Hola, alguien podría indicarme como capturar los campos de los usuarios, tales como:Nombre, Apellidos, IDempresa, email….En la configuración LDAP, del archivo ldap-authentication-context.xml tengo lo siguiente:<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
<beans>
<!– DAO that rejects changes - LDAP is read only at the moment. It does allow users to be deleted with out warnings from the UI. –>
<bean name="authenticationDao" class="org.alfresco.repo.security.authentication.DefaultMutableAuthenticationDao" >
<property name="allowDeleteUser">
<value>true</value>
</property>
</bean>
<bean id="authenticationComponent" class="org.alfresco.repo.security.authentication.ldap.LDAPAuthenticationComponentImpl">
<property name="LDAPInitialDirContextFactory">
<ref bean="ldapInitialDirContextFactory"/>
</property>
<property name="userNameFormat">
<!–
This maps between what the user types in and what is passed through to the underlying LDAP authentication.
"%s" - the user id is passed through without modification.
Used for LDAP authentication such as DIGEST-MD5, anything that is not "simple".
"cn=%s,ou=London,dc=company,dc=com" - If the user types in "Joe Bloggs" the authentricate as "cn=Joe Bloggs,ou=London,dc=company,dc=com"
Usually for simple authentication.
–>
<value>%s</value>
</property>
</bean>
<!–
This bean is used to support general LDAP authentication. It is also used to provide read only access to users and groups
to pull them out of the LDAP reopsitory
–>
<bean id="ldapInitialDirContextFactory" class="org.alfresco.repo.security.authentication.ldap.LDAPInitialDirContextFactoryImpl">
<property name="initialDirContextEnvironment">
<map>
<!– The LDAP provider –>
<entry key="java.naming.factory.initial">
<value>com.sun.jndi.ldap.LdapCtxFactory</value>
</entry>
<!– The url to the LDAP server –>
<!– Note you can use space separated urls - they will be tried in turn until one works –>
<!– This could be used to authenticate against one or more ldap servers (you will not know which one ….) –>
<entry key="java.naming.provider.url">
<value>ldap://ecmdc00.epmbogota.com:389</value>
</entry>
<!– The authentication mechanism to use –>
<!– Some sasl authentication mechanisms may require a realm to be set –>
<!– java.naming.security.sasl.realm –>
<!– The available options will depend on your LDAP provider –>
<entry key="java.naming.security.authentication">
<value>DIGEST-MD5</value>
</entry>
<!– The id of a user who can read group and user information –>
<!– This does not go through the pattern substitution defined above and is used "as is" –>
<entry key="java.naming.security.principal">
<value>CN=jira_ldap,OU=EPMBogota,DC=epmbogota,DC=com</value>
</entry>
<!– The password for the user defined above –>
<entry key="java.naming.security.credentials">
<value>jiraldap</value>
</entry>
</map>
</property>
</bean>
<bean id="ldapPeopleExportSource" class="org.alfresco.repo.security.authentication.ldap.LDAPPersonExportSource">
<!–
The query to select objects that represent the users to import.
For Open LDAP, using a basic schema, the following is probably what you want:
(objectclass=inetOrgPerson)
For Active Directory:
(objectclass=user)
–>
<property name="personQuery">
<value>(objectclass=user)</value>
</property>
<!–
The seach base restricts the LDAP query to a sub section of tree on the LDAP server.
–>
<property name="searchBase">
<value>dc=epmbogota,dc=com</value>
</property>
<!–
The unique identifier for the user.
THIS MUST MATCH WHAT THE USER TYPES IN AT THE LOGIN PROMPT
For simple LDAP authentication this is likely to be "cn" or, less friendly, "distinguishedName"
In OpenLDAP, using other authentication mechanisms "uid", but this depends on how you map
from the id in the LDAP authentication request to search for the inetOrgPerson against which
to authenticate.
In Active Directory this is most likely to be "sAMAccountName"
This property is mandatory and must appear on all users found by the query defined above.
–>
<property name="userIdAttributeName">
<value>uid</value>
</property>
<!– Services –>
<property name="LDAPInitialDirContextFactory">
<ref bean="ldapInitialDirContextFactory"/>
</property>
<property name="personService">
<ref bean="personService"></ref>
</property>
<property name="namespaceService">
<ref bean="namespaceService"/>
</property>
<!–
This property defines a mapping between attributes held on LDAP user objects and
the properties of user objects held in the repository. The key is the QName of an attribute in
the repository, the value is the attribute name from the user/inetOrgPerson/.. object in the
LDAP repository.
–>
<property name="attributeMapping">
<map>
<entry key="cm:userName">
<!– Must match the same attribute as userIdAttributeName –>
<value>uid</value>
</entry>
<entry key="cm:firstName">
<!– OpenLDAP: "givenName" –>
<!– Active Directory: "givenName" –>
<value>givenName</value>
</entry>
<entry key="cm:lastName">
<!– OpenLDAP: "sn" –>
<!– Active Directory: "sn" –>
<value>sn</value>
</entry>
<entry key="cm:email">
<!– OpenLDAP: "mail" –>
<!– Active Directory: "???" –>
<value>mail</value>
</entry>
<entry key="cm:organizationId">
<!– OpenLDAP: "o" –>
<!– Active Directory: "???" –>
<value>o</value>
</entry>
<!– Always use the default –>
<entry key="cm:homeFolderProvider">
<null/>
</entry>
</map>
</property>
<!– Set a default home folder provider –>
<!– Defaults only apply for values above –>
<property name="attributeDefaults">
<map>
<entry key="cm:homeFolderProvider">
<value>personalHomeFolderProvider</value>
</entry>
</map>
</property>
</bean>
</beans>
Agradezco cualquier ayuda.Saludos!!!
