IBM BS029ML - WebSphere Portal Server Self Help Manual page 131

<supportedLdapEntryType name="Group"
rdnAttrTypes="cn"
objectClassesForRead="groupOfUniqueNames"
objectClassesForWrite="groupOfUniqueNames"
searchBases="ou=groups,ou=dept,o=acme.com"/>
</supportedLdapEntryTypes>
</ldapRepository>
</repositories>
</wmm>
Within the WMM configuration, the default realm name is set to portal. If you prefer a different
name, you can choose one and set it to "WmmDefaultRealm" in wpconfig.properties, and
then run the security configuration task, or you can change it after the security is enabled, by
modifying defaultRealmName in wmm.xml, and the name of "default" realm in wmmur.xml.
maximumSearchResults is the parameter associated with the search requests WMM sent to
the LDAP server, if there is no size limit set up on the LDAP server. When a
sizelimitExceededException is found in runtime or the trace log files, you can try to increase
the value. The recommendation is not to set it up too high. If the returned search result
becomes too high, the impact on performance on the LDAP would be high. In such cases, we
recommend either a better search filter or a narrow search base.
userSecurityAttributeName should always be set to the login attribute. This attribute defaults
to the Relative Distinguished Name (RDN™) in most cases, but it is not necessary. When
WMMUR is configured, this should be the same as the customer property
wmmUserSecurityNameAttr (refer to Example 4-3 on page 110).
ldapHost and ldapPort should be set to the same host name and port configured in the
WebSphere Application Server security configuration.
Since the member types OrganizationalUnit and Organization are not used in WebSphere
Portal, the support for them can be dropped. If you opt out of doing that, the corresponding
entries should be removed from wmmAttributes.xml and wmmLDAPServerAttributes.xml or
wmmDBAttributes.xml as well.
wmmAttributes.xml
This is the dictionary of all attributes used for WMM members. It is used as a reference for all
attributes used within the portal environment. The only exception is extId, which is an internal
attribute, and it is not supposed to be modified by applications. An example attribute entry is
shown in Example 4-8.
Example 4-8 An example of attribute definition in wmmAttributes.xml
<attribute wmmAttributeName="uid"
applicableMemberTypes="Person"
requiredMemberTypes="Person"
dataType="String"
valueLength="254"
multiValued="false"/>
Notice that requiredMemberTypes specifies that this attribute is mandatory for member type
Person. If an attribute is multi-valued, that is, multiValued set to true, the values are separated
by semicolons.
Chapter 4. WebSphere Portal security
117