<?xml version="1.0" encoding="ISO-8859-1"?><OpenPTK xmlns='http://xml.netbeans.org/schema/openptk' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:schemaLocation='http://xml.netbeans.org/schema/openptk openptk.xsd'> <!-- Notes: 1. To reference a Property value use the "%{property_name}" syntax. The Property value is evaluated when the XML file is parsed and processed. 2. To reference an Attribute value use the "${attribute_name}" syntax. The Attribute value is evaluated at run-time when the Property is used. --> <!-- Defaults: These Properties are made available for reference by other Properties using the "%{property_name}" syntax. These Properties are NOT automatically copied into any of the other Properties defined in this file. --> <!-- Idm urls: http://localhost:8080/idm/servlet/rpcrouter2 http://localhost:28080/idm8/servlet/rpcrouter2 http://www.openptk.org/idm/servlet/rpcrouter2 http://www.openptk.org/idm/servlet/openspml2 --> <Defaults> <Properties> <Property name="spml1.url" value="http://192.168.100.101:80/idm/servlet/rpcrouter2" /> <Property name="spml1.user.name" value="SPML-Proxy" /> <Property name="spml1.user.password.encrypted" value="EnespBAb/hMwNylyxlh0jw==" /> <Property name="spml2.url" value="http://localhost:8080/idm/servlet/openspml2" /> <Property name="spml2.user.name" value="SPML-Proxy" /> <Property name="spml2.user.password.encrypted" value="EnespBAb/hMwNylyxlh0jw==" /> <Property name="oim10g.url" value="t3://oel5:7001" /> <Property name="oim10g.user.name" value="xelsysadm" /> <Property name="oim10g.user.password" value="abcd1234" /> <!-- Property name="oim10g.user.password.encrypted" value="rYkxtZjSafU7J7rNr0/r4Q==" / --> <Property name="oim11g.url" value="t3://oim11g:7002" /> <Property name="oim11g.user.name" value="xelsysadm" /> <Property name="oim11g.user.password" value="Passw0rd" /> <!-- Property name="oim11g.user.password.encrypted" value="fJUAFjIMLNh/WiRBCBz3hw==" / --> <Property name="oimspml2.url" value="http://oel5:7001/spmlws/OIMProvisioning" /> <Property name="oimspml2.user.name" value="xelsysadm" /> <Property name="oimspml2.user.password" value="abcd1234" /> <!-- Property name="oimspml2.user.password.encrypted" value="rYkxtZjSafU7J7rNr0/r4Q==" / --> <Property name="ldap.hostname" value="localhost" /> <Property name="ldap.portnum" value="1389" /> <Property name="jndi.url" value="ldap://localhost:1389" /> <!-- Property name="jndi.user.name" value="uid=ldapadmin,ou=People,dc=openptk,dc=org" / --> <!-- Property name="jndi.user.password.encrypted" value="fJUAFjIMLNh/WiRBCBz3hw==" / --> <Property name="jndi.user.name" value="cn=Directory Manager" /> <Property name="jndi.user.password.encrypted" value="EnespBAb/hMwNylyxlh0jw==" /> <Property name="jndi.basedn.employees" value="ou=people,ou=employees,dc=openptk,dc=org" /> <Property name="jndi.basedn.locations" value="ou=locations,ou=employees,dc=openptk,dc=org" /> <Property name="jndi.basedn.customers" value="ou=people,ou=customers,dc=openptk,dc=org" /> <Property name="jndi.scope.locations" value="ONELEVEL_SCOPE" /> <Property name="jdbc.mysql.url" value="jdbc:mysql://localhost:3306/openptk" /> <Property name="jdbc.mysql.driver" value="com.mysql.jdbc.Driver" /> <Property name="jdbc.mysql.user.name" value="test" /> <Property name="jdbc.mysql.user.password.encrypted" value="EnespBAb/hMwNylyxlh0jw==" /> <!-- password --> <Property name="jdbc.oracle.url" value="jdbc:oracle:thin:@//oim11g:1521/orcl" /> <Property name="jdbc.oracle.driver" value="oracle.jdbc.OracleDriver" /> <Property name="jdbc.oracle.user.name" value="openptk" /> <Property name="jdbc.oracle.user.password.encrypted" value="cPiUhk4yYUo=" /> <!-- openptk --> <Property name="jdbc.embed.url" value="jdbc:derby:sampledb" /> <Property name="jdbc.embed.driver" value="org.apache.derby.jdbc.EmbeddedDriver" /> <Property name="jdbc.embed.user.name" value="test" /> <Property name="jdbc.embed.user.password.encrypted" value="EnespBAb/hMwNylyxlh0jw==" /> <!-- password --> <Property name="timeout.read" value="20000" /> <Property name="timeout.write" value="20000" /> <Property name="debug.level" value="1" /> <!-- 1=CONFIG (default) --> <Property name="plugin.sendemail.file" value="openptk.mail" /> <Property name="plugin.sendemail.authen.user" value="donotreply@openptk.org" /> <Property name="plugin.sendemail.authen.password" value="__NEED_VALUE__" /> <Property name="plugin.template.library" value="templates" /> <Property name="email.fromaddress" value="donotreply@openptk.org"/> <Property name="cookie.name" value="OPENPTKSESSIONID" /> <Property name="target.classname" value="org.openptk.authorize.BasicTarget"/> <Property name="timestamp" value="true" /> <Property name="logger.default" value="UnixLogFile" /> <Property name="database.sample" value="databases/sampledb" /> </Properties> </Defaults> <!-- Global: These Properties are for global configuration of the OpenPTK Server. --> <Global> <Properties> <Property name="openptk.temp" value="/var/tmp/openptk" /> <Property name="auth.token.name.clientid" value="clientid" /> <Property name="auth.token.name.clientcred" value="clientcred" /> <Property name="auth.token.name.password" value="password" /> <Property name="auth.token.name.user" value="user" /> <Property name="auth.token.name.tokenparam" value="token" /> <Property name="http.session.cookie.uniqueid" value="%{cookie.name}" /> <Property name="http.session.cookie.httponly" value="true" /> <Property name="engine.session.ttl" value="1800000" /> <!-- msec --> <Property name="engine.session.cache.ttl" value="120000" /> <!-- msec --> <Property name="engine.session.scan.delay" value="30" /> <!-- minutes --> <Property name="engine.session.scan.sleep" value="5" /> <!-- minutes --> <Property name="search.results.quantity" value="10" /> <Property name="search.contains.minchar" value="3" /> <Property name="search.attribute.default" value="firstname" /> <Property name="server.config.userid" value="openptkconfig" /> <Property name="server.config.password.encrypted" value="EnespBAb/hMwNylyxlh0jw==" /> <Property name="server.cookiepath" value="/" /> <Property name="server.defaultclient" value="anon" /> <Property name="security.enforcer.servlet" value="webfilter" /> <Property name="security.enforcer.engine" value="operation" /> </Properties> </Global> <!-- Contexts: The Contexts section contains Properties (that will be applied to each Context) One or more Context. A given Context contains the following elements: - Properties that are unique to the Context All of the "Contexts" level Properties will be copied into each Context then the Context specific Properties will be added/overlayed. - Query that will be applied to all of the Operations - Operations that will be supported by a given Context. Each Operation will inherit the Properties and Query (if exist) from the Context level. Operation level Properties will be added/overlayed. The Query will be replaced. Each Operation is required to have the following Properties: - classname - AttrGroup --> <!-- Default Context: Person-SunIdm-SPML1 Person-SunIdm-JDBC Person-OpenDS-JNDI Person-SunIdm-SPML2 Employees-Oracle-JDBC --> <Contexts> <Properties> <Property name="context.default" value="Employees-Embed-JDBC" /> <Property name="context.classname" value="org.openptk.context.TimeoutContext" /> <Property name="security.encryption.id" value="PBEWithMD5AndDES" /> <Property name="audit" value="false" /> </Properties> <Context id="Person-SunIdm-SPML1" enabled="false" definition="Person" connection="SunSPML1" association="SPML1"> <Properties> <Property name="context.description" value="Person to Sun Identity Manager using SPML1" /> <Property name="operation.classname" value="org.openptk.spi.operations.SpmlSunOperations" /> <Property name="key" value="uniqueid" /> <Property name="objectclass" value="user" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="firstname,lastname" /> <Property name="search.operators" value="AND,EQ" /> </Properties> <Operations> <Operation id="create" attrgroup="person-create" /> <Operation id="read" attrgroup="person-read"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> <Operation id="update" attrgroup="person-update" /> <Operation id="delete" attrgroup="person-delete" /> <Operation id="search" attrgroup="person-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="lastname,firstname" /> </Properties> </Operation> <Operation id="pwdchange" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> <Property name="extreq.oper.changepwd" value="changeUserPassword" /> <Property name="extreq.oper.resetpwd" value="resetUserPassword" /> <Property name="extreq.attr.uid.name" value="accountId" /> <Property name="extreq.attr.pwd.name" value="password" /> <Property name="extreq.attr.pwd.subject.attr" value="password" /> <Property name="extreq.attr.resources.key" value="accounts" /> <Property name="extreq.attr.resources.value" value="Lighthouse" /> </Properties> </Operation> <Operation id="pwdreset" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> <Property name="extreq.oper.changepwd" value="changeUserPassword" /> <Property name="extreq.oper.resetpwd" value="resetUserPassword" /> <Property name="extreq.attr.uid.name" value="accountId" /> <Property name="extreq.attr.pwd.name" value="password" /> <Property name="extreq.attr.pwd.subject.attr" value="password" /> <Property name="extreq.attr.resources.key" value="accounts" /> <Property name="extreq.attr.resources.value" value="Lighthouse" /> </Properties> </Operation> <Operation id="pwdforgot" attrgroup="person-forgot" /> </Operations> </Context> <Context id="Person-SunIdm-SPML2" enabled="false" definition="Person" connection="SunSPML2" association="SPML2"> <Properties> <Property name="context.description" value="Person to Sun Identity Manager using SPML2" /> <Property name="operation.classname" value="org.openptk.spi.operations.Spml2WavesetOperations" /> <Property name="clientfacade.classname" value="org.openptk.spi.operations.ClientFacadeWaveset"/> <Property name="key" value="uniqueid" /> <Property name="objectclass" value="spml2Person" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="firstname,lastname" /> <Property name="search.operators" value="AND,EQ" /> </Properties> <Operations> <Operation id="create" attrgroup="person-create" /> <Operation id="read" attrgroup="person-read"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> <Operation id="search" attrgroup="person-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="lastname,firstname" /> </Properties> </Operation> <Operation id="update" attrgroup="person-update" /> <Operation id="delete" attrgroup="person-delete" /> <Operation id="pwdchange" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> <Property name="extreq.oper.changepwd" value="changeUserPassword" /> <Property name="extreq.oper.resetpwd" value="resetUserPassword" /> <Property name="extreq.attr.uid.name" value="accountId" /> <Property name="extreq.attr.pwd.name" value="password" /> <Property name="extreq.attr.pwd.subject.attr" value="password" /> <Property name="extreq.attr.resources.key" value="accounts" /> <Property name="extreq.attr.resources.value" value="Lighthouse" /> </Properties> </Operation> <Operation id="pwdreset" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> <Property name="extreq.oper.changepwd" value="changeUserPassword" /> <Property name="extreq.oper.resetpwd" value="resetUserPassword" /> <Property name="extreq.attr.uid.name" value="accountId" /> <Property name="extreq.attr.pwd.name" value="password" /> <Property name="extreq.attr.pwd.subject.attr" value="password" /> <Property name="extreq.attr.resources.key" value="accounts" /> <Property name="extreq.attr.resources.value" value="Lighthouse" /> </Properties> </Operation> <Operation id="pwdforgot" attrgroup="person-forgot" /> </Operations> </Context> <Context id="Person-OIM-SPML2" enabled="false" definition="PersonOIM10g" connection="OIMSPML2" association="OIMSPML2"> <Properties> <Property name="context.description" value="Person to Oracle Identity Manager using SPML2" /> <Property name="operation.classname" value="org.openptk.spi.operations.Spml2OIMOperations" /> <Property name="clientfacade.classname" value="org.openptk.spi.operations.ClientFacadeOpenPTK"/> <Property name="key" value="uniqueid" /> <Property name="objectclass" value="Users" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="firstname,lastname" /> <Property name="search.operators" value="AND,EQ" /> <Property name="attribute.invalid.remove" value="true" /> </Properties> <Model id="Employee"> <Relationships> <Relationship id="directReports" context="Person-OIM-SPML2"/> <Relationship id="reportsTo" context="Person-OIM-SPML2"/> <Relationship id="organization" context="Person-OIM-SPML2"/> <Relationship id="peers" context="Person-OIM-SPML2"/> </Relationships> </Model> <Query type="EQ" name="Object Class" value="Users" /> <Operations> <Operation id="create" attrgroup="person-oim10g-create" /> <Operation id="read" attrgroup="person-oim10g-read"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> <Operation id="search" attrgroup="person-oim10g-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="lastname,firstname" /> </Properties> </Operation> <Operation id="update" attrgroup="person-oim10g-update" /> <Operation id="delete" attrgroup="person-delete" /> <Operation id="pwdchange" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> <Property name="extreq.oper.changepwd" value="changeUserPassword" /> <Property name="extreq.oper.resetpwd" value="resetUserPassword" /> <Property name="extreq.attr.uid.name" value="Users.Key" /> <Property name="extreq.attr.pwd.name" value="password" /> <Property name="extreq.attr.pwd.subject.attr" value="password" /> <Property name="extreq.attr.resources.key" value="accounts" /> <Property name="extreq.attr.resources.value" value="Lighthouse" /> </Properties> </Operation> <Operation id="pwdreset" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> <Property name="extreq.oper.changepwd" value="changeUserPassword" /> <Property name="extreq.oper.resetpwd" value="resetUserPassword" /> <Property name="extreq.attr.uid.name" value="Users.Key" /> <Property name="extreq.attr.pwd.name" value="password" /> <Property name="extreq.attr.pwd.subject.attr" value="password" /> <Property name="extreq.attr.resources.key" value="accounts" /> <Property name="extreq.attr.resources.value" value="Lighthouse" /> </Properties> </Operation> <Operation id="pwdforgot" attrgroup="person-forgot" /> </Operations> </Context> <Context id="Authen-SunIdm-SPML" enabled="false" definition="Person" connection="SunSPML1" association="SPML1"> <Properties> <Property name="context.description" value="Authentication: Forgotten Password" /> <Property name="operation.classname" value="org.openptk.spi.operations.SpmlSunOperations" /> <Property name="key" value="uniqueid" /> <Property name="objectclass" value="user" /> <Property name="timeout" value="%{timeout.read}" /> <Property name="search.default.order" value="firstname,lastname" /> <Property name="search.operators" value="AND,EQ" /> </Properties> <Query type="AND"> <Query type="EQ" name="MemberObjectGroups" value="All People" /> <Query type="EQ" name="objectclass" value="user" /> </Query> <Operations> <Operation id="read" attrgroup="person-pwd" /> </Operations> </Context> <Context id="Employees-UnboundID-LDAP" enabled="false" definition="Person" connection="UnboundID" association="LDAP"> <Properties> <Property name="context.description" value="Employees to UnboundID using LDAP" /> <Property name="operation.classname" value="org.openptk.spi.operations.UnboundIDLdapOperations" /> <Property name="key" value="uniqueid" /> <Property name="template.create" value="uid=${uniqueid},%{jndi.basedn.employees}" /> <Property name="basedn" value="%{jndi.basedn.employees}" /> <Property name="objectclass" value="inetOrgPerson" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="lastname,firstname,uniqueid,email" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Model id="Employee"> <Relationships> <Relationship id="location" context="Locations-UnboundID-LDAP"/> <Relationship id="photo" context="Media-MySQL-JDBC"/> </Relationships> </Model> <Query type="EQ" name="objectClass" value="inetOrgPerson" /> <Operations> <Operation id="create" attrgroup="person-create" /> <Operation id="read" attrgroup="person-read"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> <Operation id="update" attrgroup="person-update" /> <Operation id="delete" attrgroup="person-delete" /> <Operation id="search" attrgroup="person-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="lastname,firstname" /> </Properties> </Operation> <Operation id="pwdchange" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> </Properties> </Operation> <Operation id="pwdreset" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> <Property name="reset.password.length" value="8" /> </Properties> </Operation> <Operation id="pwdforgot" attrgroup="person-forgot" /> <Operation id="authenticate" attrgroup="person-pwd" /> </Operations> </Context> <Context id="Locations-UnboundID-LDAP" enabled="false" definition="Location" connection="UnboundID" association="LDAP-LOCATION"> <Properties> <Property name="context.description" value="Locations to UnboundID using LDAP" /> <Property name="operation.classname" value="org.openptk.spi.operations.UnboundIDLdapOperations" /> <Property name="key" value="uniqueid" /> <Property name="template.create" value="ou=${uniqueid},%{jndi.basedn.locations}" /> <Property name="basedn" value="%{jndi.basedn.locations}" /> <Property name="scope" value="%{jndi.scope.locations}" /> <Property name="objectclass" value="organizationalunit" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="uniqueid,city,state" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Query type="EQ" name="objectClass" value="organizationalunit" /> <Operations> <Operation id="create" attrgroup="location-create" /> <Operation id="read" attrgroup="location-read"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> <Operation id="update" attrgroup="location-update" /> <Operation id="delete" attrgroup="location-delete" /> <Operation id="search" attrgroup="location-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="state,city" /> </Properties> </Operation> </Operations> </Context> <Context id="Customers-UnboundID-LDAP" enabled="false" definition="Customer" connection="UnboundID" association="LDAP-CUSTOMER"> <Properties> <Property name="context.description" value="Customers to UnboundID using LDAP" /> <Property name="operation.classname" value="org.openptk.spi.operations.UnboundIDLdapOperations" /> <Property name="key" value="uniqueid" /> <Property name="template.create" value="uid=${uniqueid},%{jndi.basedn.customers}" /> <Property name="basedn" value="%{jndi.basedn.customers}" /> <Property name="objectclass" value="inetOrgPerson" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="lastname,firstname,uniqueid,entrydn" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Query type="EQ" name="objectClass" value="inetOrgPerson" /> <Operations> <Operation id="create" attrgroup="customer-create" /> <Operation id="read" attrgroup="customer-read"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> <Operation id="update" attrgroup="customer-update" /> <Operation id="delete" attrgroup="person-delete" /> <Operation id="search" attrgroup="customer-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="lastname,firstname" /> </Properties> </Operation> <Operation id="pwdchange" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> </Properties> </Operation> <Operation id="pwdreset" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> <Property name="reset.password.length" value="8" /> </Properties> </Operation> <Operation id="pwdforgot" attrgroup="person-forgot" /> <Operation id="authenticate" attrgroup="person-pwd" /> </Operations> </Context> <Context id="Employees-OpenDS-JNDI" enabled="false" definition="Person" connection="OpenDS" association="LDAP"> <Properties> <Property name="context.description" value="Employees to OpenDS using JNDI" /> <Property name="operation.classname" value="org.openptk.spi.operations.JndiOperations" /> <Property name="key" value="uniqueid" /> <Property name="template.create" value="uid=${uniqueid},%{jndi.basedn.employees}" /> <Property name="basedn" value="%{jndi.basedn.employees}" /> <Property name="objectclass" value="inetOrgPerson" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="lastname,firstname,uniqueid,email" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Model id="Employee"> <Relationships> <Relationship id="location" context="Locations-OpenDS-JNDI"/> <Relationship id="photo" context="Media-MySQL-JDBC"/> </Relationships> </Model> <Query type="EQ" name="objectClass" value="inetOrgPerson" /> <Operations> <Operation id="create" attrgroup="person-create" /> <Operation id="read" attrgroup="person-read"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> <Operation id="update" attrgroup="person-update" /> <Operation id="delete" attrgroup="person-delete" /> <Operation id="search" attrgroup="person-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="lastname,firstname" /> </Properties> </Operation> <Operation id="pwdchange" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> </Properties> </Operation> <Operation id="pwdreset" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> <Property name="reset.password.length" value="8" /> </Properties> </Operation> <Operation id="pwdforgot" attrgroup="person-forgot" /> <Operation id="authenticate" attrgroup="person-pwd" /> </Operations> </Context> <Context id="Locations-OpenDS-JNDI" enabled="false" definition="Location" connection="OpenDS" association="LDAP-LOCATION"> <Properties> <Property name="context.description" value="Locations to OpenDS using JNDI" /> <Property name="operation.classname" value="org.openptk.spi.operations.JndiOperations" /> <Property name="key" value="uniqueid" /> <Property name="template.create" value="ou=${uniqueid},%{jndi.basedn.locations}" /> <Property name="basedn" value="%{jndi.basedn.locations}" /> <Property name="scope" value="%{jndi.scope.locations}" /> <Property name="objectclass" value="organizationalunit" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="uniqueid,city,state" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Query type="EQ" name="objectClass" value="organizationalunit" /> <Operations> <Operation id="create" attrgroup="location-create" /> <Operation id="read" attrgroup="location-read"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> <Operation id="update" attrgroup="location-update" /> <Operation id="delete" attrgroup="location-delete" /> <Operation id="search" attrgroup="location-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="state,city" /> </Properties> </Operation> </Operations> </Context> <Context id="Customers-OpenDS-JNDI" enabled="false" definition="Customer" connection="OpenDS" association="LDAP-CUSTOMER"> <Properties> <Property name="context.description" value="Customers to OpenDS using JNDI" /> <Property name="operation.classname" value="org.openptk.spi.operations.JndiOperations" /> <Property name="key" value="uniqueid" /> <Property name="template.create" value="uid=${uniqueid},%{jndi.basedn.customers}" /> <Property name="basedn" value="%{jndi.basedn.customers}" /> <Property name="objectclass" value="inetOrgPerson" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="lastname,firstname,uniqueid,entrydn" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Query type="EQ" name="objectClass" value="inetOrgPerson" /> <Operations> <Operation id="create" attrgroup="customer-create" /> <Operation id="read" attrgroup="customer-read"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> <Operation id="update" attrgroup="customer-update" /> <Operation id="delete" attrgroup="person-delete" /> <Operation id="search" attrgroup="customer-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="lastname,firstname" /> </Properties> </Operation> <Operation id="pwdchange" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> </Properties> </Operation> <Operation id="pwdreset" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> <Property name="reset.password.length" value="8" /> </Properties> </Operation> <Operation id="pwdforgot" attrgroup="person-forgot" /> <Operation id="authenticate" attrgroup="person-pwd" /> </Operations> </Context> <Context id="Employees-Oracle-JDBC" enabled="false" definition="Person" connection="Oracle" association="JDBC"> <Properties> <Property name="context.description" value="Employees to Oracle using JDBC" /> <Property name="operation.classname" value="org.openptk.spi.operations.OracleJdbcOperations" /> <Property name="connection.table" value="employees" /> <Property name="key" value="uniqueid" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="lastname,firstname,uniqueid,email" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Model id="Employee"> <Relationships> <Relationship id="location" context="Locations-Oracle-JDBC"/> <Relationship id="photo" context="Media-Oracle-JDBC"/> <Relationship id="cardphoto" context="Media-Oracle-JDBC"/> <Relationship id="thumbnail" context="Media-Oracle-JDBC"/> </Relationships> </Model> <Operations> <Operation id="create" attrgroup="person-create" > <Actions> <Action id="notify" mode="post"> <Properties> <Property name="sendemail.subject" value="Your Employee (Oracle) account has been created"/> <Property name="sendemail.fromaddress" value="%{email.fromaddress}" /> <Property name="sendemail.toaddress.attribute" value="email" /> <Property name="template.document" value="EmailTemplate-AccountCreated" /> </Properties> </Action> </Actions> </Operation> <Operation id="read" attrgroup="person-read"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> <Operation id="update" attrgroup="person-update" /> <Operation id="delete" attrgroup="person-delete" /> <Operation id="search" attrgroup="person-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="lastname,firstname" /> </Properties> </Operation> <Operation id="pwdchange" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> </Properties> </Operation> <Operation id="pwdreset" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> <Property name="reset.password.length" value="8" /> </Properties> </Operation> <Operation id="pwdforgot" attrgroup="person-forgot" /> <Operation id="authenticate" attrgroup="person-pwd" /> </Operations> </Context> <Context id="Employees-MySQL-JDBC" enabled="false" definition="Person" connection="MySQL" association="JDBC"> <Properties> <Property name="context.description" value="Employees to MySQL using JDBC" /> <Property name="operation.classname" value="org.openptk.spi.operations.JdbcOperations" /> <Property name="connection.table" value="employees" /> <Property name="key" value="uniqueid" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="lastname,firstname,uniqueid,email" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Model id="Employee"> <Relationships> <Relationship id="location" context="Locations-MySQL-JDBC"/> <Relationship id="photo" context="Media-MySQL-JDBC"/> <Relationship id="cardphoto" context="Media-MySQL-JDBC"/> <Relationship id="thumbnail" context="Media-MySQL-JDBC"/> <Relationship id="roles" context="Roles-MySQL-JDBC"/> </Relationships> </Model> <Operations> <Operation id="create" attrgroup="person-create" > <Actions> <Action id="notify" mode="post"> <Properties> <Property name="sendemail.subject" value="Your Employee (MySQL) account has been created"/> <Property name="sendemail.fromaddress" value="%{email.fromaddress}" /> <Property name="sendemail.toaddress.attribute" value="email" /> <Property name="template.document" value="EmailTemplate-AccountCreated" /> </Properties> </Action> </Actions> </Operation> <Operation id="read" attrgroup="person-read"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> <Operation id="update" attrgroup="person-update" /> <Operation id="delete" attrgroup="person-delete" /> <Operation id="search" attrgroup="person-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="lastname,firstname" /> </Properties> </Operation> <Operation id="pwdchange" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> </Properties> </Operation> <Operation id="pwdreset" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> <Property name="reset.password.length" value="8" /> </Properties> </Operation> <Operation id="pwdforgot" attrgroup="person-forgot" /> <Operation id="authenticate" attrgroup="person-pwd" /> </Operations> </Context> <Context id="Register-Employees-MySQL-JDBC" enabled="false" definition="Person" connection="MySQL" association="JDBC"> <Properties> <Property name="context.description" value="Employees-MySQL-JDBC, Registration Only" /> <Property name="key" value="uniqueid" /> <Property name="operation.classname" value="org.openptk.spi.operations.JdbcOperations" /> <Property name="connection.table" value="employees" /> <Property name="key" value="uniqueid" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="lastname,firstname,uniqueid,email" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Operations> <Operation id="create" attrgroup="person-create" /> </Operations> </Context> <Context id="Locations-Oracle-JDBC" enabled="false" definition="Location" connection="Oracle" association="JDBC-LOCATION"> <Properties> <Property name="context.description" value="Locations to Oracle using JDBC" /> <Property name="operation.classname" value="org.openptk.spi.operations.OracleJdbcOperations" /> <Property name="connection.table" value="locations" /> <Property name="key" value="uniqueid" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="description,uniqueid" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Operations> <Operation id="create" attrgroup="location-create" /> <Operation id="read" attrgroup="location-read"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> <Operation id="update" attrgroup="location-update" /> <Operation id="delete" attrgroup="location-delete" /> <Operation id="search" attrgroup="location-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="state,city" /> </Properties> </Operation> </Operations> </Context> <Context id="Locations-MySQL-JDBC" enabled="false" definition="Location" connection="MySQL" association="JDBC-LOCATION"> <Properties> <Property name="context.description" value="Locations to MySQL using JDBC" /> <Property name="operation.classname" value="org.openptk.spi.operations.JdbcOperations" /> <Property name="connection.table" value="locations" /> <Property name="key" value="uniqueid" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="description,uniqueid" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Operations> <Operation id="create" attrgroup="location-create" /> <Operation id="read" attrgroup="location-read"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> <Operation id="update" attrgroup="location-update" /> <Operation id="delete" attrgroup="location-delete" /> <Operation id="search" attrgroup="location-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="state,city" /> </Properties> </Operation> </Operations> </Context> <Context id="Media-Oracle-JDBC" enabled="false" definition="Media" connection="Oracle" association="JDBC-MEDIA"> <Properties> <Property name="context.description" value="Media to Oracle using JDBC" /> <Property name="operation.classname" value="org.openptk.spi.operations.JdbcOperations" /> <Property name="connection.table" value="media" /> <Property name="key" value="uniqueid" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="name,subject" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Operations> <Operation id="create" attrgroup="media-create"> <Actions> <Action id="checkmimetype" mode="pre" > <Properties> <Property name="attribute.type" value="type"/> </Properties> </Action> <Action id="ifexists" mode="pre" /> <Action id="cardphoto" mode="post" /> <Action id="thumbnail" mode="post" /> </Actions> </Operation> <Operation id="read" attrgroup="media-read" /> <Operation id="update" attrgroup="media-update" > <Actions> <Action id="checkmimetype" mode="pre" > <Properties> <Property name="attribute.type" value="type"/> </Properties> </Action> <Action id="cardphoto" mode="post" /> <Action id="thumbnail" mode="post" /> </Actions> </Operation> <Operation id="delete" attrgroup="media-delete" /> <Operation id="search" attrgroup="media-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="name" /> </Properties> </Operation> </Operations> </Context> <Context id="Media-MySQL-JDBC" enabled="false" definition="Media" connection="MySQL" association="JDBC-MEDIA"> <Properties> <Property name="context.description" value="Media to MySQL using JDBC" /> <Property name="operation.classname" value="org.openptk.spi.operations.JdbcOperations" /> <Property name="connection.table" value="media" /> <Property name="key" value="uniqueid" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="name,subject" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Operations> <Operation id="create" attrgroup="media-create"> <Actions> <Action id="checkmimetype" mode="pre" > <Properties> <Property name="attribute.type" value="type"/> </Properties> </Action> <Action id="ifexists" mode="pre" /> <Action id="cardphoto" mode="post" /> <Action id="thumbnail" mode="post" /> </Actions> </Operation> <Operation id="read" attrgroup="media-read" /> <Operation id="update" attrgroup="media-update" > <Actions> <Action id="checkmimetype" mode="pre" > <Properties> <Property name="attribute.type" value="type"/> </Properties> </Action> <Action id="cardphoto" mode="post" /> <Action id="thumbnail" mode="post" /> </Actions> </Operation> <Operation id="delete" attrgroup="media-delete" /> <Operation id="search" attrgroup="media-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="name" /> </Properties> </Operation> </Operations> </Context> <Context id="Employees-Hybrid" enabled="false" definition="Person"> <Properties> <Property name="context.description" value="Person to SPML (create,update,delete) and JNDI (read,search)" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="lastname,firstname" /> <Property name="search.operators" value="AND,OR,EQ,CONTAINS" /> </Properties> <Operations> <Operation id="create" attrgroup="person-create" connection="SunSPML1" association="SPML1"> <Properties> <Property name="operation.classname" value="org.openptk.spi.operations.SpmlSunOperations" /> <Property name="key" value="uniqueid" /> <Property name="objectclass" value="user" /> </Properties> <Query type="AND"> <Query type="EQ" name="MemberObjectGroups" value="All People" /> <Query type="EQ" name="objectclass" value="user" /> </Query> </Operation> <Operation id="read" attrgroup="person-read" connection="UnboundID" association="LDAP"> <Properties> <Property name="operation.classname" value="org.openptk.spi.operations.JndiOperations" /> <Property name="key" value="uniqueid" /> <Property name="rdn" value="uid=${uniqueid}" /> <Property name="basedn" value="%{jndi.basedn.employees}" /> <Property name="objectclass" value="inetOrgPerson" /> <Property name="timeout" value="%{timeout.read}" /> </Properties> <Query type="EQ" name="objectClass" value="inetOrgPerson" /> </Operation> <Operation id="read" attrgroup="person-read" connection="OpenDS" association="JNDI"> <Properties> <Property name="operation.classname" value="org.openptk.spi.operations.JndiOperations" /> <Property name="key" value="uniqueid" /> <Property name="rdn" value="uid=${uniqueid}" /> <Property name="basedn" value="%{jndi.basedn.employees}" /> <Property name="objectclass" value="inetOrgPerson" /> <Property name="timeout" value="%{timeout.read}" /> </Properties> <Query type="EQ" name="objectClass" value="inetOrgPerson" /> </Operation> <Operation id="update" attrgroup="person-update" connection="SunSPML1" association="SPML1"> <Properties> <Property name="operation.classname" value="org.openptk.spi.operations.SpmlSunOperations" /> <Property name="key" value="uniqueid" /> <Property name="objectclass" value="user" /> </Properties> <Query type="AND"> <Query type="EQ" name="MemberObjectGroups" value="All People" /> <Query type="EQ" name="objectclass" value="user" /> </Query> </Operation> <Operation id="delete" attrgroup="person-delete" connection="SunSPML1" association="SPML1"> <Properties> <Property name="operation.classname" value="org.openptk.spi.operations.SpmlSunOperations" /> <Property name="key" value="uniqueid" /> <Property name="objectclass" value="user" /> </Properties> <Query type="AND"> <Query type="EQ" name="MemberObjectGroups" value="All People" /> <Query type="EQ" name="objectclass" value="user" /> </Query> </Operation> <Operation id="search" attrgroup="person-search" connection="UnboundID" association="LDAP"> <Properties> <Property name="operation.classname" value="org.openptk.spi.operations.JndiOperations" /> <Property name="key" value="uniqueid" /> <Property name="rdn" value="uid=${uniqueid}" /> <Property name="basedn" value="%{jndi.basedn.employees}" /> <Property name="objectclass" value="inetOrgPerson" /> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="lastname,firstname" /> </Properties> <Query type="EQ" name="objectClass" value="inetOrgPerson" /> </Operation> <Operation id="search" attrgroup="person-search" connection="OpenDS" association="JNDI"> <Properties> <Property name="operation.classname" value="org.openptk.spi.operations.JndiOperations" /> <Property name="key" value="uniqueid" /> <Property name="rdn" value="uid=${uniqueid}" /> <Property name="basedn" value="%{jndi.basedn.employees}" /> <Property name="objectclass" value="inetOrgPerson" /> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="lastname,firstname" /> </Properties> <Query type="EQ" name="objectClass" value="inetOrgPerson" /> </Operation> </Operations> </Context> <Context id="Register-Oracle-IdMgr" enabled="false" definition="PersonOIM10g" connection="OIM10g" association="OIM10G"> <Properties> <Property name="context.description" value="Oracle Identity Manager 10g, Registration Only" /> <Property name="operation.classname" value="org.openptk.spi.operations.OIMRegistrationOperations" /> <Property name="key" value="uniqueid" /> </Properties> <Operations> <Operation id="create" attrgroup="oimregister-create" /> </Operations> </Context> <Context id="User-Oracle-OIMClient" enabled="false" definition="UserOIM11g" connection="OIM11g" association="OIM11G-USER"> <Properties> <Property name="context.description" value="Oracle Identity Manager 11g, OIMClient User" /> <Property name="operation.classname" value="org.openptk.spi.operations.OIMClientUserOperations" /> <Property name="key" value="uniqueid" /> <Property name="search.default.order" value="firstname,lastname,uniqueid,email" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Operations> <Operation id="create" attrgroup="user-oim11g-create"> <Properties> <Property name="timeout" value="%{timeout.write}" /> </Properties> </Operation> <Operation id="read" attrgroup="user-oim11g-read"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> <Operation id="search" attrgroup="user-oim11g-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="lastname,firstname" /> </Properties> </Operation> <Operation id="update" attrgroup="user-oim11g-update" > <Properties> <Property name="timeout" value="%{timeout.write}" /> </Properties> </Operation> <Operation id="delete" attrgroup="user-oim11g-delete"> <Properties> <Property name="timeout" value="%{timeout.write}" /> </Properties> </Operation> <Operation id="pwdchange" attrgroup="user-oim11g-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> </Properties> </Operation> <Operation id="pwdreset" attrgroup="user-oim11g-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> </Properties> </Operation> <Operation id="pwdforgot" attrgroup="user-oim11g-forgot" > <Properties> <Property name="timeout" value="%{timeout.write}" /> </Properties> </Operation> <Operation id="authenticate" attrgroup="user-oim11g-pwd" /> </Operations> </Context> <Context id="Register-Oracle-OIMClient" enabled="false" definition="UnauthenOIM11g" connection="OIM11g" association="OIM11G-UNAUTHEN"> <Properties> <Property name="context.description" value="Oracle Identity Manager 11g, OIMClient Registration" /> <Property name="operation.classname" value="org.openptk.spi.operations.OIMClientUnauthenOperations" /> <Property name="key" value="uniqueid" /> <Property name="template.registration" value="Self-Register User" /> </Properties> <Operations> <Operation id="create" attrgroup="register-oim11g-create"> <Properties> <Property name="timeout" value="%{timeout.write}" /> </Properties> </Operation> </Operations> </Context> <Context id="Request-Oracle-OIMClient" enabled="false" definition="RequestOIM11g" connection="OIM11g" association="OIM11G-REQUEST"> <Properties> <Property name="context.description" value="Oracle Identity Manager 11g, OIMClient Request" /> <Property name="operation.classname" value="org.openptk.spi.operations.OIMClientRequestOperations" /> <Property name="key" value="uniqueid" /> <Property name="request.attribute.beneficiarytype" value="beneficiarytype" /> <Property name="request.attribute.entitytype" value="entitytype" /> <Property name="request.attribute.justification" value="justification" /> <Property name="request.attribute.rolename" value="rolename" /> <Property name="request.attribute.template" value="template" /> <Property name="request.attribute.model" value="model" /> <Property name="request.attribute.failure" value="failure" /> <Property name="request.attribute.status" value="status" /> <Property name="request.attribute.userid" value="userid" /> </Properties> <Operations> <Operation id="create" attrgroup="request-oim11g-create"> <Properties> <Property name="timeout" value="%{timeout.write}" /> </Properties> </Operation> <Operation id="read" attrgroup="request-oim11g-read" /> <Operation id="search" attrgroup="request-oim11g-search" /> </Operations> </Context> <!-- Embedded Database Contexts --> <Context id="Register-Employees-Embed-JDBC" enabled="true" definition="Person" connection="Embed" association="JDBC"> <Properties> <Property name="context.description" value="Employees-Embed-JDBC, Registration Only" /> <Property name="key" value="uniqueid" /> <Property name="operation.classname" value="org.openptk.spi.operations.EmbedJdbcOperations" /> <Property name="connection.table" value="employees" /> <Property name="key" value="uniqueid" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="lastname,firstname,uniqueid,email" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Operations> <Operation id="create" attrgroup="person-create" /> </Operations> </Context> <Context id="Employees-Embed-JDBC" enabled="true" definition="Person" connection="Embed" association="JDBC"> <Properties> <Property name="context.description" value="Employees data using Embedded Database with JDBC" /> <Property name="operation.classname" value="org.openptk.spi.operations.EmbedJdbcOperations" /> <Property name="connection.table" value="employees" /> <Property name="key" value="uniqueid" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="lastname,firstname,uniqueid,email" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Model id="Employee"> <Relationships> <Relationship id="location" context="Locations-Embed-JDBC"/> <Relationship id="photo" context="Media-Embed-JDBC"/> <Relationship id="cardphoto" context="Media-Embed-JDBC"/> <Relationship id="thumbnail" context="Media-Embed-JDBC"/> </Relationships> </Model> <Operations> <Operation id="create" attrgroup="person-create"> <Actions> <Action id="notify" mode="post"> <Properties> <Property name="sendemail.subject" value="Your Employee (embed) account has been created"/> <Property name="sendemail.fromaddress" value="%{email.fromaddress}" /> <Property name="sendemail.toaddress.attribute" value="email" /> <Property name="template.document" value="EmailTemplate-AccountCreated" /> </Properties> </Action> </Actions> </Operation> <Operation id="read" attrgroup="person-read" /> <Operation id="update" attrgroup="person-update" /> <Operation id="delete" attrgroup="person-delete" /> <Operation id="search" attrgroup="person-search" > <Properties> <Property name="sort" value="lastname,firstname" /> </Properties> </Operation> <Operation id="pwdchange" attrgroup="person-pwd" /> <Operation id="pwdreset" attrgroup="person-pwd"> <Properties> <Property name="timeout" value="%{timeout.write}" /> <Property name="reset.password.length" value="8" /> </Properties> </Operation> <Operation id="pwdforgot" attrgroup="person-forgot" /> <Operation id="authenticate" attrgroup="person-pwd" /> </Operations> </Context> <Context id="Locations-Embed-JDBC" enabled="true" definition="Location" connection="Embed" association="JDBC-LOCATION"> <Properties> <Property name="context.description" value="Locations to Embedded database using JDBC" /> <Property name="operation.classname" value="org.openptk.spi.operations.EmbedJdbcOperations" /> <Property name="connection.table" value="locations" /> <Property name="key" value="uniqueid" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="description,uniqueid" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Operations> <Operation id="create" attrgroup="location-create" /> <Operation id="read" attrgroup="location-read" /> <Operation id="update" attrgroup="location-update" /> <Operation id="delete" attrgroup="location-delete" /> <Operation id="search" attrgroup="location-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="state,city" /> </Properties> </Operation> </Operations> </Context> <Context id="Media-Embed-JDBC" enabled="true" definition="Media" connection="Embed" association="JDBC-MEDIA"> <Properties> <Property name="context.description" value="Media to Embeded database using JDBC" /> <Property name="operation.classname" value="org.openptk.spi.operations.EmbedJdbcOperations" /> <Property name="connection.table" value="media" /> <Property name="key" value="uniqueid" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="name,subject" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Operations> <Operation id="create" attrgroup="media-create"> <Actions> <Action id="checkmimetype" mode="pre" > <Properties> <Property name="attribute.type" value="type"/> </Properties> </Action> <Action id="ifexists" mode="pre" /> <Action id="cardphoto" mode="post" /> <Action id="thumbnail" mode="post" /> </Actions> </Operation> <Operation id="read" attrgroup="media-read" /> <Operation id="update" attrgroup="media-update" > <Actions> <Action id="checkmimetype" mode="pre" > <Properties> <Property name="attribute.type" value="type"/> </Properties> </Action> <Action id="cardphoto" mode="post" /> <Action id="thumbnail" mode="post" /> </Actions> </Operation> <Operation id="delete" attrgroup="media-delete" /> <Operation id="search" attrgroup="media-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> <Property name="sort" value="name" /> </Properties> </Operation> </Operations> </Context> <Context id="Roles-MySQL-JDBC" enabled="false" definition="LinkRole" connection="MySQL" association="JDBC-Role"> <Properties> <Property name="context.description" value="Roles in MySQL using JDBC" /> <Property name="operation.classname" value="org.openptk.spi.operations.JdbcOperations" /> <Property name="connection.table" value="roles" /> <Property name="key" value="uniqueid" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="description,uniqueid" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Operations> <Operation id="create" attrgroup="linkrole-create" /> <Operation id="read" attrgroup="linkrole-read"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> <Operation id="update" attrgroup="linkrole-update" /> <Operation id="delete" attrgroup="linkrole-delete" /> <Operation id="search" attrgroup="linkrole-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> </Operations> </Context> <Context id="UserRole-MySQL-JDBC" enabled="false" definition="UserRole" connection="MySQL" association="JDBC-UserRole"> <Properties> <Property name="context.description" value="User to Role association in MySQL using JDBC" /> <Property name="operation.classname" value="org.openptk.spi.operations.JdbcOperations" /> <Property name="connection.table" value="userrole" /> <Property name="key" value="uniqueid" /> <Property name="timeout" value="%{timeout.write}" /> <Property name="search.default.order" value="userid,roleid,uniqueid" /> <Property name="search.operators" value="AND,OR,CONTAINS,EQ" /> </Properties> <Operations> <Operation id="create" attrgroup="userrole-create" /> <Operation id="read" attrgroup="userrole-read"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> <Operation id="update" attrgroup="userrole-update" /> <Operation id="delete" attrgroup="userrole-delete" /> <Operation id="search" attrgroup="userrole-search"> <Properties> <Property name="timeout" value="%{timeout.read}" /> </Properties> </Operation> </Operations> </Context> </Contexts> <!-- Attribute Groups define what attributes to use for a given Operation Attributes must have been declared in the related Association --> <AttrGroups> <AttrGroup id="person-create"> <Attributes> <Attribute id="firstname" /> <Attribute id="lastname" /> <Attribute id="email" /> <Attribute id="fullname" /> <Attribute id="roles" /> <Attribute id="manager" /> <Attribute id="title" /> <Attribute id="telephone" /> <Attribute id="organization" /> <Attribute id="forgottenPasswordQuestions" /> <Attribute id="forgottenPasswordAnswers" /> <Attribute id="password" /> <Attribute id="photo" /> </Attributes> </AttrGroup> <AttrGroup id="person-read"> <Attributes> <Attribute id="firstname" /> <Attribute id="lastname" /> <Attribute id="email" /> <Attribute id="fullname" /> <Attribute id="lastcommafirst" /> <Attribute id="roles" /> <Attribute id="manager" /> <Attribute id="title" /> <Attribute id="telephone" /> <Attribute id="organization" /> <Attribute id="forgottenPasswordQuestions" /> <Attribute id="forgottenPasswordAnswers" /> <Attribute id="location" /> <Attribute id="photo" /> </Attributes> </AttrGroup> <AttrGroup id="person-update"> <Attributes> <Attribute id="firstname" /> <Attribute id="lastname" /> <Attribute id="email" /> <Attribute id="fullname" /> <Attribute id="roles" /> <Attribute id="manager" /> <Attribute id="title" /> <Attribute id="telephone" /> <Attribute id="organization" /> <Attribute id="forgottenPasswordQuestions" /> <Attribute id="forgottenPasswordAnswers" /> <Attribute id="location" /> <Attribute id="photo" /> </Attributes> </AttrGroup> <AttrGroup id="person-delete" /> <AttrGroup id="person-search"> <Attributes> <Attribute id="email" /> <Attribute id="title" /> <Attribute id="lastcommafirst" /> </Attributes> </AttrGroup> <AttrGroup id="person-pwd"> <Attributes> <Attribute id="password" /> </Attributes> </AttrGroup> <AttrGroup id="person-forgot"> <Attributes> <Attribute id="forgottenPasswordQuestions" /> <Attribute id="forgottenPasswordAnswers" /> <Attribute id="forgottenPasswordValues" /> </Attributes> </AttrGroup> <AttrGroup id="oimregister-create"> <Attributes> <Attribute id="firstname" /> <Attribute id="lastname" /> <Attribute id="email" /> <Attribute id="organization" /> <Attribute id="password" /> <Attribute id="userid" /> </Attributes> </AttrGroup> <AttrGroup id="person-oim10g-create"> <Attributes> <Attribute id="firstname" /> <Attribute id="lastname" /> <Attribute id="email" /> <Attribute id="roles" /> <Attribute id="organization" /> <Attribute id="password" /> <Attribute id="objectclass" /> <Attribute id="type" /> <Attribute id="userid" /> </Attributes> </AttrGroup> <AttrGroup id="person-oim10g-read"> <Attributes> <Attribute id="firstname" /> <Attribute id="lastname" /> <Attribute id="email" /> <Attribute id="roles" /> <Attribute id="lastcommafirst" /> <Attribute id="fullname" /> <Attribute id="organization" /> <Attribute id="password" /> <Attribute id="objectclass" /> <Attribute id="type" /> <Attribute id="userid" /> <Attribute id="uniqueid" /> <Attribute id="status" /> </Attributes> </AttrGroup> <AttrGroup id="person-oim10g-search"> <Attributes> <Attribute id="email" /> <Attribute id="lastcommafirst" /> <Attribute id="roles" /> <Attribute id="userid" /> <Attribute id="uniqueid" /> </Attributes> </AttrGroup> <AttrGroup id="person-oim10g-update"> <Attributes> <Attribute id="firstname" /> <Attribute id="lastname" /> <Attribute id="email" /> <Attribute id="roles" /> <Attribute id="organization" /> <Attribute id="password" /> <Attribute id="objectclass" /> <Attribute id="type" /> <Attribute id="userid" /> </Attributes> </AttrGroup> <AttrGroup id="customer-create"> <Attributes> <Attribute id="firstname" /> <Attribute id="lastname" /> <Attribute id="email" /> <Attribute id="fullname" /> <Attribute id="roles" /> <Attribute id="title" /> <Attribute id="telephone" /> <Attribute id="organization" /> <Attribute id="password" /> <Attribute id="street" /> <Attribute id="city" /> <Attribute id="state" /> <Attribute id="postalCode" /> </Attributes> </AttrGroup> <AttrGroup id="customer-read"> <Attributes> <Attribute id="firstname" /> <Attribute id="lastname" /> <Attribute id="email" /> <Attribute id="fullname" /> <Attribute id="roles" /> <Attribute id="manager" /> <Attribute id="title" /> <Attribute id="telephone" /> <Attribute id="organization" /> <Attribute id="forgottenPasswordQuestions" /> <Attribute id="forgottenPasswordAnswers" /> <Attribute id="street" /> <Attribute id="city" /> <Attribute id="state" /> <Attribute id="postalCode" /> </Attributes> </AttrGroup> <AttrGroup id="customer-search"> <Attributes> <Attribute id="email" /> <Attribute id="title" /> <Attribute id="lastcommafirst" /> </Attributes> </AttrGroup> <AttrGroup id="customer-update"> <Attributes> <Attribute id="firstname" /> <Attribute id="lastname" /> <Attribute id="email" /> <Attribute id="fullname" /> <Attribute id="roles" /> <Attribute id="manager" /> <Attribute id="title" /> <Attribute id="telephone" /> <Attribute id="organization" /> <Attribute id="forgottenPasswordQuestions" /> <Attribute id="forgottenPasswordAnswers" /> <Attribute id="street" /> <Attribute id="city" /> <Attribute id="state" /> <Attribute id="postalCode" /> </Attributes> </AttrGroup> <AttrGroup id="location-create"> <Attributes> <Attribute id="description" /> <Attribute id="street" /> <Attribute id="city" /> <Attribute id="state" /> <Attribute id="postalCode" /> </Attributes> </AttrGroup> <AttrGroup id="location-read"> <Attributes> <Attribute id="description" /> <Attribute id="street" /> <Attribute id="city" /> <Attribute id="state" /> <Attribute id="postalCode" /> </Attributes> </AttrGroup> <AttrGroup id="location-update"> <Attributes> <Attribute id="description" /> <Attribute id="street" /> <Attribute id="city" /> <Attribute id="state" /> <Attribute id="postalCode" /> </Attributes> </AttrGroup> <AttrGroup id="location-delete" /> <AttrGroup id="location-search"> <Attributes> <Attribute id="description" /> <Attribute id="city" /> <Attribute id="state" /> </Attributes> </AttrGroup> <AttrGroup id="media-create"> <Attributes> <Attribute id="name" /> <Attribute id="type" /> <Attribute id="length" /> <Attribute id="modified" /> <Attribute id="contextid" /> <Attribute id="subjectid" /> <Attribute id="relationshipid" /> <Attribute id="digest" /> <Attribute id="data" /> </Attributes> </AttrGroup> <AttrGroup id="media-read"> <Attributes> <Attribute id="name" /> <Attribute id="type" /> <Attribute id="length" /> <Attribute id="modified" /> <Attribute id="contextid" /> <Attribute id="subjectid" /> <Attribute id="relationshipid" /> <Attribute id="digest" /> <Attribute id="data" /> </Attributes> </AttrGroup> <AttrGroup id="media-update"> <Attributes> <Attribute id="name" /> <Attribute id="type" /> <Attribute id="length" /> <Attribute id="modified" /> <Attribute id="contextid" /> <Attribute id="subjectid" /> <Attribute id="relationshipid" /> <Attribute id="digest" /> <Attribute id="data" /> </Attributes> </AttrGroup> <AttrGroup id="media-delete"/> <AttrGroup id="media-search"> <Attributes> <Attribute id="name" /> <Attribute id="contextid" /> <Attribute id="subjectid" /> <Attribute id="relationshipid" /> </Attributes> </AttrGroup> <AttrGroup id="role-create"> <Attributes> <Attribute id="resources" /> <Attribute id="description" /> <Attribute id="owner" /> </Attributes> </AttrGroup> <AttrGroup id="role-read"> <Attributes> <Attribute id="resources" /> <Attribute id="description" /> <Attribute id="owner" /> </Attributes> </AttrGroup> <AttrGroup id="role-update"> <Attributes> <Attribute id="resources" /> <Attribute id="description" /> <Attribute id="owner" /> </Attributes> </AttrGroup> <AttrGroup id="role-delete" /> <AttrGroup id="role-search"> <Attributes> <Attribute id="description" /> </Attributes> </AttrGroup> <AttrGroup id="user-oim11g-create"> <Attributes> <Attribute id="firstname" /> <Attribute id="lastname" /> <Attribute id="email" /> <Attribute id="roles" /> <Attribute id="password" /> <Attribute id="type" /> <Attribute id="title" /> <Attribute id="manager" /> <Attribute id="telephone" /> </Attributes> </AttrGroup> <AttrGroup id="user-oim11g-read"> <Attributes> <Attribute id="firstname" /> <Attribute id="lastname" /> <Attribute id="email" /> <Attribute id="roles" /> <Attribute id="lastcommafirst" /> <Attribute id="fullname" /> <Attribute id="type" /> <Attribute id="uniqueid" /> <Attribute id="status" /> <Attribute id="title"/> <Attribute id="manager" /> <Attribute id="telephone" /> <Attribute id="forgottenPasswordQuestions" /> </Attributes> </AttrGroup> <AttrGroup id="user-oim11g-update"> <Attributes> <Attribute id="firstname" /> <Attribute id="lastname" /> <Attribute id="email" /> <Attribute id="roles" /> <Attribute id="password" /> <Attribute id="type" /> <Attribute id="title"/> <Attribute id="manager" /> <Attribute id="telephone" /> <Attribute id="forgottenPasswordQuestions" /> <Attribute id="forgottenPasswordAnswers" /> </Attributes> </AttrGroup> <AttrGroup id="user-oim11g-delete" /> <AttrGroup id="user-oim11g-search"> <Attributes> <Attribute id="uniqueid" /> <Attribute id="firstname" /> <Attribute id="lastname" /> <Attribute id="email" /> <Attribute id="lastcommafirst" /> <Attribute id="roles" /> </Attributes> </AttrGroup> <AttrGroup id="user-oim11g-pwd"> <Attributes> <Attribute id="password" /> </Attributes> </AttrGroup> <AttrGroup id="user-oim11g-forgot"> <Attributes> <Attribute id="forgottenPasswordQuestions" /> <Attribute id="forgottenPasswordAnswers" /> <Attribute id="forgottenPasswordValues" /> </Attributes> </AttrGroup> <AttrGroup id="register-oim11g-create"> <Attributes> <Attribute id="firstname" /> <Attribute id="lastname" /> <Attribute id="email" /> <Attribute id="password" /> <Attribute id="forgottenPasswordQuestions" /> <Attribute id="forgottenPasswordAnswers" /> </Attributes> </AttrGroup> <AttrGroup id="request-oim11g-create"> <Attributes> <Attribute id="justification" /> <Attribute id="rolename" /> <Attribute id="userid" /> <Attribute id="template" /> <Attribute id="beneficiarytype" /> <Attribute id="entitytype" /> </Attributes> </AttrGroup> <AttrGroup id="request-oim11g-read"> <Attributes> <Attribute id="justification" /> <Attribute id="rolename" /> <Attribute id="userid" /> <Attribute id="template" /> <Attribute id="beneficiarytype" /> <Attribute id="entitytype" /> <Attribute id="model" /> <Attribute id="failure" /> <Attribute id="status" /> </Attributes> </AttrGroup> <AttrGroup id="request-oim11g-search"> <Attributes> <Attribute id="rolename" /> <Attribute id="userid" /> <Attribute id="template" /> <Attribute id="status" /> </Attributes> </AttrGroup> <AttrGroup id="linkrole-create"> <Attributes> <Attribute id="description" /> <Attribute id="owner" /> <Attribute id="access" /> <Attribute id="createdate" /> <Attribute id="status" /> </Attributes> </AttrGroup> <AttrGroup id="linkrole-read"> <Attributes> <Attribute id="description" /> <Attribute id="owner" /> <Attribute id="access" /> <Attribute id="createdate" /> <Attribute id="status" /> </Attributes> </AttrGroup> <AttrGroup id="linkrole-update"> <Attributes> <Attribute id="description" /> <Attribute id="owner" /> <Attribute id="access" /> <Attribute id="createdate" /> <Attribute id="status" /> </Attributes> </AttrGroup> <AttrGroup id="linkrole-delete" /> <AttrGroup id="linkrole-search"> <Attributes> <Attribute id="description" /> <Attribute id="owner" /> <Attribute id="access" /> <Attribute id="createdate" /> <Attribute id="status" /> </Attributes> </AttrGroup> <AttrGroup id="userrole-create"> <Attributes> <Attribute id="userid" /> <Attribute id="roleid" /> </Attributes> </AttrGroup> <AttrGroup id="userrole-read"> <Attributes> <Attribute id="userid" /> <Attribute id="roleid" /> </Attributes> </AttrGroup> <AttrGroup id="userrole-update"> <Attributes> <Attribute id="userid" /> <Attribute id="roleid" /> </Attributes> </AttrGroup> <AttrGroup id="userrole-delete" /> <AttrGroup id="userrole-search"> <Attributes> <Attribute id="userid" /> <Attribute id="roleid" /> </Attributes> </AttrGroup> </AttrGroups> <!-- Maps OpenPTK Framework Attribute names to Service Attribute names Framework Attributes NOT listed in a given Association will be treated as "pass through", their Framework Attribute name will be used for their Service Attribute name. Declares the Atributes that are available in a given "Service" All of the Attributes must be defined in the "associated" Definition Association Attributes can override/compliment "settings" from their Definition --> <Associations> <Association id="SPML1"> <Attributes> <Attribute id="uniqueid" servicename="uid" /> <Attribute id="firstname" servicename="gn" /> <Attribute id="lastname" servicename="sn" /> <Attribute id="fullname" servicename="cn" /> <Attribute id="lastcommafirst" /> <Attribute id="password" servicename="password" required="true" /> <Attribute id="email" /> <Attribute id="roles" /> <Attribute id="manager" /> <Attribute id="title" /> <Attribute id="telephone" /> <Attribute id="organization" /> <Attribute id="forgottenPasswordQuestions" /> <Attribute id="forgottenPasswordAnswers" /> <Attribute id="forgottenPasswordData" /> <Attribute id="forgottenPasswordValues" /> </Attributes> </Association> <Association id="SPML2"> <Attributes> <Attribute id="uniqueid" servicename="accountId" /> <Attribute id="firstname" servicename="firstname" /> <Attribute id="lastname" servicename="lastname" /> <Attribute id="fullname" servicename="fullname" /> <Attribute id="lastcommafirst" /> <Attribute id="password" servicename="credentials" required="true" /> <Attribute id="email" servicename="emailAddress" /> <Attribute id="roles" /> <Attribute id="manager" /> <Attribute id="title" /> <Attribute id="telephone" /> <Attribute id="organization" /> <Attribute id="forgottenPasswordQuestions" /> <Attribute id="forgottenPasswordAnswers" /> <Attribute id="forgottenPasswordData" /> <Attribute id="forgottenPasswordValues" /> </Attributes> </Association> <Association id="OIMSPML2"> <Attributes> <Attribute id="uniqueid" servicename="Users.User ID" /> <Attribute id="firstname" servicename="Users.First Name" /> <Attribute id="email" servicename="Users.Email" /> <Attribute id="lastname" servicename="Users.Last Name" /> <Attribute id="lastcommafirst" /> <Attribute id="fullname" /> <Attribute id="password" servicename="Users.Password" /> <Attribute id="objectclass" servicename="Object Class" /> <Attribute id="roles" servicename="Users.Role" /> <Attribute id="organization" servicename="Organizations.Organization Name" /> <Attribute id="type" servicename="Users.Xellerate Type" /> <Attribute id="status" servicename="Users.Status" /> </Attributes> </Association> <Association id="OIM10G"> <Attributes> <Attribute id="uniqueid" servicename="Users.User ID" /> <Attribute id="firstname" servicename="Users.First Name" /> <Attribute id="email" servicename="Users.Email" /> <Attribute id="lastname" servicename="Users.Last Name" /> <Attribute id="lastcommafirst" /> <Attribute id="fullname" /> <Attribute id="password" servicename="Users.Password" /> <Attribute id="objectclass" servicename="Object Class" /> <Attribute id="roles" servicename="Users.Role" /> <Attribute id="organization" servicename="Organizations.Organization Name" /> <Attribute id="type" servicename="Users.Xellerate Type" /> <Attribute id="status" servicename="Users.Status" /> </Attributes> </Association> <Association id="OIM11G-USER"> <Attributes> <Attribute id="uniqueid" servicename="User Login" /> <Attribute id="firstname" servicename="First Name" /> <Attribute id="email" servicename="Email" /> <Attribute id="lastname" servicename="Last Name" /> <Attribute id="lastcommafirst" /> <Attribute id="fullname" /> <Attribute id="password" servicename="usr_password" /> <Attribute id="roles" servicename="Role" /> <Attribute id="organization" servicename="act_key" /> <!-- Long --> <Attribute id="type" servicename="Xellerate Type" /> <Attribute id="status" servicename="Status" /> <Attribute id="title" servicename="Title" /> <Attribute id="manager" servicename="usr_manager_key"/> <Attribute id="telephone" servicename="Telephone Number" /> <Attribute id="forgottenPasswordQuestions" /> <Attribute id="forgottenPasswordAnswers" /> <Attribute id="forgottenPasswordValues" /> </Attributes> </Association> <Association id="OIM11G-UNAUTHEN"> <Attributes> <Attribute id="uniqueid" servicename="User Login" /> <Attribute id="lastname" servicename="Last Name" /> <Attribute id="firstname" servicename="First Name" /> <Attribute id="email" servicename="Email" /> <Attribute id="password" servicename="Password" /> <Attribute id="organization" servicename="Organizations" /> <Attribute id="type" servicename="User Type" /> <Attribute id="forgottenPasswordQuestions" /> <Attribute id="forgottenPasswordAnswers" /> <Attribute id="forgottenPasswordValues" /> </Attributes> </Association> <Association id="OIM11G-REQUEST"> <Attributes> <Attribute id="uniqueid" servicename="requestid"/> <Attribute id="justification" /> <Attribute id="rolename" /> <Attribute id="userid" /> <Attribute id="template" /> <Attribute id="beneficiarytype" /> <Attribute id="entitytype" /> <Attribute id="model" /> <Attribute id="failure" /> <Attribute id="status" /> </Attributes> </Association> <Association id="LDAP"> <Attributes> <Attribute id="uniqueid" servicename="uid" /> <Attribute id="firstname" servicename="givenName" /> <Attribute id="lastname" servicename="sn" /> <Attribute id="fullname" servicename="cn" required="true" /> <Attribute id="email" servicename="mail" /> <Attribute id="title" /> <Attribute id="telephone" servicename="telephoneNumber" /> <Attribute id="organization" servicename="departmentNumber" /> <Attribute id="password" servicename="userPassword" /> <Attribute id="manager"> <Functions> <Function id="getUid" classname="org.openptk.definition.functions.SubString"> <Arguments> <Argument name="after" type="literal" value="uid=" /> <Argument name="before" type="literal" value="," /> </Arguments> <Operations> <Operation type="read" /> <Operation type="search" /> </Operations> </Function> <Function id="buildDN" classname="org.openptk.definition.functions.BuildDN"> <Arguments> <Argument name="prefix" type="literal" value="uid=" /> <Argument name="uid" type="attribute" value="manager" required="true"/> <Argument name="basedn" type="literal" value=",%{jndi.basedn.employees}" /> </Arguments> <Operations> <Operation type="create" /> <Operation type="update" /> <Operation type="search" mode="TOSERVICE" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="roles" servicename="businessCategory" /> <Attribute id="lastcommafirst" /> <Attribute id="forgottenPasswordQuestions"> <Functions> <Function id="readPwdQuestions" classname="org.openptk.definition.functions.ForgottenPassword"> <Arguments> <Argument name="data" type="attribute" value="forgottenPasswordData" /> <Argument name="questions" type="attribute" value="forgottenPasswordQuestions" /> <Argument name="answers" type="attribute" value="forgottenPasswordAnswers" /> <Argument name="innerdelimiter" type="literal" value="=" /> <Argument name="outerdelimiter" type="literal" value="+" /> <Argument name="default" type="literal" value="Mothers Maiden Name,City you were born,Last 4 digits of Frequent Flyer" /> </Arguments> <Operations> <Operation type="read" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="forgottenPasswordAnswers"> <Functions> <Function id="updatePwdAnswers" classname="org.openptk.definition.functions.ForgottenPassword"> <Arguments> <Argument name="data" type="attribute" value="forgottenPasswordData" /> <Argument name="questions" type="attribute" value="forgottenPasswordQuestions" /> <Argument name="answers" type="attribute" value="forgottenPasswordAnswers" /> <Argument name="innerdelimiter" type="literal" value="=" /> <Argument name="outerdelimiter" type="literal" value="+" /> <Argument name="minlength" type="literal" value="3" /> </Arguments> <Operations> <Operation type="read" /> <Operation type="update" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="forgottenPasswordData" servicename="destinationIndicator" /> <Attribute id="forgottenPasswordValues" /> <Attribute id="location" servicename="physicalDeliveryOfficeName" /> <Attribute id="photo" servicename="jpegPhoto" /> </Attributes> </Association> <Association id="LDAP-CUSTOMER"> <Attributes> <Attribute id="uniqueid" servicename="entrydn" /> <Attribute id="firstname" servicename="givenName" /> <Attribute id="lastname" servicename="sn" /> <Attribute id="fullname" servicename="cn" required="true" /> <Attribute id="email" servicename="mail" /> <Attribute id="title" /> <Attribute id="telephone" servicename="telephoneNumber" /> <Attribute id="organization" servicename="departmentNumber" /> <Attribute id="password" servicename="userPassword" /> <Attribute id="roles" servicename="businessCategory" /> <Attribute id="lastcommafirst" /> <Attribute id="forgottenPasswordQuestions"> <Functions> <Function id="readPwdQuestions" classname="org.openptk.definition.functions.ForgottenPassword"> <Arguments> <Argument name="data" type="attribute" value="forgottenPasswordData" /> <Argument name="questions" type="attribute" value="forgottenPasswordQuestions" /> <Argument name="answers" type="attribute" value="forgottenPasswordAnswers" /> <Argument name="innerdelimiter" type="literal" value="=" /> <Argument name="outerdelimiter" type="literal" value="+" /> <Argument name="default" type="literal" value="Mothers Maiden Name,City you were born,Last 4 digits of Frequent Flyer" /> </Arguments> <Operations> <Operation type="read" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="forgottenPasswordAnswers"> <Functions> <Function id="updatePwdAnswers" classname="org.openptk.definition.functions.ForgottenPassword"> <Arguments> <Argument name="data" type="attribute" value="forgottenPasswordData" /> <Argument name="questions" type="attribute" value="forgottenPasswordQuestions" /> <Argument name="answers" type="attribute" value="forgottenPasswordAnswers" /> <Argument name="innerdelimiter" type="literal" value="=" /> <Argument name="outerdelimiter" type="literal" value="+" /> <Argument name="minlength" type="literal" value="3" /> </Arguments> <Operations> <Operation type="read" /> <Operation type="update" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="forgottenPasswordData" servicename="destinationIndicator" /> <Attribute id="forgottenPasswordValues" /> <Attribute id="street" /> <Attribute id="city" servicename="l" /> <Attribute id="state" servicename="st" /> <Attribute id="postalCode" /> </Attributes> </Association> <Association id="LDAP-LOCATION"> <Attributes> <Attribute id="uniqueid" servicename="ou" /> <Attribute id="description" servicename="description" /> <Attribute id="street" /> <Attribute id="city" servicename="postalAddress" /> <Attribute id="state" servicename="st" /> <Attribute id="postalCode" /> </Attributes> </Association> <Association id="JDBC"> <Attributes> <Attribute id="uniqueid" servicename="id" /> <Attribute id="firstname" servicename="fname" /> <Attribute id="lastname" servicename="lname" /> <Attribute id="fullname" servicename="fullname" required="true" /> <Attribute id="password" /> <Attribute id="email" /> <Attribute id="title" /> <Attribute id="telephone" /> <Attribute id="manager" /> <Attribute id="roles" /> <Attribute id="organization" servicename="org" /> <Attribute id="location" /> <Attribute id="lastcommafirst" /> <Attribute id="forgottenPasswordQuestions" /> <Attribute id="forgottenPasswordAnswers" /> <Attribute id="forgottenPasswordData" servicename="forgotdata" /> <Attribute id="forgottenPasswordValues" /> </Attributes> </Association> <Association id="JDBC-LOCATION"> <Attributes> <Attribute id="uniqueid" servicename="id" /> <Attribute id="description" /> <Attribute id="street" /> <Attribute id="city" /> <Attribute id="state" /> <Attribute id="postalCode" /> </Attributes> </Association> <Association id="JDBC-MEDIA"> <Attributes> <Attribute id="uniqueid" servicename="uuid" /> <Attribute id="name" /> <Attribute id="type" /> <Attribute id="length" servicename="size"/> <Attribute id="modified" /> <Attribute id="contextid" servicename="context"/> <Attribute id="subjectid" servicename="subject"/> <Attribute id="relationshipid" servicename="relationship"/> <Attribute id="digest" /> <Attribute id="data" /> </Attributes> </Association> <Association id="SPML1-ROLE"> <Attributes> <Attribute id="rolename" /> <Attribute id="description" /> <Attribute id="owner" /> </Attributes> </Association> <Association id="JDBC-Role"> <Attributes> <Attribute id="uniqueid" servicename="id" /> <Attribute id="description" /> <Attribute id="owner" /> <Attribute id="access" /> <Attribute id="createdate" /> <Attribute id="status" /> </Attributes> </Association> <Association id="JDBC-UserRole"> <Attributes> <Attribute id="uniqueid" servicename="id" /> <Attribute id="userid" /> <Attribute id="roleid" /> </Attributes> </Association> </Associations> <!-- These are related to the OpenPTK Subject Interface and it's API A Definition contains Properties and Atttributes Each Attribute (within a Definition) supports a number of "well known" Properties. Here are the defaults: type = String multivalued = false required = false encrypted = false access = public --> <Definitions> <Definition id="Person"> <Properties> <Property name="definition.classname" value="org.openptk.definition.BasicSubject" /> <Property name="definition.description" value="A generic employee,partner,consultant" /> <!-- Example of authentication against multiple attributes. --> <Property name="definition.authenid" value="id,email" /> <Property name="definition.password" value="password" /> </Properties> <Attributes> <Attribute id="uniqueid" required="true"> <Functions> <Function id="FirstInitialLastName" useexisting="true" classname="org.openptk.definition.functions.FirstInitialLastname"> <Arguments> <Argument name="first" type="attribute" value="firstname" /> <Argument name="last" type="attribute" value="lastname" /> <Argument name="maxlength" type="literal" value="32" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="firstname" required="true" > <Properties> <Property name="widget.displayname" value="First Name" /> <Property name="widget.type" value="textfield" /> <Property name="widget.width" value="32" /> <Property name="value.min" value="2" /> <Property name="value.max" value="30" /> </Properties> </Attribute> <Attribute id="lastname" required="true" /> <Attribute id="title" /> <Attribute id="password" encrypted="true"> <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="initialPassword" type="literal" value="Passw0rd" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="email" required="true"> <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="first" type="attribute" value="firstname" /> <Argument name="dot" type="literal" value="." /> <Argument name="last" type="attribute" value="lastname" /> <Argument name="at" type="literal" value="@" /> <Argument name="domainname" type="literal" value="openptk.org" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="lastcommafirst" virtual="true"> <Functions> <Function id="OutputLastFirst" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="arg1" type="attribute" value="lastname" /> <Argument name="arg2" type="literal" value=", " /> <Argument name="arg3" type="attribute" value="firstname" /> </Arguments> <Operations> <Operation type="read" /> <Operation type="search" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="fullname" required="false"> <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="arg1" type="attribute" value="firstname" /> <Argument name="arg2" type="literal" value=" " /> <Argument name="arg3" type="attribute" value="lastname" /> </Arguments> <Operations> <Operation type="create" /> <Operation type="update" /> <Operation type="read" /> <Operation type="search" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="forgottenPasswordQuestions" multivalued="true" virtual="true"> <Functions> <Function id="readPwdQuestions" classname="org.openptk.definition.functions.ForgottenPassword"> <Arguments> <Argument name="data" type="attribute" value="forgottenPasswordData" /> <Argument name="questions" type="attribute" value="forgottenPasswordQuestions" /> <Argument name="answers" type="attribute" value="forgottenPasswordAnswers" /> <Argument name="innerdelimiter" type="literal" value="|" /> <Argument name="outerdelimiter" type="literal" value="^" /> <Argument name="default" type="literal" value="Mothers Maiden Name,City you were born,Last 4 digits of Frequent Flyer" /> </Arguments> <Operations> <Operation type="create" /> <Operation type="read" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="forgottenPasswordAnswers" multivalued="true" virtual="true"> <Functions> <Function id="updatePwdAnswers" classname="org.openptk.definition.functions.ForgottenPassword"> <Arguments> <Argument name="data" type="attribute" value="forgottenPasswordData" /> <Argument name="questions" type="attribute" value="forgottenPasswordQuestions" /> <Argument name="answers" type="attribute" value="forgottenPasswordAnswers" /> <Argument name="innerdelimiter" type="literal" value="|" /> <Argument name="outerdelimiter" type="literal" value="^" /> <Argument name="minlength" type="literal" value="3" /> </Arguments> <Operations> <Operation type="create" /> <Operation type="read" /> <Operation type="update" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="forgottenPasswordData"/> <Attribute id="forgottenPasswordValues" multivalued="true" /> <Attribute id="roles" multivalued="true" /> <Attribute id="manager" /> <Attribute id="telephone" /> <Attribute id="organization" /> <Attribute id="objectclass" /> <Attribute id="location" /> <Attribute id="photo" type="object" /> </Attributes> </Definition> <Definition id="Customer"> <Properties> <Property name="definition.classname" value="org.openptk.definition.BasicSubject" /> <Property name="definition.description" value="A generic customer" /> <Property name="definition.password" value="password" /> <Property name="definition.role" value="Roles" /> </Properties> <Attributes> <Attribute id="uniqueid" required="true"> <Functions> <Function id="FirstInitialLastName" useexisting="true" classname="org.openptk.definition.functions.FirstInitialLastname"> <Arguments> <Argument name="first" type="attribute" value="firstname" /> <Argument name="last" type="attribute" value="lastname" /> <Argument name="maxlength" type="literal" value="32" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="firstname" required="true" > <Properties> <Property name="widget.displayname" value="First Name" /> <Property name="widget.type" value="textfield" /> <Property name="widget.width" value="32" /> <Property name="value.min" value="2" /> <Property name="value.max" value="30" /> </Properties> </Attribute> <Attribute id="lastname" required="true" /> <Attribute id="title" /> <Attribute id="password" encrypted="true"> <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="initialPassword" type="literal" value="Passw0rd" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="email" required="false"> <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="first" type="attribute" value="firstname" /> <Argument name="dot" type="literal" value="." /> <Argument name="last" type="attribute" value="lastname" /> <Argument name="at" type="literal" value="@" /> <Argument name="domainname" type="literal" value="openptk.org" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="lastcommafirst" virtual="true"> <Functions> <Function id="OutputLastFirst" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="arg1" type="attribute" value="lastname" /> <Argument name="arg2" type="literal" value=", " /> <Argument name="arg3" type="attribute" value="firstname" /> </Arguments> <Operations> <Operation type="read" /> <Operation type="search" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="fullname" required="false"> <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="arg1" type="attribute" value="firstname" /> <Argument name="arg2" type="literal" value=" " /> <Argument name="arg3" type="attribute" value="lastname" /> </Arguments> <Operations> <Operation type="create" /> <Operation type="update" /> <Operation type="read" /> <Operation type="search" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="forgottenPasswordQuestions" multivalued="true" virtual="true"> <Functions> <Function id="readPwdQuestions" classname="org.openptk.definition.functions.ForgottenPassword"> <Arguments> <Argument name="data" type="attribute" value="forgottenPasswordData" /> <Argument name="questions" type="attribute" value="forgottenPasswordQuestions" /> <Argument name="answers" type="attribute" value="forgottenPasswordAnswers" /> <Argument name="innerdelimiter" type="literal" value="|" /> <Argument name="outerdelimiter" type="literal" value="^" /> <Argument name="default" type="literal" value="Mothers Maiden Name,City you were born,Last 4 digits of Frequent Flyer" /> </Arguments> <Operations> <Operation type="read" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="forgottenPasswordAnswers" multivalued="true" virtual="true" access="private"> <Functions> <Function id="updatePwdAnswers" classname="org.openptk.definition.functions.ForgottenPassword"> <Arguments> <Argument name="data" type="attribute" value="forgottenPasswordData" /> <Argument name="questions" type="attribute" value="forgottenPasswordQuestions" /> <Argument name="answers" type="attribute" value="forgottenPasswordAnswers" /> <Argument name="innerdelimiter" type="literal" value="|" /> <Argument name="outerdelimiter" type="literal" value="^" /> <Argument name="minlength" type="literal" value="3" /> </Arguments> <Operations> <Operation type="read" /> <Operation type="update" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="forgottenPasswordData" access="private" /> <Attribute id="forgottenPasswordValues" multivalued="true" /> <Attribute id="roles" multivalued="true" /> <Attribute id="telephone" /> <Attribute id="organization" /> <Attribute id="objectclass" /> <Attribute id="street" /> <Attribute id="city" /> <Attribute id="state" /> <Attribute id="postalCode" /> </Attributes> </Definition> <Definition id="PersonOIM10g"> <Properties> <Property name="definition.classname" value="org.openptk.definition.BasicSubject" /> <Property name="definition.description" value="A generic employee,partner,consultant" /> <Property name="definition.password" value="password" /> <Property name="definition.role" value="Role" /> </Properties> <Attributes> <Attribute id="uniqueid" required="true"> <Functions> <Function id="FirstInitialLastName" useexisting="true" classname="org.openptk.definition.functions.FirstInitialLastname"> <Arguments> <Argument name="first" type="attribute" value="firstname" /> <Argument name="last" type="attribute" value="lastname" /> <Argument name="maxlength" type="literal" value="32" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="firstname" required="true" > <Properties> <Property name="widget.displayname" value="First Name" /> <Property name="widget.type" value="textfield" /> <Property name="widget.width" value="32" /> <Property name="value.min" value="2" /> <Property name="value.max" value="30" /> </Properties> </Attribute> <Attribute id="lastname" required="true" /> <Attribute id="email" required="true"> <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="first" type="attribute" value="firstname" /> <Argument name="dot" type="literal" value="." /> <Argument name="last" type="attribute" value="lastname" /> <Argument name="at" type="literal" value="@" /> <Argument name="domainname" type="literal" value="openptk.org" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="lastcommafirst" virtual="true"> <Functions> <Function id="OutputLastFirst" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="arg1" type="attribute" value="lastname" /> <Argument name="arg2" type="literal" value=", " /> <Argument name="arg3" type="attribute" value="firstname" /> </Arguments> <Operations> <Operation type="read" /> <Operation type="search" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="fullname" virtual="true"> <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="arg1" type="attribute" value="firstname" /> <Argument name="arg2" type="literal" value=" " /> <Argument name="arg3" type="attribute" value="lastname" /> </Arguments> <Operations> <Operation type="read" /> <Operation type="search" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="password" required="true" encrypted="true"> <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="initialPassword" type="literal" value="Passw0rd" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="roles" required="true" multivalued="true" > <Functions> <Function id="Concat" useexisting="false" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="Val" type="literal" value="Full-Time" /> </Arguments> <Operations> <Operation type="create" /> <Operation type="update" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="organization" required="true" > <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="val" type="literal" value="Xellerate Users" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="objectclass" required="true" > <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="val" type="literal" value="Users" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="type" required="true" > <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="val" type="literal" value="End-User" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="status" /> </Attributes> </Definition> <Definition id="UserOIM11g"> <Properties> <Property name="definition.classname" value="org.openptk.definition.BasicSubject" /> <Property name="definition.description" value="A User in Oracle Identity Manager 11g" /> <Property name="definition.password" value="password" /> <Property name="definition.role" value="Role" /> <Property name="definition.challenge.questions" value="forgottenPasswordQuestions"/> <Property name="definition.challenge.answers" value="forgottenPasswordAnswers"/> <Property name="definition.challenge.values" value="forgottenPasswordValues"/> </Properties> <Attributes> <Attribute id="uniqueid" required="true"> <Functions> <Function id="FirstInitialLastName" useexisting="true" classname="org.openptk.definition.functions.FirstInitialLastname"> <Arguments> <Argument name="first" type="attribute" value="firstname" /> <Argument name="last" type="attribute" value="lastname" /> <Argument name="maxlength" type="literal" value="32" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="firstname" required="true" > <Properties> <Property name="widget.displayname" value="First Name" /> <Property name="widget.type" value="textfield" /> <Property name="widget.width" value="32" /> <Property name="value.min" value="2" /> <Property name="value.max" value="30" /> </Properties> </Attribute> <Attribute id="lastname" required="true" /> <Attribute id="title" /> <Attribute id="email" required="true"> <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="first" type="attribute" value="firstname" /> <Argument name="dot" type="literal" value="." /> <Argument name="last" type="attribute" value="lastname" /> <Argument name="at" type="literal" value="@" /> <Argument name="domainname" type="literal" value="openptk.org" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="lastcommafirst" virtual="true"> <Functions> <Function id="OutputLastFirst" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="arg1" type="attribute" value="lastname" /> <Argument name="arg2" type="literal" value=", " /> <Argument name="arg3" type="attribute" value="firstname" /> </Arguments> <Operations> <Operation type="read" /> <Operation type="search" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="fullname" virtual="true"> <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="arg1" type="attribute" value="firstname" /> <Argument name="arg2" type="literal" value=" " /> <Argument name="arg3" type="attribute" value="lastname" /> </Arguments> <Operations> <Operation type="read" /> <Operation type="search" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="password" required="true" encrypted="true"> <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="initialPassword" type="literal" value="Passw0rd" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="roles" required="true" multivalued="true" > <Functions> <Function id="Concat" useexisting="false" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="Val" type="literal" value="Full-Time" /> </Arguments> <Operations> <Operation type="create" /> <Operation type="update" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="type" required="true" > <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="val" type="literal" value="End-User" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="manager" type="Long"/> <Attribute id="telephone" /> <Attribute id="status" /> <Attribute id="organization"/> <Attribute id="forgottenPasswordQuestions" multivalued="true" /> <Attribute id="forgottenPasswordAnswers" multivalued="true" /> <Attribute id="forgottenPasswordValues" multivalued="true" /> </Attributes> </Definition> <Definition id="UnauthenOIM11g"> <Properties> <Property name="definition.classname" value="org.openptk.definition.BasicSubject" /> <Property name="definition.description" value="Unauthenticated Registration, Oracle Identity Manager 11g" /> <Property name="definition.password" value="password" /> <Property name="definition.role" value="Role" /> <Property name="definition.challenge.questions" value="forgottenPasswordQuestions"/> <Property name="definition.challenge.answers" value="forgottenPasswordAnswers"/> <Property name="definition.challenge.values" value="forgottenPasswordValues"/> </Properties> <Attributes> <Attribute id="uniqueid" required="true"> <Properties> <Property name="widget.displayname" value="User Login" /> <Property name="widget.type" value="textfield" /> <Property name="widget.width" value="24" /> <Property name="value.min" value="4" /> <Property name="value.max" value="16" /> </Properties> <Functions> <Function id="FirstInitialLastName" useexisting="true" classname="org.openptk.definition.functions.FirstInitialLastname"> <Arguments> <Argument name="first" type="attribute" value="firstname" /> <Argument name="last" type="attribute" value="lastname" /> <Argument name="maxlength" type="literal" value="32" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="lastname" required="true" > <Properties> <Property name="widget.displayname" value="Last Name" /> <Property name="widget.type" value="textfield" /> <Property name="widget.width" value="32" /> <Property name="value.min" value="2" /> <Property name="value.max" value="30" /> </Properties> </Attribute> <Attribute id="firstname" required="true" > <Properties> <Property name="widget.displayname" value="First Name" /> <Property name="widget.type" value="textfield" /> <Property name="widget.width" value="32" /> <Property name="value.min" value="2" /> <Property name="value.max" value="30" /> </Properties> </Attribute> <Attribute id="email" required="true"> <Properties> <Property name="widget.displayname" value="Email" /> <Property name="widget.type" value="textfield" /> <Property name="widget.width" value="48" /> <Property name="value.min" value="12" /> <Property name="value.max" value="64" /> </Properties> <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="first" type="attribute" value="firstname" /> <Argument name="dot" type="literal" value="." /> <Argument name="last" type="attribute" value="lastname" /> <Argument name="at" type="literal" value="@" /> <Argument name="domainname" type="literal" value="openptk.org" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="password" required="true" encrypted="true"> <Properties> <Property name="widget.displayname" value="Password" /> <Property name="widget.type" value="password" /> <Property name="widget.width" value="24" /> <Property name="value.min" value="8" /> <Property name="value.max" value="24" /> </Properties> <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="initialPassword" type="literal" value="Passw0rd" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="organization"/> <Attribute id="type"/> <Attribute id="forgottenPasswordQuestions" multivalued="true" /> <Attribute id="forgottenPasswordAnswers" multivalued="true" /> <Attribute id="forgottenPasswordValues" multivalued="true" /> </Attributes> </Definition> <Definition id="RequestOIM11g"> <Properties> <Property name="definition.classname" value="org.openptk.definition.BasicSubject" /> <Property name="definition.description" value="Request, Oracle Identity Manager 11g" /> </Properties> <Attributes> <Attribute id="uniqueid" /> <Attribute id="justification" /> <Attribute id="rolename" required="true" multivalued="true"/> <Attribute id="userid" required="true"/> <Attribute id="template" required="true"> <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="default" type="literal" value="Assign Roles" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="beneficiarytype" required="true"> <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="default" type="literal" value="user" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="entitytype" required="true"> <Functions> <Function id="Concat" useexisting="true" classname="org.openptk.definition.functions.ConcatStrings"> <Arguments> <Argument name="default" type="literal" value="Role" /> </Arguments> <Operations> <Operation type="create" /> </Operations> </Function> </Functions> </Attribute> <Attribute id="model" readonly="true" /> <Attribute id="failure" readonly="true" /> <Attribute id="status" readonly="true" /> </Attributes> </Definition> <Definition id="Location"> <Properties> <Property name="definition.classname" value="org.openptk.definition.BasicSubject" /> <Property name="definition.description" value="A location" /> </Properties> <Attributes> <Attribute id="uniqueid" required="true"/> <Attribute id="description" /> <Attribute id="objectclass" /> <Attribute id="street" /> <Attribute id="city" /> <Attribute id="state" /> <Attribute id="postalCode" /> </Attributes> </Definition> <Definition id="Media"> <Properties> <Property name="definition.classname" value="org.openptk.definition.BasicSubject" /> <Property name="definition.description" value="Media Repository" /> </Properties> <Attributes> <Attribute id="uniqueid" required="true"> </Attribute> <Attribute id="name" /> <Attribute id="type" required="true"> <Functions> <Function id="MimeType" classname="org.openptk.definition.functions.DetectMimeType"> <Arguments> <Argument name="data" type="attribute" value="data" /> <Argument name="plugin" type="literal" value="mimeutil"/> </Arguments> <Operations> <Operation type="create"/> <Operation type="update"/> </Operations> </Function> </Functions> </Attribute> <Attribute id="length" required="true" type="integer"/> <Attribute id="modified" required="true"> <Functions> <Function id="DateTime" classname="org.openptk.definition.functions.DateTimeStamp"> <Operations> <Operation type="create"/> <Operation type="update"/> </Operations> </Function> </Functions> </Attribute> <Attribute id="contextid" /> <Attribute id="subjectid" /> <Attribute id="relationshipid" /> <Attribute id="digest" required="true" > <Functions> <Function id="Digest" classname="org.openptk.definition.functions.CalculateDigest"> <Arguments> <Argument name="data" type="attribute" value="data" /> </Arguments> <Operations> <Operation type="create"/> <Operation type="update"/> </Operations> </Function> </Functions> </Attribute> <Attribute id="data" type="object" required="true" /> </Attributes> </Definition> <Definition id="Role"> <Properties> <Property name="definition.classname" value="org.openptk.definition.BasicSubject" /> <Property name="definition.description" value="A business level role" /> </Properties> <Attributes> <Attribute id="rolename" required="true" /> <Attribute id="resources" /> <Attribute id="description" /> <Attribute id="owner" /> </Attributes> </Definition> <Definition id="LinkRole"> <Properties> <Property name="definition.classname" value="org.openptk.definition.BasicSubject" /> <Property name="definition.description" value="A role" /> </Properties> <Attributes> <Attribute id="uniqueid" required="true"/> <Attribute id="description" /> <Attribute id="owner" /> <Attribute id="access" /> <Attribute id="createdate" /> <Attribute id="status" /> </Attributes> </Definition> <Definition id="UserRole"> <Properties> <Property name="definition.classname" value="org.openptk.definition.BasicSubject" /> <Property name="definition.description" value="user role relationship" /> </Properties> <Attributes> <Attribute id="uniqueid" /> <Attribute id="userid" required="true"/> <Attribute id="roleid" required="true"/> </Attributes> </Definition> </Definitions> <!-- ========== Connections === Connection Properties for a given Service --> <Connections> <Properties> <Property name="service.classname" value="org.openptk.spi.BasicService" /> </Properties> <Connection id="SunSPML1"> <Properties> <Property name="connection.description" value="Sun Identity Manager Lighthouse client (SPML1)" /> <Property name="url" value="%{spml1.url}" /> <Property name="user.name" value="%{spml1.user.name}" /> <Property name="user.password.encrypted" value="%{spml1.user.password.encrypted}" /> <Property name="spmlTrace" value="false" /> </Properties> </Connection> <Connection id="SunSPML2"> <Properties> <Property name="connection.description" value="Sun Identity Manager Session Aware client (SPML2)" /> <Property name="url" value="%{spml2.url}" /> <Property name="user.name" value="%{spml2.user.name}" /> <Property name="user.password.encrypted" value="%{spml2.user.password.encrypted}" /> <Property name="spmlTrace" value="false" /> </Properties> </Connection> <Connection id="OIMSPML2"> <Properties> <Property name="connection.description" value="Oracle Identity Manager Session Aware client (SPML2)" /> <Property name="url" value="%{oimspml2.url}" /> <Property name="user.name" value="%{oimspml2.user.name}" /> <Property name="user.password" value="%{oimspml2.user.password}" /> <Property name="user.password.encrypted" value="%{oimspml2.user.password.encrypted}" /> <Property name="spmlTrace" value="false" /> <Property name="attribute.empty.remove" value="true" /> </Properties> </Connection> <Connection id="OIM10g"> <Properties> <Property name="connection.description" value="Oracle Identity Manager 10g API" /> <Property name="user.name" value="%{oim10g.user.name}" /> <Property name="user.password" value="%{oim10g.user.password}" /> <Property name="user.password.encrypted" value="%{oim10g.user.password.encrypted}" /> <Property name="xlclient.home" value="xlclient"/> <Property name="xlclient.authconfig" value="xlclient/config/auth.conf"/> <Property name="xlclient.policy" value="xlclient/config/xl.policy"/> <Property name="xlclient.providerurl" value="%{oim10g.url}"/> </Properties> </Connection> <Connection id="OIM11g"> <Properties> <Property name="connection.description" value="Oracle Identity Manager 11g Client API" /> <Property name="user.name" value="%{oim11g.user.name}" /> <Property name="user.password" value="%{oim11g.user.password}" /> <Property name="user.password.encrypted" value="%{oim11g.user.password.encrypted}" /> <Property name="client.authconfig" value="conf/authwl.conf"/> <Property name="client.providerurl" value="%{oim11g.url}"/> <Property name="forgot.challenge.0" value="What is your favorite color?" /> <Property name="forgot.challenge.1" value="What is your mother's maiden name?"/> <Property name="forgot.challenge.2" value="What is the city of your birth?" /> </Properties> </Connection> <Connection id="UnboundID"> <Properties> <Property name="connection.description" value="UnboundID 2.1" /> <Property name="hostname" value="%{ldap.hostname}" /> <Property name="portnum" value="%{ldap.portnum}" /> <Property name="user.name" value="%{jndi.user.name}" /> <Property name="user.password.encrypted" value="%{jndi.user.password.encrypted}" /> <Property name="connection.pool.min" value="4" /> <Property name="connection.pool.max" value="8" /> </Properties> </Connection> <Connection id="UnboundID-InMemory"> <Properties> <Property name="connection.description" value="UnboundID 2.1" /> <Property name="unboundid.inmemory" value="true" /> <Property name="unboundid.inmemory.rootdse" value="dc=openptk,dc=org" /> <Property name="unboundid.inmemory.ldif" value="/var/tmp/OpenPTKLDAPobjects.ldif" /> <Property name="user.name" value="%{jndi.user.name}" /> <Property name="user.password.encrypted" value="%{jndi.user.password.encrypted}" /> <Property name="connection.pool.min" value="4" /> <Property name="connection.pool.max" value="8" /> </Properties> </Connection> <Connection id="OpenDS"> <Properties> <Property name="connection.description" value="OpenDS 1.0" /> <Property name="url" value="%{jndi.url}" /> <Property name="user.name" value="%{jndi.user.name}" /> <Property name="user.password" value="%{jndi.user.password}" /> <Property name="user.password.encrypted" value="%{jndi.user.password.encrypted}" /> </Properties> </Connection> <Connection id="MySQL"> <Properties> <Property name="connection.description" value="MySQL 5.0.x" /> <Property name="url" value="%{jdbc.mysql.url}" /> <Property name="user.name" value="%{jdbc.mysql.user.name}" /> <Property name="user.password.encrypted" value="%{jdbc.mysql.user.password.encrypted}" /> <Property name="driver" value="%{jdbc.mysql.driver}" /> <Property name="attribute.empty.remove" value="true" /> </Properties> </Connection> <Connection id="Oracle"> <Properties> <Property name="connection.description" value="Oracle 11g" /> <Property name="url" value="%{jdbc.oracle.url}" /> <Property name="user.name" value="%{jdbc.oracle.user.name}" /> <Property name="user.password.encrypted" value="%{jdbc.oracle.user.password.encrypted}" /> <Property name="driver" value="%{jdbc.oracle.driver}" /> <Property name="attribute.empty.remove" value="true" /> </Properties> </Connection> <Connection id="Embed"> <Properties> <Property name="connection.description" value="Embedded Database (Derby 10.7)" /> <Property name="url" value="%{jdbc.embed.url}" /> <Property name="user.name" value="%{jdbc.embed.user.name}" /> <Property name="user.password.encrypted" value="%{jdbc.embed.user.password.encrypted}" /> <Property name="driver" value="%{jdbc.embed.driver}" /> <Property name="attribute.empty.remove" value="true" /> <Property name="path.relative" value="%{database.sample}" /> </Properties> </Connection> </Connections> <!-- The Loggers for recording audit and debug information NOTE: The "value" for "file" is just the filename ... it will be placed in openptk.temp --> <Loggers default="%{logger.default}"> <Logger id="UnixLogFile"> <Properties> <Property name="logger.classname" value="org.openptk.logging.SimpleLogger" /> <Property name="file" value="openptk.log" /> </Properties> </Logger> </Loggers> <Encryptors default="PBEWithMD5AndDES"> <Encryptor id="PBEWithMD5AndDES"> <Properties> <Property name="crypto.classname" value="org.openptk.crypto.DESCrypto" /> </Properties> </Encryptor> </Encryptors> <!-- Client information --> <Clients> <Properties> <Property name="openptk.cookie.name" value="%{cookie.name}"/> </Properties> <Client id="anon"> <Authenticators> <Authenticator id="Anonymous"/> </Authenticators> <Contexts default="Employees-Embed-JDBC"> <!-- default: Employees-Embed-JDBC --> <Context id="Employees-Embed-JDBC" /> <Context id="Employees-MySQL-JDBC" /> <Context id="Employees-UnboundID-LDAP" /> <Context id="Employees-OpenDS-JNDI" /> </Contexts> </Client> <Client id="identitycentral"> <Authenticators> <Authenticator id="Employees-IdPass-Embed"/> <Authenticator id="Employees-IdPass-LDAP"/> <Authenticator id="Employees-IdPass-JDBC"/> <Authenticator id="Employees-IdPass-Oracle"/> <Authenticator id="OpenPTK-config"/> </Authenticators> <Contexts default="Employees-Embed-JDBC"> <!-- default: Employees-Embed-JDBC --> <Context id="Employees-Oracle-JDBC" /> <Context id="Employees-MySQL-JDBC" /> <Context id="Employees-UnboundID-LDAP" /> <Context id="Employees-OpenDS-JNDI" /> <Context id="User-Oracle-OIMClient" /> <Context id="Employees-Embed-JDBC" /> <Context id="Media-Embed-JDBC" /> </Contexts> </Client> <Client id="identitycentralapi" secret="N343EhOmFig6XL1liUuRIvmf"> <Properties> <Property name="context.description" value="Identity Central Application" /> <Property name="context.registration" value="Register-Employees-Embed-JDBC" /> <Property name="context.media" value="Media-Embed-JDBC" /> <Property name="context.photo" value="Employees-Embed-JDBC"/> <Property name="search.min.chars" value="1" /> <Property name="search.results.quantity" value="10" /> <Property name="server.relative.uri" value="/openptk-server" /> </Properties> <Authenticators> <Authenticator id="Employees-IdPass-Embed"/> <Authenticator id="Employees-IdPass-LDAP"/> <Authenticator id="Employees-IdPass-JDBC"/> <Authenticator id="OpenPTK-config"/> </Authenticators> <Contexts default="Employees-Embed-JDBC"> <!-- default: Employees-Embed-JDBC --> <Context id="Employees-MySQL-JDBC" /> <Context id="Employees-UnboundID-LDAP" /> <Context id="Employees-OpenDS-JNDI" /> <Context id="Media-MySQL-JDBC" /> <Context id="Employees-Embed-JDBC" /> <Context id="Media-Embed-JDBC" /> </Contexts> </Client> <Client id="openptkserver"> <Authenticators> <Authenticator id="OpenPTK-config"/> </Authenticators> <Contexts default="Employees-Embed-JDBC"> <!-- default: Employees-Embed-JDBC --> <Context id="Employees-Embed-JDBC" /> <Context id="Employees-MySQL-JDBC" /> <Context id="Employees-UnboundID-LDAP" /> <Context id="Employees-OpenDS-JNDI" /> <Context id="Media-MySQL-JDBC" /> </Contexts> </Client> <Client id="openptkserverapi" secret="N343EhOmFig6XL1liUuRIvmf"> <Authenticators> <Authenticator id="OpenPTK-config"/> </Authenticators> <Contexts default="Employees-Embed-JDBC"> <!-- default: Employees-Embed-JDBC --> <Context id="Employees-Embed-JDBC" /> <Context id="Employees-MySQL-JDBC" /> <Context id="Employees-UnboundID-LDAP" /> <Context id="Employees-OpenDS-JNDI" /> <Context id="Media-MySQL-JDBC" /> </Contexts> </Client> <Client id="portal" secret="gKZo9rUyLeY56vSsFpR4J9GJ"> <Authenticators> <Authenticator id="Employees-Id-JDBC"/> <Authenticator id="Anonymous"/> </Authenticators> <Contexts default="Employees-Embed-JDBC"> <!-- default: Employees-Embed-JDBC --> <Context id="Employees-Embed-JDBC" /> <Context id="Employees-MySQL-JDBC" /> <Context id="Employees-UnboundID-LDAP" /> <Context id="Employees-OpenDS-JNDI" /> </Contexts> </Client> <Client id="uml" secret="WeacAymEnZqP34gDQuNfDsHE"> <Authenticators> <Authenticator id="Employees-IdPass-Embed"/> <Authenticator id="Employees-IdPass-JNDI"/> <Authenticator id="Employees-IdPass-JDBC"/> <Authenticator id="User-IdPass-OIMClient"/> <Authenticator id="OpenPTK-config"/> </Authenticators> <Contexts default="Employees-Embed-JDBC"> <!-- default: Employees-Embed-JDBC --> <Context id="Employees-Embed-JDBC" /> <Context id="Employees-Oracle-JDBC" /> <Context id="Employees-MySQL-JDBC" /> <Context id="Employees-UnboundID-LDAP" /> <Context id="Employees-OpenDS-JNDI" /> <Context id="User-Oracle-OIMClient" /> </Contexts> </Client> <Client id="register" secret="WeacAymEnZqP34gDQuNfDsHE"> <Authenticators> <Authenticator id="Anonymous"/> </Authenticators> <Contexts default="Register-Employees-Embed-JDBC"> <Context id="Register-Employees-Embed-JDBC" /> <Context id="Register-Employees-MySQL-JDBC"/> <Context id="Register-Oracle-IdMgr" /> <Context id="Register-Oracle-OIMClient"/> </Contexts> </Client> <Client id="console" secret="tLlGZ1rkok865iEmvomJEl4Z"> <Authenticators> <Authenticator id="Employees-IdPass-Embed"/> <Authenticator id="Employees-IdPass-LDAP"/> <Authenticator id="Employees-IdPass-JDBC"/> <!-- Authenticator id="User-IdPass-OIMClient"/ --> <Authenticator id="OpenPTK-config"/> </Authenticators> <Contexts default="Employees-Embed-JDBC"> <!-- default: Employees-Embed-JDBC --> <Context id="Employees-Embed-JDBC" /> <Context id="Employees-Oracle-JDBC" /> <Context id="Employees-MySQL-JDBC" /> <Context id="Employees-UnboundID-LDAP" /> <Context id="Employees-OpenDS-JNDI" /> <Context id="Person-OIM-SPML2" /> <Context id="User-Oracle-OIMClient"/> </Contexts> </Client> <Client id="apitest" secret="McP7NoBoPTPHrJZLfXsnDEod"> <Authenticators> <Authenticator id="Employees-IdPass-Embed"/> <Authenticator id="Employees-IdPass-JDBC"/> <Authenticator id="OpenPTK-config"/> </Authenticators> <Contexts default="Employees-Embed-JDBC"> <!-- default: Employees-Embed-JDBC --> <Context id="Employees-Embed-JDBC" /> <Context id="Employees-MySQL-JDBC" /> <Context id="Employees-UnboundID-LDAP" /> <Context id="Employees-OpenDS-JNDI" /> <Context id="Person-SunIdm-SPML1" /> <Context id="Customers-UnboundID-LDAP" /> <Context id="Customers-OpenDS-JNDI" /> <Context id="Register-Oracle-IdMgr" /> <Context id="User-Oracle-OIMClient"/> <Context id="Request-Oracle-OIMClient"/> <Context id="User-Oracle-OIMClient"/> </Contexts> </Client> <Client id="taglibtest" secret="N343EhOmFig6XL1liUuRIvmf"> <Authenticators> <Authenticator id="Employees-IdPass-Embed"/> <Authenticator id="Employees-IdPass-LDAP"/> <Authenticator id="Employees-IdPass-JDBC"/> <Authenticator id="OpenPTK-config"/> </Authenticators> <Contexts default="Employees-Embed-JDBC"> <!-- default: Employees-Embed-JDBC --> <Context id="Employees-Embed-JDBC" /> <Context id="Employees-MySQL-JDBC" /> <Context id="Media-Embed-JDBC" /> <Context id="Employees-UnboundID-LDAP" /> <Context id="Employees-OpenDS-JNDI" /> </Contexts> </Client> <Client id="wsdl" secret="OkBh9iciqyMJufiLwwNR8CBR"> <Authenticators> <Authenticator id="Anonymous"/> </Authenticators> <Contexts default="Employees-Embed-JDBC"> <!-- default: Employees-Embed-JDBC --> <Context id="Employees-Embed-JDBC" /> <Context id="Employees-MySQL-JDBC" /> <Context id="Employees-UnboundID-LDAP" /> <Context id="Employees-OpenDS-JNDI" /> </Contexts> </Client> </Clients> <!-- Models --> <Models> <Properties> <Property name="model.classname" value="org.openptk.model.BasicModel"/> </Properties> <Model id="Employee"> <Properties> <Property name="model.description" value="Person that has Organization and Location information"/> </Properties> <Relationships> <Relationship id="directReports"> <Properties> <Property name="relationship.classname" value="org.openptk.model.ChildrenRelationship"/> <Property name="relationship.description" value="List of children for a Subject"/> </Properties> <Query type="EQ" name="manager" value="${uniqueid}"/> </Relationship> <Relationship id="reportsTo"> <Properties> <Property name="relationship.classname" value="org.openptk.model.AncestorsRelationship"/> <Property name="relationship.description" value="List (ordered) of ancestors for a Subject"/> </Properties> <Query type="EQ" name="uniqueid" value="${manager}"/> </Relationship> <Relationship id="organization"> <Properties> <Property name="relationship.classname" value="org.openptk.model.OrganizationRelationship"/> <Property name="relationship.description" value="List (ordered) of the Subject organization"/> </Properties> <Query type="EQ" name="uniqueid" value="${manager}"/> </Relationship> <Relationship id="peers"> <Properties> <Property name="relationship.classname" value="org.openptk.model.SiblingsRelationship"/> <Property name="relationship.description" value="List of siblings for a Subject"/> </Properties> <Query type="EQ" name="manager" value="${manager}"/> </Relationship> <Relationship id="location"> <Properties> <Property name="relationship.classname" value="org.openptk.model.SubjectRelationship" /> <Property name="relationship.description" value="Location related Subject" /> <Property name="relationship.uniqueid" value="${attr:location}" /> </Properties> </Relationship> <Relationship id="photo"> <Properties> <Property name="relationship.classname" value="org.openptk.model.MediaRelationship" /> <Property name="relationship.description" value="A photo of the Person" /> <Property name="relationship.uniqueid" value="${path:contextid}-${path:subjectid}-${path:relationshipid}" /> </Properties> </Relationship> <Relationship id="cardphoto"> <Properties> <Property name="relationship.classname" value="org.openptk.model.MediaRelationship" /> <Property name="relationship.description" value="A business card image of the photo" /> <Property name="relationship.uniqueid" value="${path:contextid}-${path:subjectid}-${path:relationshipid}" /> </Properties> </Relationship> <Relationship id="thumbnail"> <Properties> <Property name="relationship.classname" value="org.openptk.model.MediaRelationship" /> <Property name="relationship.description" value="A thumbnail image of the photo" /> <Property name="relationship.uniqueid" value="${path:contextid}-${path:subjectid}-${path:relationshipid}" /> </Properties> </Relationship> <Relationship id="roles"> <Properties> <Property name="relationship.classname" value="org.openptk.model.ChildrenLinkRelationship"/> <Property name="relationship.description" value="List of roles linked to a User"/> <Property name="relationship.primary.context.name" value="UserRole-MySQL-JDBC"/> <Property name="relationship.link.context.name" value="Roles-MySQL-JDBC"/> <Property name="relationship.linkcontext.linkedid.attribute" value="roleid"/> </Properties> <Query type="EQ" name="userid" value="${uniqueid}"/> </Relationship> </Relationships> <Views> <View id="extended"> <Relationships> <Relationship id="location"/> <Relationship id="organization"/> <Relationship id="peers"/> <Relationship id="directReports"/> </Relationships> </View> <View id="address"> <Relationships> <Relationship id="location"/> </Relationships> </View> </Views> </Model> </Models> <!-- Converter Rules for the Structures --> <Converters> <Converter type="json" classname="org.openptk.structure.JsonConverter"> <Structures> <Structure id="results"> <Properties> <Property name="children" value="list"/> </Properties> </Structure> </Structures> </Converter> <Converter type="xml" classname="org.openptk.structure.XmlConverter"/> <Converter type="html" classname="org.openptk.structure.HtmlConverter"/> <Converter type="plain" classname="org.openptk.structure.PlainConverter"/> </Converters> <!-- Plugins: access to external processing --> <Plugins> <Plugin id="mimeutil" enabled="true" classname="org.openptk.plugin.mimeutil.MimeUtilPlugin"> <Properties> <Property name="mimeutil.detector" value="eu.medsea.mimeutil.detector.MagicMimeMimeDetector"/> <Property name="structure.mimetype" value="mimetype"/> </Properties> </Plugin> <Plugin id="sendemail" enabled="true" classname="org.openptk.plugin.sendemail.SendEmailPlugin"> <Properties> <Property name="sendemail.online" value="true" /> <Property name="sendemail.file" value="%{plugin.sendemail.file}"/> <Property name="sendemail.authen.user" value="%{plugin.sendemail.authen.user}" /> <Property name="sendemail.authen.password" value="%{plugin.sendemail.authen.password}" /> <Property name="mail.debug" value="false" /> <Property name="mail.host" value="localhost"/> <Property name="mail.transport.protocol" value="smtp" /> <Property name="mail.smtp.auth" value="false" /> <Property name="mail.smtp.port" value="25" /> <Property name="mail.smtp.quitwait" value="false" /> </Properties> </Plugin> <Plugin id="template" enabled="true" classname="org.openptk.plugin.template.TemplatePlugin"> <Properties> <Property name="template.library" value="%{plugin.template.library}" /> <Property name="missing.attribute" value="variable" /> </Properties> </Plugin> </Plugins> <!-- OperationActions: Pre and Post logic for Context/Subject Operations --> <OperationActions> <Action id="ifexists" classname="org.openptk.context.actions.IfExistsThenUpdate"> </Action> <Action id="checkmimetype" classname="org.openptk.context.actions.CheckMimeType"> <Properties> <Property name="mimetype.allow" value="image/png, image/jpg, image/jpeg, image/gif"/> </Properties> </Action> <Action id="cardphoto" classname="org.openptk.context.actions.ScaleCropImage"> <Properties> <Property name="size.width" value="100" /> <Property name="size.height" value="120" /> <Property name="uniqueid" value="${contextid}-${subjectid}-cardphoto"/> <Property name="attribute.data" value="data"/> <Property name="attribute.type" value="type"/> <Property name="attribute.length" value="length"/> <Property name="attribute.modified" value="modified"/> <Property name="attribute.digest" value="digest" /> <Property name="attribute.context" value="contextid"/> <Property name="attribute.subject" value="subjectid" /> <Property name="attribute.relationship" value="relationshipid" /> </Properties> </Action> <Action id="thumbnail" classname="org.openptk.context.actions.ScaleCropImage"> <Properties> <Property name="size.width" value="50" /> <Property name="size.height" value="60" /> <Property name="uniqueid" value="${contextid}-${subjectid}-thumbnail"/> <Property name="attribute.data" value="data"/> <Property name="attribute.type" value="type"/> <Property name="attribute.length" value="length"/> <Property name="attribute.modified" value="modified"/> <Property name="attribute.digest" value="digest" /> <Property name="attribute.context" value="contextid"/> <Property name="attribute.subject" value="subjectid" /> <Property name="attribute.relationship" value="relationshipid" /> </Properties> </Action> <Action id="notify" classname="org.openptk.context.actions.Notify"> <Properties> <Property name="plugin.template" value="template"/> <Property name="plugin.email" value="sendemail"/> </Properties> </Action> </OperationActions> <!-- Security related information --> <Security> <!-- Authentication mechanisms --> <Authenticators> <Authenticator id="Anonymous" level="ANON"> <Properties> <Property name="authenticator.classname" value="org.openptk.authenticate.AnonAuthenticator"/> <Property name="authenticator.description" value="Anonymous User"/> </Properties> </Authenticator> <Authenticator id="Employees-IdPass-JDBC" level="USER"> <Properties> <Property name="authenticator.classname" value="org.openptk.authenticate.IdPassServiceAuthenticator"/> <Property name="authenticator.context" value="Employees-MySQL-JDBC"/> <Property name="authenticator.description" value="Employees with User ID and Password verified against JDBC"/> </Properties> </Authenticator> <Authenticator id="Employees-IdPass-Embed" level="USER"> <Properties> <Property name="authenticator.classname" value="org.openptk.authenticate.IdPassServiceAuthenticator"/> <Property name="authenticator.context" value="Employees-Embed-JDBC"/> <Property name="authenticator.description" value="Employees with User ID and Password verified against Embedded database"/> </Properties> </Authenticator> <Authenticator id="Employees-IdPass-Oracle" level="USER"> <Properties> <Property name="authenticator.classname" value="org.openptk.authenticate.IdPassServiceAuthenticator"/> <Property name="authenticator.context" value="Employees-Oracle-JDBC"/> <Property name="authenticator.description" value="Employees with User ID and Password verified against Oracle"/> </Properties> </Authenticator> <Authenticator id="Employees-IdPass-LDAP" level="USER"> <Properties> <Property name="authenticator.classname" value="org.openptk.authenticate.IdPassServiceAuthenticator"/> <Property name="authenticator.context" value="Employees-UnboundID-LDAP"/> <Property name="authenticator.description" value="Employees with User ID and Password verified against LDAP"/> </Properties> </Authenticator> <Authenticator id="Employees-IdPass-JNDI" level="USER"> <Properties> <Property name="authenticator.classname" value="org.openptk.authenticate.IdPassServiceAuthenticator"/> <Property name="authenticator.context" value="Employees-OpenDS-JNDI"/> <Property name="authenticator.description" value="Employees with User ID and Password verified against LDAP"/> </Properties> </Authenticator> <Authenticator id="User-IdPass-OIMClient" level="USER"> <Properties> <Property name="authenticator.classname" value="org.openptk.authenticate.IdPassServiceAuthenticator"/> <Property name="authenticator.context" value="User-Oracle-OIMClient"/> <Property name="authenticator.description" value="Users with User ID and Password verified against OIM 11g"/> </Properties> </Authenticator> <Authenticator id="Employees-Id-LDAP" level="USER"> <Properties> <Property name="authenticator.classname" value="org.openptk.authenticate.IdServiceAuthenticator"/> <Property name="authenticator.context" value="Employees-UnboundID-LDAP"/> <Property name="authenticator.description" value="Employees that exist in the Service"/> </Properties> </Authenticator> <Authenticator id="Employees-Id-JNDI" level="USER"> <Properties> <Property name="authenticator.classname" value="org.openptk.authenticate.IdServiceAuthenticator"/> <Property name="authenticator.context" value="Employees-OpenDS-JNDI"/> <Property name="authenticator.description" value="Employees that exist in the Service"/> </Properties> </Authenticator> <Authenticator id="Employees-Id-JDBC" level="USER"> <Properties> <Property name="authenticator.classname" value="org.openptk.authenticate.IdServiceAuthenticator"/> <Property name="authenticator.context" value="Employees-MySQL-JDBC"/> <Property name="authenticator.description" value="Employees that exist in the Service"/> </Properties> </Authenticator> <Authenticator id="User-Id-OIMClient" level="USER"> <Properties> <Property name="authenticator.classname" value="org.openptk.authenticate.IdServiceAuthenticator"/> <Property name="authenticator.context" value="User-Oracle-OIMClient"/> <Property name="authenticator.description" value="Employees that exist in the Service"/> </Properties> </Authenticator> <Authenticator id="OpenPTK-config" level="SYSTEM"> <Properties> <Property name="authenticator.classname" value="org.openptk.authenticate.IdPassSystemAuthenticator"/> <Property name="authenticator.description" value="OpenPTK config against internal admin credentials"/> </Properties> </Authenticator> </Authenticators> <Deciders> <Decider id="internal"> <Properties> <Property name="decider.classname" value="org.openptk.authorize.decider.BasicDecider"/> </Properties> </Decider> </Deciders> <Enforcers> <Properties> <Property name="enforcer.classname" value="org.openptk.authorize.BasicEnforcer"/> </Properties> <Enforcer id="webfilter" environment="SERVLET" decider="internal" /> <Enforcer id="operation" environment="ENGINE" decider="internal" /> </Enforcers> <Policies> <Properties> <Property name="policy.classname" value="org.openptk.authorize.policy.BasicPolicy"/> </Properties> <Policy id="NotEnforcedURIs" environment="SERVLET" mode="inbound" effect="allow"> <Properties> <Property name="policy.description" value="Not Enforced URIs"/> </Properties> <Session> <Types> <Type id="INTERNAL"/> <Type id="ANON"/> <Type id="USER"/> <Type id="SYSTEM"/> </Types> </Session> <Targets> <Target id="sessioninfo" type="uri" value="/resources/sessioninfo"/> <Target id="forgotP1" type="uri" value="/resources/contexts/./subjects/./password/forgot/questions"/> <Target id="forgotP2" type="uri" value="/resources/contexts/./subjects/./password/forgot/answers"/> <Target id="forgotP3" type="uri" value="/resources/contexts/./subjects/./password/forgot/change"/> </Targets> </Policy> <Policy id="ClientsURI" environment="SERVLET" mode="inbound" effect="allow"> <Properties> <Property name="policy.description" value="Clients URI"/> </Properties> <Session> <Types> <Type id="INTERNAL"/> <Type id="ANON"/> <Type id="USER"/> <Type id="SYSTEM"/> </Types> </Session> <Targets> <Target id="clients" type="uri" value="/resources/clients/*" /> </Targets> </Policy> <Policy id="ContextsURI" environment="SERVLET" mode="inbound" effect="allow"> <Properties> <Property name="policy.description" value="Contexts URI"/> </Properties> <Session> <Types> <Type id="ANON"/> <Type id="USER"/> <Type id="SYSTEM"/> </Types> </Session> <Targets> <Target id="contexts" type="uri" value="/resources/contexts/*" /> </Targets> </Policy> <Policy id="EngineURIs" environment="SERVLET" mode="inbound" effect="allow"> <Properties> <Property name="policy.description" value="Internal SYSTEM URIs"/> </Properties> <Session> <Types> <Type id="ANON"/> <Type id="SYSTEM"/> </Types> </Session> <Targets> <Target id="engine" type="uri" value="/resources/engine/*" /> </Targets> </Policy> <Policy id="NotEnforcedOps" environment="ENGINE" mode="inbound" effect="allow"> <Properties> <Property name="policy.description" value="Not enforced Operations"/> </Properties> <Session> <Types> <Type id="INTERNAL"/> <Type id="ANON"/> <Type id="USER"/> <Type id="SYSTEM"/> </Types> </Session> <Targets> <Target id="sessioninfo" type="uri" value="/resources/sessioninfo"> <Operations> <Operation id="READ"/> </Operations> </Target> <Target id="forgotP1" type="uri" value="/resources/contexts/./subjects/./password/forgot/questions"> <Operations> <Operation id="PWDFORGOT"/> </Operations> </Target> <Target id="forgotP2" type="uri" value="/resources/contexts/./subjects/./password/forgot/answers"> <Operations> <Operation id="PWDFORGOT"/> </Operations> </Target> <Target id="forgotP3" type="uri" value="/resources/contexts/./subjects/./password/forgot/change"> <Operations> <Operation id="PWDFORGOT"/> </Operations> </Target> </Targets> </Policy> <Policy id="AnonymousOps" environment="ENGINE" mode="inbound" effect="allow"> <Properties> <Property name="policy.description" value="Anonymous Operations"/> </Properties> <Session> <Types> <Type id="ANON"/> <Type id="USER"/> <Type id="SYSTEM"/> </Types> </Session> <Targets> <Target id="clients" type="uri" value="/resources/clients/*"> <Operations> <Operation id="READ"/> </Operations> </Target> <Target id="contexts" type="uri" value="/resources/contexts/*"> <Operations> <Operation id="READ"/> <Operation id="SEARCH"/> </Operations> </Target> <Target id="reg-mysql" type="uri" value="/resources/contexts/Register-Employees-MySQL-JDBC/subjects"> <Operations> <Operation id="CREATE"/> </Operations> </Target> <Target id="reg-embed" type="uri" value="/resources/contexts/Register-Employees-Embed-JDBC/subjects"> <Operations> <Operation id="CREATE"/> </Operations> </Target> </Targets> </Policy> <Policy id="UserOps" environment="ENGINE" mode="inbound" effect="allow"> <Properties> <Property name="policy.description" value="End-User Self Service"/> </Properties> <Session> <Types> <Type id="USER"/> </Types> </Session> <Targets> <Target id="photo" type="uri" value="/resources/contexts/${session.principal.contextid}/subjects/${session.principal.uniqueid}/relationships/photo"> <Operations> <Operation id="CREATE"/> </Operations> </Target> <Target id="update" type="uri" value="/resources/contexts/${session.principal.contextid}/subjects/${session.principal.uniqueid}"> <Operations> <Operation id="UPDATE"/> </Operations> </Target> <Target id="pwdchange" type="uri" value="/resources/contexts/${session.principal.contextid}/subjects/${session.principal.uniqueid}/password/change"> <Operations> <Operation id="PWDCHANGE"/> </Operations> </Target> </Targets> </Policy> <Policy id="SystemOps" environment="ENGINE" mode="inbound" effect="allow"> <Properties> <Property name="policy.description" value="System user access"/> </Properties> <Session> <Types> <Type id="SYSTEM"/> </Types> </Session> <Targets> <Target id="contexts" type="uri" value="/resources/contexts/*"> <Operations> <Operation id="CREATE"/> <Operation id="READ"/> <Operation id="UPDATE"/> <Operation id="DELETE"/> <Operation id="SEARCH"/> <Operation id="PWDCHANGE"/> <Operation id="PWDRESET"/> </Operations> </Target> <Target id="engine" type="uri" value="/resources/engine/*"> <Operations> <Operation id="READ"/> <Operation id="SEARCH"/> </Operations> </Target> <Target id="clients" type="uri" value="/resources/clients/*"> <Operations> <Operation id="READ"/> <Operation id="SEARCH"/> </Operations> </Target> </Targets> </Policy> <Policy id="TrustedClients" environment="ENGINE" mode="inbound" effect="allow"> <Properties> <Property name="policy.description" value="Trust these Clients for all operations"/> </Properties> <Session> <Types> <Type id="ANON"/> </Types> <Clients> <Client id="wsdl"/> <Client id="portal"/> <Client id="register"/> </Clients> </Session> <Targets> <Target id="all" type="uri" value="/resources/contexts/*"> <Operations> <Operation id="CREATE"/> <Operation id="READ"/> <Operation id="UPDATE"/> <Operation id="DELETE"/> <Operation id="SEARCH"/> <!-- password operations not allowed --> </Operations> </Target> </Targets> </Policy> </Policies> </Security></OpenPTK> |
Release 2.x > Install - Reference >