Hi,
I am trying to read the ObjectSID of an LDAP user (from MS Active directory) from an IUser object. This attribute is binary retrieved from the LDAP and if I defined a normal extra attribute in the datasourceconfiguration file and retrieve it as a String the value is wrong.
So my question is how can I define this as a binary attribute?
From the file C:\usr\sap\EWD\JC00\j2ee\configtool\dataSourceConfiguration.dtd you get the specification of the xml format for the datasourceconfiguration.
The Attribute element has the following specification:
<!ATTLIST attribute name CDATA #REQUIRED populateInitially (true|false) #IMPLIED readonly (true|false) #IMPLIED type (string|blob) #IMPLIED cacheTime CDATA #IMPLIED>
Since you have type here, I tried setting it to blob under the user object as such:
For user: <attribute name="guid" type="blob" populateInitially="true"/> For attribute mapping: <attribute name="guid"> <physicalAttribute name="objectSid"/> </attribute>
However, I still get the following error when calling
iuser.getBinaryAttribute(UME_NAMESPACE,UME_GUID_NAME ):
Caused by: com.sap.security.api.UMRuntimeException: String attribute "com.sap.security.core.usermanagement"-->"guid" must be read using IPrincipal.getAttribute(com.sap.security.core.usermanagement,guid)
at com.sap.security.core.imp.AbstractPrincipal.getBinaryAttribute(AbstractPrincipal.java:300)
at com.sap.security.core.imp.UserWrapper.getBinaryAttribute(UserWrapper.java:261)
at com.bouvet.portal.login.UserIntegrityLoginModule.getStatoilUser(UserIntegrityLoginModule.java:430)
at com.bouvet.portal.login.UserIntegrityLoginModule.login(UserIntegrityLoginModule.java:255)
at com.sap.engine.services.security.login.ModulesProcessAction.run(ModulesProcessAction.java:69)
... 41 more
This error indicates that the attributes is a string and not a binary attribute.
Anyone?