Dashboard > Penrose 1.2 > ... > Penrose Server User Guide > Operational Attribute
Penrose 1.2
Operational Attribute
Added by Jim Yang, last edited by Jim Yang on Jun 05, 2007
Labels: 
(None)


Introduction

Starting version 1.1 Penrose supports operational attributes such as creatorsName, createTimestamp, modifiersName, and modifyTimestamp.

By default the operational attributes are disabled. To enable operational attributes you need to prepare a storage and configure a module.

Configuring Operational Attributes

Add the fields to store the operational attributes in the sources.xml:

<source name="users">

    <connection-name>MySQL</connection-name>

    <field name="username" primaryKey="true"/>
    <field name="firstName"/>
    <field name="lastName"/>
    <field name="password"/>

    <field name="creatorsName"/>
    <field name="createTimestamp" type="DATETIME"/>
    <field name="modifiersName"/>
    <field name="modifyTimestamp" type="DATETIME"/>

    <parameter>
      <param-name>tableName</param-name>
      <param-value>users</param-value>
    </parameter>

</source>

Then configure the operational attributes in mapping.xml:

<entry dn="uid=...,ou=Users,dc=Operational Attribute,dc=Example,dc=com">

    <oc>person</oc>
    <oc>organizationalPerson</oc>
    <oc>inetOrgPerson</oc>

    ... other attributes ...

    <at name="creatorsName" operational="true">
      <variable>u.creatorsName</variable>
    </at>
    <at name="createTimestamp" operational="true">
      <expression>
import org.safehaus.penrose.operationalAttribute.*;

if (u == void || u == null) return;
if (u.createTimestamp == void || u.createTimestamp == null) return null;
return OperationalAttribute.formatDate(u.createTimestamp);
      </expression>
    </at>
    <at name="modifiersName" operational="true">
      <variable>u.modifiersName</variable>
    </at>
    <at name="modifyTimestamp" operational="true">
      <expression>
import org.safehaus.penrose.operationalAttribute.*;

if (u == void || u == null) return;
if (u.modifyTimestamp == void || u.modifyTimestamp == null) return null;
return OperationalAttribute.formatDate(u.modifyTimestamp);
      </expression>
    </at>

</entry>

Then configure the reverse mappings for the operational attributes in the same entry:

<entry dn="uid=...,ou=Users,dc=Operational Attribute,dc=Example,dc=com">

    <source name="u">

      <source-name>users</source-name>

      ... other fields ...

      <field name="creatorsName">
        <variable>creatorsName</variable>
      </field>
      <field name="createTimestamp">
        <expression>
import org.safehaus.penrose.operationalAttribute.*;

if (createTimestamp == void || createTimestamp == null) return null;
return OperationalAttribute.parseDate(createTimestamp);
        </expression>
      </field>
      <field name="modifiersName">
        <variable>modifiersName</variable>
      </field>
      <field name="modifyTimestamp">
        <expression>
import org.safehaus.penrose.operationalAttribute.*;

if (modifyTimestamp == void || modifyTimestamp == null) return null;
return OperationalAttribute.parseDate(modifyTimestamp);
        </expression>
      </field>

    </source>

</entry>

Finally, configure the OperationalAttributeModule in modules.xml:

<module name="OperationalAttributeModule">
    <module-class>org.safehaus.penrose.operationalAttribute.OperationalAttributeModule</module-class>
</module>

<module-mapping>
    <module-name>OperationalAttributeModule</module-name>
    <base-dn>dc=Operational Attribute,dc=Example,dc=com</base-dn>
    <filter>(objectClass=*)</filter>
    <scope>SUBTREE</scope>
</module-mapping>

This module will generate the values of the operational attributes on add, modify, and modrdn operations.

Example

The example files are available in PENROSE_SERVER_HOME/samples/operational directory.

Create a new partition by copying the configuration files in PENROSE_SERVER_HOME/samples/operational/partition into a new PENROSE_SERVER_HOME/partitions/operational directory.

Then register the new partition in PENROSE_SERVER_HOME/conf/server.xml:

<partition name="operational" path="partitions/operational"/>

Add an entry:

ldapadd -h localhost -p 10389 -D uid=admin,ou=system -w secret -x

dn: uid=test,ou=Users,dc=Operational Attribute,dc=Example,dc=com
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
uid: test
userPassword: test
sn: User
cn: Test User

Search the operational attributes:

ldapsearch -h localhost -p 10389 -D uid=admin,ou=system -w secret -x -b "dc=Operational Attribute,dc=Example,dc=com" \* +

dn: uid=test,ou=Users,dc=Operational Attribute,dc=Example,dc=com
modifiersName: uid=admin,ou=system
creatorsName: uid=admin,ou=system
sn: User
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
uid: test
cn: Secret User
modifyTimestamp: 20061004231152Z
createTimestamp: 20061004231050Z
userPassword:: c2VjcmV0
Site running on a free Atlassian Confluence Open Source Project License granted to Safehaus. Evaluate Confluence today.
Powered by Atlassian Confluence, the Enterprise Wiki. (Version: 2.5.4 Build:#809 Jun 12, 2007) - Bug/feature request - Contact Administrators