Organization mappers are used to determine in which EP organization to place a user’s record when initially replicating the user from LDAP to the ACDB. Enterprise Security ships two organization mappers:
Default – places all subjects into the root organization.
Pattern organization mapper – allows the specification of destination organizations by scanning through a list of regular expressions to see if the user’s LDAP DN matches an appropriate expression.
An organization mapper must be a Java class that:
Extends com.sybase.ep.security.authdelegate.ldap.OrganizationMapper
Has a public constructor that accepts an instance of java.util.Properties as its only parameter
Implements this method:
public String getOrganization(netscape.ldap.LDAPEntry entry);
where entry is the full LDAPEntry of the user who was authenticated, and the return value is an organization DN.
You can specify the organization mapper using the mapping properties in the security.properties file. See Table 15-4. The default organization mapper places all users in the root organization.
To integrate completely with your LDAP server, you may need to specify additional configuration parameters. All of the LDAP configuration parameters are listed in Table 15-4.
