cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

UME API LDAP Search

Former Member

on ‎07-05-2005 10:15 AM

0 Kudos

Hello,

i`m doing a LDAP search using the following code:

IUserFactory uf = UMFactory.getUserFactory();

IUserSearchFilter usf = uf.getUserSearchFilter();

IUser user = null;

usf.setDisplayName(

j_user,

ISearchAttribute.EQUALS_OPERATOR,

false);

The search is working, but in the result i also get all combinations of firstname (LDAP: givenName) and lastname (LDAP: sn), where "j_user" equals either firstname or lastname.

If i try to search like:

usf.setSearchAttribute(

IPrincipal.DEFAULT_NAMESPACE,

"diplayname",

j_user,

ISearchAttribute.EQUALS_OPERATOR,

false);

my searchresult status is ok, but ALWAYS empty.

My dataSourceConfig.xml looks like:

<principal type="user">

<nameSpaces>

<nameSpace name="com.sap.security.core.usermanagement">

<attributes>

...

<attribute name="firstname">

<physicalAttribute name="givenname"/>

</attribute>

<attribute name="displayname">

<physicalAttribute name="displayname"/>

</attribute>

<attribute name="lastname">

<physicalAttribute name="sn"/>

</attribute>

...

Is there anything wrong, why the setSearchAttribute method is not working?

best regards Oliver

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
‎07-05-2005 4:14 PM
0 Kudos

Hello,

i hope we got it now.

1. the method usf.setDisplayName(j_user,ISearchAttribute.EQUALS_OPERATOR,false);

is searching lastname, firstname as default setting regarding to http://help.sap.com/saphelp_nw04/helpdata/en/e4/c016987fbca343801d41096f124ec4/content.htm , if the physical attribute in LDAP is empty. Otherwise it is using the value from the LDAP.

2. the method usf.setSearchAttribute(IPrincipal.DEFAULT_NAMESPACE,"diplayname",j_user,ISearchAttribute.EQUALS_OPERATOR,false); did not do, because displayname is a default attribute and not custom?

3. Changing the mapping of displayname to the physical attribute cn, and creating a new mapping, freeusername to displayname in LDAP makes makes everything work fine.

Thanks for your help and best regards

Oliver

Show replies
Show replies
Former Member
‎07-05-2005 12:00 PM
0 Kudos

Hi Oliver,

Prakash showed the solution. displayname is the wrong way, because the displayname is created of pre- and lastname (per default, you can configure the behaviour of creation of the displayname to your needs).

Show replies
Show replies
Former Member
‎07-05-2005 1:03 PM
0 Kudos

Hello and thx for the quick reply.

Maybe there is a missunderstanding, cause i don`t want to search firstname or lastname, but ONLY the displayname. The reason is, because we want to allow our business partners to access our Portal (WebAS 6.40 EP6 SP11) either with a predefined username (LDAP: uid), or a free chooseable "displayname". E.g. i can login as olivwalt (this one is predefined) and oliver (this one i have choosen by myself). The loginticket itself is always mapped to the uid.

So we defined the unique "displayname" attribute in LDAP, while the UME returns as result where either firstname or lastname or displayname equals the searchstring, when using the method searchFilter.setDisplayname(). But it should only return the result of the displayname and not lastname or firstname.

Because of this i tried the method searchFilter.setSearchAttribute(). But with this my result is alwasy empty.

So my question is there anything else i have to do?

Best regards Oliver

Former Member
‎07-05-2005 11:36 AM
0 Kudos

Try doing the following.


usf.setLastName("Walter*", ISearchAttribute.LIKE_OPERATOR, false);
usf.setFirstName("Oliver*", ISearchAttribute.LIKE_OPERATOR, false);

Show replies
Show replies
Ask a Question