0 Replies Latest reply on Oct 29, 2015 3:32 AM by Stepan Severin

    How one can map many-to-many relationship with PicketLink(LDAP)

    Stepan Severin Newbie

      How one can configure PicketLink (LDAP) to create some baisc many-to-many relationship?

      Assume:

      User 0<-->* Role 0<-->* Permission

      So User can have multiple Role and Role can have multiple permissions.

       

      In PicketLink I can create some Role and add there some users(even custom classes):

       

      member:user1

      member:user2

       

       

      But how can I add some Permission to the same Role or another way to create this many to many realtionship in LDAP\PicketLink?

      So my Role will looks like this or similar:

       

      member:user1

      memberPermission: permission1

       

      I found some information:

      https://docs.jboss.org/picketlink/2/2.6.0.CR1/reference/html/ch09.html

      "The LDAP configuration supports the mapping of simple hierarchies (parent/child) of a single type."

      Is it so that LDAP can't do this?

       

      I also tryed to create some custom membership class for some custom mapping:

       

        .mapping(CustomGroup.class)

        .baseDN(CG_DN_SUFFIX)

           .objectClasses(GROUP_OF_NAMES)

           .attribute("name", CN, true)

           .readOnlyAttribute("createdDate", CREATE_TIMESTAMP)

           .parentMembershipAttributeName("member")

           //.parentMembershipAttributeName("usermember")

        .mapping(CustomGroupMembership.class)

        //configure which identity type is the owner of a relationship

        .forMapping(DcpPermissionGroup.class)

        .attribute("member", "member")

        .attribute("memberPermission", "memberPermission")

       

      But at run time I got some error and couldn't add this to my relationshipmanager.

       

      Have anyone seen good example of doing some many to many relationship in LDAP/PicketLink?

      Or may be have some solution to similar problem?