From 721e85ff4f30945c9952bacbcbd4fa05a6bb613f Mon Sep 17 00:00:00 2001
From: Mark Craig <mark.craig@forgerock.com>
Date: Fri, 04 Jul 2014 12:34:37 +0000
Subject: [PATCH] Backport CR-3951 Fix for OPENDJ-1499: Note that REST mappings/namingStrategies are single-level
---
opendj-sdk/opends/src/main/docbkx/admin-guide/chap-rest-operations.xml | 24 +++++++++++++++++-------
opendj-sdk/opends/src/main/docbkx/admin-guide/appendix-rest2ldap.xml | 24 ++++++++++++++++--------
2 files changed, 33 insertions(+), 15 deletions(-)
diff --git a/opendj-sdk/opends/src/main/docbkx/admin-guide/appendix-rest2ldap.xml b/opendj-sdk/opends/src/main/docbkx/admin-guide/appendix-rest2ldap.xml
index 47fa9ba..03dde18 100644
--- a/opendj-sdk/opends/src/main/docbkx/admin-guide/appendix-rest2ldap.xml
+++ b/opendj-sdk/opends/src/main/docbkx/admin-guide/appendix-rest2ldap.xml
@@ -20,20 +20,18 @@
!
! CCPL HEADER END
!
- ! Copyright 2013 ForgeRock AS
+ ! Copyright 2013-2014 ForgeRock AS
!
-->
<appendix xml:id='appendix-rest2ldap'
xmlns='http://docbook.org/ns/docbook' version='5.0' xml:lang='en'
xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'
- xsi:schemaLocation='http://docbook.org/ns/docbook http://docbook.org/xml/5.0/xsd/docbook.xsd'
- xmlns:xlink='http://www.w3.org/1999/xlink'
- xmlns:xinclude='http://www.w3.org/2001/XInclude'>
+ xsi:schemaLocation='http://docbook.org/ns/docbook
+ http://docbook.org/xml/5.0/xsd/docbook.xsd'
+ xmlns:xlink='http://www.w3.org/1999/xlink'>
<title>REST LDAP Configuration</title>
<indexterm><primary>REST</primary></indexterm>
<indexterm><primary>HTTP</primary></indexterm>
- <!-- This belongs in an OpenDJ reference. Ultimately this doc should
- be generated, too, rather than written by hand. CREST-71? -->
<itemizedlist>
<para>OpenDJ offers two alternatives for RESTful access to directory
@@ -664,8 +662,18 @@
<varlistentry>
<term>"namingStrategy" (required)</term>
<listitem>
- <para>The approach used to map LDAP entry names to JSON resources. The
- following naming strategies are supported.</para>
+ <para>
+ The approach used to map LDAP entry names to JSON resources.
+ </para>
+
+ <para>
+ LDAP entries mapped to JSON resources
+ must be immediate subordinates of the mapping's "baseDN".
+ </para>
+
+ <para>
+ The following naming strategies are supported.
+ </para>
<itemizedlist>
<listitem>
diff --git a/opendj-sdk/opends/src/main/docbkx/admin-guide/chap-rest-operations.xml b/opendj-sdk/opends/src/main/docbkx/admin-guide/chap-rest-operations.xml
index 3848bca..19bf045 100644
--- a/opendj-sdk/opends/src/main/docbkx/admin-guide/chap-rest-operations.xml
+++ b/opendj-sdk/opends/src/main/docbkx/admin-guide/chap-rest-operations.xml
@@ -193,13 +193,23 @@
uid: bjensen
</programlisting>
- <para>Given this pattern in the user entries, the default REST to LDAP
- configuration assumes that the user name on the HTTP side is the value of
- the user ID, and that user entries can be found under
- <literal>ou=People,dc=example,dc=com</literal>. In other words, Babs Jensen
- authenticates as <literal>bjensen</literal> (password:
- <literal>hifalutin</literal>) over HTTP. This is mapped for an LDAP bind
- to the bind DN <literal>uid=bjensen,ou=People,dc=example,dc=com</literal>.</para>
+ <para>
+ Given this pattern in the user entries,
+ the default REST to LDAP configuration assumes that the user name
+ on the HTTP side is the value of the user ID,
+ and that user entries can be found directly under
+ <literal>ou=People,dc=example,dc=com</literal>.<footnote>
+ <para>
+ In general, REST to LDAP mappings require
+ that LDAP entries mapped to JSON resources
+ be immediate subordinates of the mapping's baseDN.
+ </para>
+ </footnote>
+ In other words, Babs Jensen authenticates as <literal>bjensen</literal>
+ (password: <literal>hifalutin</literal>) over HTTP.
+ This is mapped for an LDAP bind to the bind DN
+ <literal>uid=bjensen,ou=People,dc=example,dc=com</literal>.
+ </para>
<para>With HTTP Basic authentication, it looks like this.</para>
--
Gitblit v1.10.0