<?xml version="1.0" encoding="utf-8"?>
|
<!--
|
! CDDL HEADER START
|
!
|
! The contents of this file are subject to the terms of the
|
! Common Development and Distribution License, Version 1.0 only
|
! (the "License"). You may not use this file except in compliance
|
! with the License.
|
!
|
! You can obtain a copy of the license at
|
! trunk/opends/resource/legal-notices/OpenDS.LICENSE
|
! or https://OpenDS.dev.java.net/OpenDS.LICENSE.
|
! See the License for the specific language governing permissions
|
! and limitations under the License.
|
!
|
! When distributing Covered Code, include this CDDL HEADER in each
|
! file and include the License file at
|
! trunk/opends/resource/legal-notices/OpenDS.LICENSE. If applicable,
|
! add the following below this CDDL HEADER, with the fields enclosed
|
! by brackets "[]" replaced with your own identifying information:
|
! Portions Copyright [yyyy] [name of copyright owner]
|
!
|
! CDDL HEADER END
|
!
|
!
|
! Copyright 2007-2010 Sun Microsystems, Inc.
|
! -->
|
<adm:managed-object name="regular-expression-identity-mapper"
|
plural-name="regular-expression-identity-mappers"
|
package="org.opends.server.admin.std" extends="identity-mapper"
|
xmlns:adm="http://www.opends.org/admin"
|
xmlns:ldap="http://www.opends.org/admin-ldap">
|
<adm:synopsis>
|
The
|
<adm:user-friendly-name />
|
provides a way to use a regular expression to translate the
|
provided identifier when searching for the appropriate user entry.
|
</adm:synopsis>
|
<adm:description>
|
This may be used, for example, if the provided identifier is
|
expected to be an e-mail address or Kerberos principal, but only the
|
username portion (the part before the "@" symbol) should be used in
|
the mapping process. Note that a replacement will be made only if
|
all or part of the provided ID string matches the given match
|
pattern. If no part of the ID string matches the provided
|
pattern, the given ID string is used without any alteration.
|
</adm:description>
|
<adm:profile name="ldap">
|
<ldap:object-class>
|
<ldap:name>ds-cfg-regular-expression-identity-mapper</ldap:name>
|
<ldap:superior>ds-cfg-identity-mapper</ldap:superior>
|
</ldap:object-class>
|
</adm:profile>
|
<adm:property-override name="java-class" advanced="true">
|
<adm:default-behavior>
|
<adm:defined>
|
<adm:value>
|
org.opends.server.extensions.RegularExpressionIdentityMapper
|
</adm:value>
|
</adm:defined>
|
</adm:default-behavior>
|
</adm:property-override>
|
<adm:property name="match-attribute" mandatory="true"
|
multi-valued="true">
|
<adm:synopsis>
|
Specifies the name or OID of the attribute whose value should
|
match the provided identifier string after it has been processed
|
by the associated regular expression.
|
</adm:synopsis>
|
<adm:description>
|
All values must refer to the name or OID of an attribute type
|
defined in the Directory Server schema. If multiple attributes
|
or OIDs are provided, at least one of those attributes must contain
|
the provided ID string value in exactly one entry.
|
</adm:description>
|
<adm:default-behavior>
|
<adm:defined>
|
<adm:value>
|
uid
|
</adm:value>
|
</adm:defined>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:attribute-type />
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-match-attribute</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="match-base-dn" mandatory="false" multi-valued="true">
|
<adm:synopsis>
|
Specifies the base DN(s) that should be used when performing
|
searches to map the provided ID string to a user entry. If multiple
|
values are given, searches are performed below all the specified base DNs.
|
</adm:synopsis>
|
<adm:default-behavior>
|
<adm:alias>
|
<adm:synopsis>
|
The server searches below all public naming contexts.
|
</adm:synopsis>
|
</adm:alias>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:dn />
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-match-base-dn</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="match-pattern" mandatory="true">
|
<adm:synopsis>
|
Specifies the regular expression pattern that is used to
|
identify portions of the ID string that will be replaced.
|
</adm:synopsis>
|
<adm:description>
|
Any portion of the ID string that matches this pattern is
|
replaced in accordance with the provided replace pattern (or is
|
removed if no replace pattern is specified). If multiple
|
substrings within the given ID string match this pattern, all
|
occurrences are replaced. If no part of the given ID string
|
matches this pattern, the ID string is not altered. Exactly one
|
match pattern value must be provided, and it must be a
|
valid regular expression as described in the API documentation for
|
the java.util.regex.Pattern class, including support for capturing
|
groups.
|
</adm:description>
|
<adm:syntax>
|
<adm:string>
|
<adm:pattern>
|
<adm:regex>.*</adm:regex>
|
<adm:usage>REGEXP</adm:usage>
|
<adm:synopsis>
|
Any valid regular expression pattern which is supported by the
|
javax.util.regex.Pattern class
|
(see http://download.oracle.com/docs/cd/E17409_01/javase/6/docs/api/java/util/regex/Pattern.html
|
for documentation about this class for Java SE 6).
|
</adm:synopsis>
|
</adm:pattern>
|
</adm:string>
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-match-pattern</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
<adm:property name="replace-pattern">
|
<adm:synopsis>
|
Specifies the replacement pattern that should be used for
|
substrings in the ID string that match the provided regular
|
expression pattern.
|
</adm:synopsis>
|
<adm:description>
|
If no replacement pattern is provided, then any matching portions
|
of the ID string will be removed (i.e., replaced with an empty
|
string). The replacement pattern may include a string from a
|
capturing group by using a dollar sign ($) followed by an integer
|
value that indicates which capturing group should be used.
|
</adm:description>
|
<adm:default-behavior>
|
<adm:alias>
|
<adm:synopsis>
|
The replace pattern will be the empty string.
|
</adm:synopsis>
|
</adm:alias>
|
</adm:default-behavior>
|
<adm:syntax>
|
<adm:string>
|
<adm:pattern>
|
<adm:regex>.*</adm:regex>
|
<adm:usage>REGEXP</adm:usage>
|
<adm:synopsis>
|
Any valid replacement string that is allowed by the
|
javax.util.regex.Matcher class.
|
</adm:synopsis>
|
</adm:pattern>
|
</adm:string>
|
</adm:syntax>
|
<adm:profile name="ldap">
|
<ldap:attribute>
|
<ldap:name>ds-cfg-replace-pattern</ldap:name>
|
</ldap:attribute>
|
</adm:profile>
|
</adm:property>
|
</adm:managed-object>
|
