[midPoint] LDAP connector integer data type
Andrew Morgan
morgan at oregonstate.edu
Wed May 23 07:41:22 CEST 2018
I am configuring the outbound mapping for my LDAP resource (ODSEE). Our
user unique identifier is an attribute named "osuUID", and the values are
11-digit numbers. For example, my osuUID is 78013514100. The syntax of
the osuUID attribute is 1.3.6.1.4.1.1466.115.121.1.27 (INTEGER).
According to RFC 4517, "A value of the Integer syntax is a whole number of
unlimited magnitude."
The LDAP connector generates a schema for this attribute and gives it a
type of "xsd:int". This appears to correspond to the Java type "int",
which is a 32-bit signed integer (range from -2^31 to 2^31-1).
I have stored our user unique identifer in the $user/name attribute of the
midpoint user. When I attempt to add an account in this resource for my
user, the osuUID attribute is set to 704102772. I assume this is some
rollover value when converting to int.
This seems like a bug in the LDAP connector mapping from attribute syntax
to Java data type. The value needs to be unbounded. Is "xsd:integer"
possible?
Thanks,
Andy Morgan
Systems Administrator, Identity & Access Management
Information Services | Oregon State University
541-737-8877 | is.oregonstate.edu
More information about the midPoint
mailing list