mirror of https://github.com/OpenIdentityPlatform/OpenDJ.git
parent: 84e187d7 | patch | commit | ignore whitespace
Mark Craig
04.32.2014 abcaee7c53a6ce508c77396fa7f85219d760c82f 
CR-3951 Fix for OPENDJ-1499: Note that REST mappings/namingStrategies are single-level
2 files modified
48 ■■■■■ changed files
opendj3-server-dev/src/main/docbkx/admin-guide/appendix-rest2ldap.xml 24 ●●●●● patch | view | raw | blame | history
opendj3-server-dev/src/main/docbkx/admin-guide/chap-rest-operations.xml 24 ●●●● patch | view | raw | blame | history 
 opendj3-server-dev/src/main/docbkx/admin-guide/appendix-rest2ldap.xml


@@ -20,20 +20,18 @@


  !


  ! CCPL HEADER END


  !


  !      Copyright 2013 ForgeRock AS


  !      Copyright 2013-2014 ForgeRock AS


  !


-->


<appendix xml:id='appendix-rest2ldap'


          xmlns='http://docbook.org/ns/docbook' version='5.0' xml:lang='en'


          xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'


          xsi:schemaLocation='http://docbook.org/ns/docbook http://docbook.org/xml/5.0/xsd/docbook.xsd'


          xmlns:xlink='http://www.w3.org/1999/xlink'


          xmlns:xinclude='http://www.w3.org/2001/XInclude'>


          xsi:schemaLocation='http://docbook.org/ns/docbook


                              http://docbook.org/xml/5.0/xsd/docbook.xsd'


          xmlns:xlink='http://www.w3.org/1999/xlink'>


 <title>REST LDAP Configuration</title>


 <indexterm><primary>REST</primary></indexterm>


 <indexterm><primary>HTTP</primary></indexterm>


 <!-- This belongs in an OpenDJ reference. Ultimately this doc should


      be generated, too, rather than written by hand. CREST-71? -->




 <itemizedlist>


  <para>OpenDJ offers two alternatives for RESTful access to directory


@@ -664,8 +662,18 @@


        <varlistentry>


         <term>"namingStrategy" (required)</term>


         <listitem>


          <para>The approach used to map LDAP entry names to JSON resources. The


          following naming strategies are supported.</para>


          <para>


           The approach used to map LDAP entry names to JSON resources.


          </para>




          <para>


           LDAP entries mapped to JSON resources


           must be immediate subordinates of the mapping's "baseDN".


          </para>




          <para>


           The following naming strategies are supported.


          </para>




          <itemizedlist>


           <listitem>




 opendj3-server-dev/src/main/docbkx/admin-guide/chap-rest-operations.xml


@@ -193,13 +193,23 @@


uid: bjensen


  </programlisting>




  <para>Given this pattern in the user entries, the default REST to LDAP


  configuration assumes that the user name on the HTTP side is the value of


  the user ID, and that user entries can be found under


  <literal>ou=People,dc=example,dc=com</literal>. In other words, Babs Jensen


  authenticates as <literal>bjensen</literal> (password:


  <literal>hifalutin</literal>) over HTTP. This is mapped for an LDAP bind


  to the bind DN <literal>uid=bjensen,ou=People,dc=example,dc=com</literal>.</para>


  <para>


   Given this pattern in the user entries,


   the default REST to LDAP configuration assumes that the user name


   on the HTTP side is the value of the user ID,


   and that user entries can be found directly under


   <literal>ou=People,dc=example,dc=com</literal>.<footnote>


    <para>


     In general, REST to LDAP mappings require


     that LDAP entries mapped to JSON resources


     be immediate subordinates of the mapping's baseDN.


    </para>


   </footnote>


   In other words, Babs Jensen authenticates as <literal>bjensen</literal>


   (password: <literal>hifalutin</literal>) over HTTP.


   This is mapped for an LDAP bind to the bind DN


   <literal>uid=bjensen,ou=People,dc=example,dc=com</literal>.


  </para>




  <para>With HTTP Basic authentication, it looks like this.</para>