Created
June 6, 2016 13:25
-
-
Save paoneJP/4917b107eb49e75fd3b5a58e6a3295e3 to your computer and use it in GitHub Desktop.
HTTP Connection Handler configuration sample for OpenDJ. It enables to use SCIM 2.0 Schema.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{ | |
"authenticationFilter": { | |
"supportHTTPBasicAuthentication": true, | |
"supportAltAuthentication": true, | |
"altAuthenticationUsernameHeader": "X-SCIM-Username", | |
"altAuthenticationPasswordHeader": "X-SCIM-Password", | |
"searchBaseDN": "dc=openam,dc=forgerock,dc=org", | |
"searchScope": "one", | |
"searchFilterTemplate": "(&(uid=%s)(objectClass=inetOrgPerson))" | |
}, | |
"servlet": { | |
"mappings": { | |
"/Users": { | |
"baseDN": "ou=people,dc=openam,dc=forgerock,dc=org", | |
"readOnUpdatePolicy": "controls", | |
"useSubtreeDelete": false, | |
"usePermissiveModify": true, | |
"etagAttribute": "etag", | |
"namingStrategy": { | |
"strategy": "serverNaming", | |
"dnAttribute": "uid", | |
"idAttribute": "entryUUID" | |
}, | |
"additionalLDAPAttributes": [ | |
{ | |
"type": "objectClass", | |
"values": [ | |
"top", | |
"person", | |
"organizationalPerson", | |
"inetOrgPerson", | |
"inetUser", | |
"iPlanetPreferences", | |
"iplanet-am-user-service", | |
"iplanet-am-managed-person", | |
"iplanet-am-auth-configuration-service", | |
"sunAMAuthAccountLockout", | |
"sunIdentityServerLibertyPPService", | |
"sunFederationManagerDataStore", | |
"sunFMSAML2NameIdentifier", | |
"oathDeviceProfilesContainer", | |
"devicePrintProfilesContainer", | |
"kbaInfoContainer", | |
"forgerock-am-dashboard-service" | |
] | |
} | |
], | |
"attributes": { | |
"schemas": { | |
"constant": [ | |
"urn:ietf:params:scim:schemas:core:2.0:User", | |
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User" | |
] | |
}, | |
"_id": { | |
"simple": { | |
"ldapAttribute": "entryUUID", | |
"isSingleValued": true, | |
"writability": "readOnlyDiscardWrites" | |
} | |
}, | |
"_rev": { | |
"simple": { | |
"ldapAttribute": "etag", | |
"isSingleValued": true, | |
"writability": "readOnlyDiscardWrites" | |
} | |
}, | |
"id": { | |
"simple": { | |
"ldapAttribute": "entryUUID", | |
"isSingleValued": true, | |
"writability": "readOnlyDiscardWrites" | |
} | |
}, | |
"externalId": { | |
"simple": { | |
"ldapAttribute": "uid", | |
"isSingleValued": true, | |
"isRequired": true, | |
"writability": "createOnlyDiscardWrites" | |
} | |
}, | |
"userName": { | |
"simple": { | |
"ldapAttribute": "mail", | |
"isSingleValued": true, | |
"isRequired": true, | |
"writability": "readWrite" | |
} | |
}, | |
"name": { | |
"object": { | |
"formatted": { | |
"simple": { | |
"ldapAttribute": "cn", | |
"isSingleValued": true, | |
"writability": "readWrite" | |
} | |
}, | |
"givenName": { | |
"simple": { | |
"ldapAttribute": "givenName", | |
"isSingleValued": true, | |
"writability": "readWrite" | |
} | |
}, | |
"familyName": { | |
"simple": { | |
"ldapAttribute": "sn", | |
"isSingleValued": true, | |
"writability": "readWrite" | |
} | |
} | |
} | |
}, | |
"displayName": { | |
"simple": { | |
"ldapAttribute": "description", | |
"isSingleValued": true, | |
"writability": "readWrite" | |
} | |
}, | |
"title": { | |
"simple": { | |
"ldapAttribute": "title", | |
"isSingleValued": true, | |
"writability": "readWrite" | |
} | |
}, | |
"emails": { | |
"object": { | |
"value": { | |
"simple": { | |
"ldapAttribute": "mail", | |
"isSingleValued": true, | |
"writability": "readWrite" | |
} | |
}, | |
"primary": { | |
"constant": true | |
} | |
} | |
}, | |
"phoneNumbers": { | |
"object": { | |
"value": { | |
"simple": { | |
"ldapAttribute": "telephoneNumber", | |
"isSingleValued": true, | |
"writability": "readWrite" | |
} | |
}, | |
"primary": { | |
"constant": true | |
} | |
} | |
}, | |
"active": { | |
"simple": { | |
"ldapAttribute": "inetUserStatus", | |
"isSingleValued": true, | |
"writability": "readWrite" | |
} | |
}, | |
"groups": { | |
"reference": { | |
"ldapAttribute": "isMemberOf", | |
"baseDN": "ou=groups,dc=openam,dc=forgerock,dc=org", | |
"primaryKey": "cn", | |
"mapper": { | |
"object": { | |
"value": { | |
"simple": { | |
"ldapAttribute": "entryUUID", | |
"isSingleValued": true, | |
"isRequired": true, | |
"writability": "readOnlyDiscardWrites" | |
} | |
}, | |
"_value": { | |
"simple": { | |
"ldapAttribute": "cn", | |
"isSingleValued": true, | |
"isRequired": true, | |
"writability": "readOnlyDiscardWrites" | |
} | |
}, | |
"display": { | |
"simple": { | |
"ldapAttribute": "description", | |
"isSingleValued": true, | |
"writability": "readOnlyDiscardWrites" | |
} | |
} | |
} | |
} | |
} | |
}, | |
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": { | |
"object": { | |
"employeeNumber": { | |
"simple": { | |
"ldapAttribute": "employeeNumber", | |
"isSingleValued": true, | |
"writability": "readWrite" | |
} | |
} | |
} | |
}, | |
"meta": { | |
"object": { | |
"resourceType": { | |
"constant": "User" | |
}, | |
"created": { | |
"simple": { | |
"ldapAttribute": "createTimestamp", | |
"isSingleValued": true, | |
"writability": "readOnlyDiscardWrites" | |
} | |
}, | |
"lastModified": { | |
"simple": { | |
"ldapAttribute": "modifyTimestamp", | |
"isSingleValued": true, | |
"writability": "readOnlyDiscardWrites" | |
} | |
}, | |
"version": { | |
"simple": { | |
"ldapAttribute": "etag", | |
"isSingleValued": true, | |
"writability": "readOnlyDiscardWrites" | |
} | |
} | |
} | |
} | |
} | |
}, | |
"/Groups": { | |
"baseDN": "ou=groups,dc=openam,dc=forgerock,dc=org", | |
"readOnUpdatePolicy": "controls", | |
"useSubtreeDelete": false, | |
"usePermissiveModify": true, | |
"etagAttribute": "etag", | |
"namingStrategy": { | |
"strategy": "serverNaming", | |
"dnAttribute": "cn", | |
"idAttribute": "entryUUID" | |
}, | |
"additionalLDAPAttributes": [ | |
{ | |
"type": "objectClass", | |
"values": [ | |
"top", | |
"groupOfUniqueNames" | |
] | |
} | |
], | |
"attributes": { | |
"schemas": { | |
"constant": [ | |
"urn:ietf:params:scim:schemas:core:2.0:Group" | |
] | |
}, | |
"_id": { | |
"simple": { | |
"ldapAttribute": "entryUUID", | |
"isSingleValued": true, | |
"writability": "readOnlyDiscardWrites" | |
} | |
}, | |
"_rev": { | |
"simple": { | |
"ldapAttribute": "etag", | |
"isSingleValued": true, | |
"writability": "readOnlyDiscardWrites" | |
} | |
}, | |
"id": { | |
"simple": { | |
"ldapAttribute": "entryUUID", | |
"isSingleValued": true, | |
"writability": "readOnlyDiscardWrites" | |
} | |
}, | |
"externalId": { | |
"simple": { | |
"ldapAttribute": "cn", | |
"isSingleValued": true, | |
"isRequired": true, | |
"writability": "createOnlyDiscardWrites" | |
} | |
}, | |
"displayName": { | |
"simple": { | |
"ldapAttribute": "description", | |
"isSingleValued": true, | |
"writability": "readWrite" | |
} | |
}, | |
"members": { | |
"reference": { | |
"ldapAttribute": "uniqueMember", | |
"baseDN": "ou=people,dc=openam,dc=forgerock,dc=org", | |
"primaryKey": "uid", | |
"mapper": { | |
"object": { | |
"value": { | |
"simple": { | |
"ldapAttribute": "entryUUID", | |
"isSingleValued": true, | |
"isRequired": true, | |
"writability": "readOnlyDiscardWrites" | |
} | |
}, | |
"_value": { | |
"simple": { | |
"ldapAttribute": "uid", | |
"isSingleValued": true, | |
"isRequired": true, | |
"writability": "readWrite" | |
} | |
}, | |
"display": { | |
"simple": { | |
"ldapAttribute": "description", | |
"isSingleValued": true, | |
"writability": "readOnlyDiscardWrites" | |
} | |
} | |
} | |
} | |
} | |
}, | |
"meta": { | |
"object": { | |
"resourceType": { | |
"constant": "Group" | |
}, | |
"created": { | |
"simple": { | |
"ldapAttribute": "createTimestamp", | |
"isSingleValued": true, | |
"writability": "readOnlyDiscardWrites" | |
} | |
}, | |
"lastModified": { | |
"simple": { | |
"ldapAttribute": "modifyTimestamp", | |
"isSingleValued": true, | |
"writability": "readOnlyDiscardWrites" | |
} | |
}, | |
"version": { | |
"simple": { | |
"ldapAttribute": "etag", | |
"isSingleValued": true, | |
"writability": "readOnlyDiscardWrites" | |
} | |
} | |
} | |
} | |
} | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment