The Penrose Project

• Overview
  • News
  • FAQ
  • Features
  • Licenses
  • Download
  • Demo
• Documentation
  • Quick Start
  • Version 1.2 (in development)
    • Complete
    • Server User Guide
    • Studio User Guide
    • Developer Guide
    • Embedding Penrose
    • Javadoc
  • Version 1.1 (stable)
    • Complete
    • Server User Guide
    • Studio User Guide
    • Developer Guide
    • Embedding Penrose
    • Javadoc
  • Use Cases
  • Community Wiki
• Developer
  • Nightly Builds
  • Code Repository
  • Road Map
  • Change Log
  • Project Management
• Support
  • WebChat
  • Forum & List
  • Bug/Feature Tracker
  • Team
  • Contact

Entry Mappings

Introduction

An entry mapping represents the actual entry or entries that you will see in Penrose virtual tree. The mapping consists of attribute mapping, source mapping (reverse mapping), relationship among the sources, and access control list. The mapping configuration can be found in PENROSE_HOME/conf/mapping.xml.

<mapping>

  <entry dn="...">

    <!-- object classes -->
    <oc>...</oc>

    <!-- attribute mappings -->
    <at name="..." rdn="...">
      <expression>...</expression>
    </at>

    <!-- source mappings -->
    <source name="...">
      <source-name>...</source-name>
      <field name="...">
        <expression>...</expression>
      </field>
    </source>

    <!-- relationships -->
    <relationship>
      <expression>...</expression>
    </relationship>

    <!-- access controls -->
    <aci ...>
      ...
    </aci>

    <!-- parameters -->
    <parameter>
      <param-name>...</param-name>
      <param-value>...</param-value>
    </parameter>

  </entry>

</mapping>

Distinguished Name

A DN identifies the location in which the entry mapping resides in the virtual tree. The DN could be either static or dynamic. A static DN consists of RDN's with constant values, for example ou=Users,dc=Example,dc=org. A dynamic DN contains dynamic RDN's, for example uid=...,ou=Users,dc=Example,dc=org. The value of the dynamic RDN's are determined by the actual data being processed.

Object Classes

As with regular LDAP entries, an entry mapping also needs to have object classes. Currently Penrose only supports static object classes.

Attribute Mapping

Attribute mapping describes how to compute the attribute values of the entries, which could be a constant, a variable, or an expression. This is used in all operations that require retrieving the data from the sources such as search, bind, and compare. See Attribute Mappings.

Source Mapping / Reverse Mapping

Source mapping describes how to compute the field values of the sources, which could be a constant, a variable, or an expression. This is used in all operations that require sending the data back to the source such as search (search filter), add, modify, modrdn, and delete. See Source and Field Mappings.

Relationships

This section defines the relationship among the sources used in this mapping. Currently Penrose only support simple relationships.

Access Control Instruction

The access control instructions defines the rights of the users accessing this entry mapping. See Access Control.

h2 Parameters

Certain features such as cache require specifying additional parameters.

Cache

Each entry mapping has 2 caches:

• Filter cache
  It stores the RDNs resulting from search operations.
• Data cache
  It stores the full entry data resulting from search operations.

When Penrose accepts a search request, first it checks the filter cache. If the requested filter is not in the cache, it will perform a search operation on the mapped sources to get the RDNs of the entries. The resulting RDNs will be stored in the cache.

With a set of RDNs obtained from the above operation, Penrose will try to load the data. If the data is not in the data cache, it will perform a load operation to get the full entry data and store it in the cache.

To configure the cache, add the following parameters:

You can set the cache expiration to 0 to disable the cache. In this case all requests will always be performed against the datasource.

Examples

The following is an example how to define an entry mapping.

<mapping>

  <entry dn="dc=Example,dc=com">
    <oc>dcObject</oc>
    <oc>organization</oc>
    <at name="dc" rdn="true">
      <constant>Example</constant>
    </at>
    <at name="o">
      <constant>Example</constant>
    </at>
  </entry>

</mapping>

This mapping rule defines the entry dc=Example,dc=com. The entry has 2 object classes: dcObject and organization. The values of dc and o attribute are constant values Example.

See Mapping for examples of various mappings.