<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:dp="http://www.datapower.com/extensions"
xmlns:regexp="http://exslt.org/regular-expressions"
extension-element-prefixes="dp regexp"
exclude-result-prefixes="dp regexp"
version="1.0">
<xsl:output method="text"/>
<!--+
Expected input document looks like this:
<credentials>
<entry type="ldap">uid=sarah,ou=users,dc=ibmdemo,dc=com</entry>
</credentials>
+-->
<xsl:variable name="ldapServerIP" select="'kaplang'"/>
<xsl:variable name="ldapServerPort" select="'11389'"/>
<xsl:variable name="bindDN" select="'uid=admin,ou=system'"/>
<xsl:variable name="bindPW" select="'mysecret'"/>
<xsl:variable name="rbmfile" select="'local:///rbmTemplates.xml'" />
<xsl:variable name="rbm-templates" select="document($rbmfile)"/>
<xsl:variable name="targetDN" select="'ou=domains,dc=ibm,dc=com'"/>
<xsl:variable name="attributeName" select="'cn'"/>
<xsl:variable name="filterTemplate" select="'(&(objectClass=groupOfNames)(member=USER_DN))'"/>
<xsl:variable name="sslProxyProfile" select="''"/>
<xsl:variable name="ldapLBGroup" select="''"/>
<xsl:variable name="ldapVersion" select="'v3'"/>
<xsl:template match="/">
<xsl:variable name="authenticatedUserDN" select="credentials/entry"/>
<xsl:variable name="filter" select="regexp:replace($filterTemplate,'USER_DN','g',$authenticatedUserDN)"/>
<xsl:variable name="search-results" select="dp:ldap-search(
$ldapServerIP, $ldapServerPort,
$bindDN, $bindPW,
$targetDN,
$attributeName,
$filter,
'sub',
$sslProxyProfile,
$ldapLBGroup,
$ldapVersion)"/>
<xsl:for-each select="$search-results/LDAP-search-results/result">
<xsl:call-template name="create-access-profiles">
<xsl:with-param name="domain" select="regexp:match(DN,'^cn=[^,]+,ou=([^,]+)')[2]"/>
<xsl:with-param name="role" select="attribute-value[@name='cn']"/>
</xsl:call-template>
</xsl:for-each>
</xsl:template>
<xsl:template name="create-access-profiles">
<xsl:param name="domain"/>
<xsl:param name="role"/>
<xsl:variable name="priv">
<xsl:choose>
<xsl:when test="$domain = 'default'">true</xsl:when>
<xsl:otherwise>false</xsl:otherwise>
</xsl:choose>
</xsl:variable>
<xsl:for-each select="$rbm-templates/rbm-templates/rbm-template[(@name=$role) and (@privileged=$priv)]/access-policy">
<xsl:message><xsl:value-of select="concat(regexp:replace(.,'DOMAIN_ID','g',$domain),'
')"/></xsl:message>
<xsl:value-of select="concat(regexp:replace(.,'DOMAIN_ID','g',$domain),'
')"/>
</xsl:for-each>
</xsl:template>
</xsl:stylesheet>
0.000000
0.000000
Like this:
Like Loading...