ...

          */


           

          Thanks for watching

          Ehsan