How To: Map LDAP Attributes to Items on the Portal Registration Page
Every user or group in the LDAP structure has attributes associated with it. All of the attributes assigned to a user are displayed. These attributes are defined by LDAP Data Interchange Format, and map information to the user or group. The Portal’s gpt.xml file uses attributes defined in LDAP to generate fields in the Portal Registration page.
Out of the box, the Portal Registration page looks like the following:
The 'Username' and 'Password' are mandatory because they are required for logging in. Email is mandatory so the Portal administrator can contact a user if necessary. Other fields are optional. Additional fields can be added or removed from this page.
This article assumes an understanding of LDAP concepts outlined in the article "What are Important Concepts for Connecting GPT LDAP to an Active Directory”.
<a href='http://support.esri.com/en/knowledgebase/techarticles/detail/36411' target='_blank'>FAQ: What are important concepts for connecting the GIS Portal Toolkit (GPT) LDAP to an Active Directory?</a>
- Investigate how these items, called 'attributes', are mapped in LDAP:
a. Open JXplorer and select one of the users.
b. Click the 'Table Editor' tab in the window to the right.
- Notice the name of the attributes in the 'attribute type' column to the left. These correspond to the attributes’ 'ldapName' values defined in the <userAttributeMap> section in the gpt.xml file.
Not all of the attributes shown in JXplorer are listed in gpt.xml, and not every attribute in gpt.xml is listed in this example with JXplorer. How these items are defined should be discussed with the LDAP administrator.
- Once the LDAP structure has been investigated and the attributes have been discussed with an LDAP administrator, follow the steps below to add an additional field to the Portal Registration page:
- Navigate to the <TOMCAT>\webapps\GPT9\WEB-INF\classes\gpt\config folder.
- Open the gpt.xml file in a text editor.
- Create a new <attribute> tag in the <userAttributeMap> section of the gpt.xml file:
a. For the key attribute, give it any string value, preferably one that easily identifies the data to be entered (i.e., telephoneExtension, employeeNumber).
b. For the ldapName attribute, select an LDAP attribute not in use for any other attribute. This attribute must correspond to an LDAP attribute shown in JXplorer.
For example, to add a field for the Home Phone Number on the Portal Registration page, add a new attribute to the list in gpt.xml, as shown below. Assign the key attribute to be 'home_phone', and map the ldapName attribute to 'homePhone' – an unused attribute in LDAP as seen in the table view screenshot.
<attribute key="username" ldapName="uid"/>
<attribute key="password" ldapName="userPassword"/>
<attribute key="email" ldapName="mail"/>
<attribute key="firstName" ldapName="givenName"/>
<attribute key="lastName" ldapName="sn"/>
<attribute key="organization" ldapName="o"/>
<attribute key="affiliation" ldapName="businessCategory"/>
<attribute key="street" ldapName="street"/>
<attribute key="city" ldapName="l"/>
<attribute key="stateOrProv" ldapName="st"/>
<attribute key="postalCode" ldapName="postalCode"/>
<attribute key="country" ldapName=""/>
<attribute key="phone" ldapName="telephoneNumber"/>
<attribute key="home_phone" ldapName="homePhone"/>
- Navigate to the <TOMCAT>\webapps\GPT9\catalog\identity folder.
- Open userAttributes.jsp in a text editor.
- Add a new set of output label tags, taking care to use the attribute’s key name in the parameters:
<% // home phone number %>
<h:inputText id="home_phone" size="30" maxlength="128"
- Notice that the 'catalog.identity.profile.label.home_phone' is used to generate the name of the label on the Registration page. Add this entry to the gpt.properties file in the <TOMCAT>\webapps\GPT9\WEB-INF\classes\gpt\resources folder. The new entry in gpt.properties for our Home Phone Number example is:
catalog.identity.profile.label.home_phone = Home Phone Number:
- After updating both userAttributes.jsp and gpt.properties, save both files, and close them.
- Restart Tomcat.
- To see how the Registration page relates to LDAP, launch the Portal site and click the 'Register' button.
- Register a new user:
- Refresh the view in JXplorer to see the new user added to the tree. Click on the new user, and see how the properties – including the new Home Phone Number – are mapped in LDAP.
- What are important concepts for connecting the GIS Portal Toolkit (GPT) LDAP to an Active Directory?
Last Published: 5/5/2016
Article ID: 000010547