Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/org/apache/jetspeed/security/spi/ldap/TestLdapSecurityMappingHandler.java
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/org/apache/jetspeed/security/spi/ldap/TestLdapSecurityMappingHandler.java	(revision 466416)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/org/apache/jetspeed/security/spi/ldap/TestLdapSecurityMappingHandler.java	(working copy)
@@ -98,8 +98,6 @@
         String fullPathName = new GroupPrincipalImpl(gpUid1).getName();
         logger.debug("Group full path name from testGetUserPrincipalsInGroup()[" + fullPathName + "]");
         Set userPrincipals = secHandler.getUserPrincipalsInGroup(fullPathName);
-        //assertTrue(userPrincipals.contains(new UserPrincipalImpl("uid=" + uid1 + ",ou=People,ou=OrgUnit1")));
-        //assertTrue(userPrincipals.contains(new UserPrincipalImpl("uid=" + uid2 + ",ou=People,ou=OrgUnit1")));
         assertTrue(userPrincipals.contains(new UserPrincipalImpl(uid1)));
         assertTrue(userPrincipals.contains(new UserPrincipalImpl(uid2)));
         
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/org/apache/jetspeed/security/spi/ldap/AbstractLdapTest.java
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/org/apache/jetspeed/security/spi/ldap/AbstractLdapTest.java	(revision 466416)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/org/apache/jetspeed/security/spi/ldap/AbstractLdapTest.java	(working copy)
@@ -101,6 +101,8 @@
 
     /** The test password. */
     protected String password = "fred";
+    
+    private static final String LDAP_CONFIG = "apacheds/setup1";
 
     /**
      * @see junit.framework.TestCase#setUp()
@@ -108,7 +110,7 @@
     protected void setUp() throws Exception
     {
         super.setUp();
-        LdapBindingConfig ldapConfig = new LdapBindingConfig("apacheds");
+        LdapBindingConfig ldapConfig = new LdapBindingConfig(LDAP_CONFIG);
         ldapCredDao = new LdapUserCredentialDaoImpl(ldapConfig);
         ldapPrincipalDao = new LdapUserPrincipalDaoImpl(ldapConfig);
 
@@ -116,8 +118,6 @@
         crHandler = new LdapCredentialHandler(ldapCredDao);
         LdapDataHelper.setUserSecurityHandler(userHandler);
         LdapDataHelper.setCredentialHandler(crHandler);
-//        uid1 = Integer.toString(rand.nextInt());
-//        uid2 = Integer.toString(rand.nextInt());
         
         ldapGroupDao = new LdapGroupDaoImpl(ldapConfig);
         ldapRoleDao = new LdapRoleDaoImpl(ldapConfig);
@@ -126,11 +126,6 @@
         roleHandler = new LdapRoleSecurityHandler(ldapRoleDao);
         LdapDataHelper.setGroupSecurityHandler(grHandler);
         LdapDataHelper.setRoleSecurityHandler(roleHandler);
-//        gpUid1 = Integer.toString(rand.nextInt());
-//        gpUid2 = Integer.toString(rand.nextInt());
-//        
-//        roleUid1 = Integer.toString(rand.nextInt());
-//        roleUid2 = Integer.toString(rand.nextInt());        
         
         secHandler = new LdapSecurityMappingHandler(ldapPrincipalDao, ldapGroupDao, ldapRoleDao);
     }
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/org/apache/jetspeed/security/spi/ldap/TestLdapRoleSecurityHandler.java
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/org/apache/jetspeed/security/spi/ldap/TestLdapRoleSecurityHandler.java	(revision 466416)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/org/apache/jetspeed/security/spi/ldap/TestLdapRoleSecurityHandler.java	(working copy)
@@ -51,7 +51,6 @@
     public void testGetRolePrincipal() throws Exception
     {
         String fullPath = (new RolePrincipalImpl(roleUid1)).getFullPath();
-        //RolePrincipal rolePrincipal = grHandler.getRolePrincipal(fullPath);
         RolePrincipal rolePrincipal = roleHandler.getRolePrincipal(roleUid1);
         assertNotNull("Role was not found.", rolePrincipal);
         assertEquals(roleUid1,rolePrincipal.getName());
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup1/company-openldap.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup1/company-openldap.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup1/company-openldap.ldif	(revision 0)
@@ -0,0 +1,213 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfUniqueNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+# Execute this file using the ldapadd command.
+#
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: cn=admin,ou=People,ou=OrgUnit1
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: cn=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1
+
+dn: cn=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2
+
+dn: cn=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1
+
+dn: cn=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2
+
+
+dn: cn=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1
+
+dn: cn=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2
+
+dn: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup1/company1.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup1/company1.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup1/company1.ldif	(revision 0)
@@ -0,0 +1,210 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfUniqueNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: uid=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1 OrgUnit1User1
+
+dn: uid=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2 OrgUnit1User2
+
+dn: uid=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1 OrgUnit2User1
+
+dn: uid=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2 OrgUnit2User2
+
+
+dn: uid=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1 OrgUnit3User1
+
+dn: uid=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2 OrgUnit3User2
+
+dn: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup1/ldap.properties
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup1/ldap.properties	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup1/ldap.properties	(revision 0)
@@ -0,0 +1,69 @@
+# Ldap Configuration.
+# Ldap Configuration.
+
+org.apache.jetspeed.ldap.initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
+org.apache.jetspeed.ldap.ldapServerName=localhost
+org.apache.jetspeed.ldap.ldapServerPort=389
+org.apache.jetspeed.ldap.rootDn=cn\=Manager\,o\=sevenSeas
+org.apache.jetspeed.ldap.rootPassword=secret
+org.apache.jetspeed.ldap.rootContext=o\=sevenSeas
+#org.apache.jetspeed.ldap.defaultDnSuffix=
+#org.apache.jetspeed.ldap.ou.users=people
+#org.apache.jetspeed.ldap.ou.groups=groups
+#org.apache.jetspeed.ldap.ou.roles=roles
+
+# define the filters needed to search for roles/groups/users
+org.apache.jetspeed.ldap.RoleFilter=(objectclass=groupOfUniqueNames)
+org.apache.jetspeed.ldap.GroupFilter=(objectclass=groupOfUniqueNames)
+org.apache.jetspeed.ldap.UserFilter=(objectclass=inetorgperson)(objectclass=organizationalPerson)
+
+org.apache.jetspeed.ldap.UserAuthenticationFiler=(&(uid=%u)(objectclass=inetorgperson))
+
+# define the way role membership occurs
+# if RoleMembershipAttributes is used, membership attr will be stored on role
+# if UserRoleMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.RoleMembershipAttributes=uniqueMember
+org.apache.jetspeed.ldap.UserRoleMembershipAttributes=
+
+# define the way group membership occurs
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipAttributes=uniqueMember
+org.apache.jetspeed.ldap.UserGroupMembershipAttributes=
+
+# define the way group membership occurs 
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes=uniqueMember
+org.apache.jetspeed.ldap.RoleGroupMembershipForRoleAttributes=
+
+
+
+# define the default search base. (=rootContext)
+org.apache.jetspeed.ldap.DefaultSearchBase=
+
+# define the path to roles,groups and users
+# needs to be defined without the defaultsearchbase
+org.apache.jetspeed.ldap.RoleFilterBase=
+org.apache.jetspeed.ldap.GroupFilterBase=
+org.apache.jetspeed.ldap.UserFilterBase=
+
+org.apache.jetspeed.ldap.RoleObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.GroupObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.UserObjectClasses=top\,person\,organizationalPerson\,inetorgperson
+
+org.apache.jetspeed.ldap.roleObjectRequiredAttributeClasses=uniqueMember
+org.apache.jetspeed.ldap.groupObjectRequiredAttributeClasses=uniqueMember
+
+
+# define the ID attribute used to search roles/groups/users
+org.apache.jetspeed.ldap.RoleIdAttribute=cn
+org.apache.jetspeed.ldap.GroupIdAttribute=cn
+org.apache.jetspeed.ldap.UserIdAttribute=uid
+
+org.apache.jetspeed.ldap.UidAttribute=uid
+org.apache.jetspeed.ldap.MemberShipSearchScope=1
+
+org.apache.jetspeed.ldap.roleUidAttribute=cn
+org.apache.jetspeed.ldap.groupUidAttribute=cn
+org.apache.jetspeed.ldap.userUidAttribute=uid	
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup1/security-spi-ldap.xml
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup1/security-spi-ldap.xml	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup1/security-spi-ldap.xml	(revision 0)
@@ -0,0 +1,94 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Ldap Configuration ************** -->
+  <bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig"
+      class="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig">
+      <!-- The LDAP initial context factory. -->
+      <constructor-arg index="0"><value>com.sun.jndi.ldap.LdapCtxFactory</value></constructor-arg>
+      <!-- The LDAP server name. -->
+      <constructor-arg index="1"><value>localhost</value></constructor-arg>
+      <!-- The LDAP server port. -->
+      <constructor-arg index="2"><value>389</value></constructor-arg>
+      <!-- The LDAP server default dn suffix. -->
+      <constructor-arg index="3"><value></value></constructor-arg>
+      <!-- The LDAP server root context. -->
+      <constructor-arg index="4"><value>o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root dn. -->
+      <constructor-arg index="5"><value>cn=Manager,o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root password. -->
+      <constructor-arg index="6"><value>secret</value></constructor-arg>
+      <!-- The roles filter. -->
+      <constructor-arg index="7"><value>(objectclass=groupOfUniqueNames))</value></constructor-arg>
+      <!-- The groups filter. -->
+      <constructor-arg index="8"><value>(objectClass=groupOfUniqueNames)</value></constructor-arg>
+      <!-- The user filter. -->
+      <constructor-arg index="9"><value>(objectclass=inetorgperson)</value></constructor-arg>
+      <!-- The userAuthenticationFiler. -->
+      <constructor-arg index="10"><value>(&amp;(uid=%u)(objectclass=inetorgperson))</value></constructor-arg>
+      <!-- The roleMembershipAttributes. -->
+      <constructor-arg index="11"><value>uniqueMember</value></constructor-arg>
+      <!-- The userRoleMembershipAttributes. -->
+      <constructor-arg index="12"><value></value></constructor-arg>
+      <!-- The groupMembershipAttributes. -->
+      <constructor-arg index="13"><value>uniqueMember</value></constructor-arg>
+      <!-- The userGroupMembershipAttributes. -->
+      <constructor-arg index="14"><value></value></constructor-arg>
+      <!-- The groupMembershipForRoleAttributes. -->
+      <constructor-arg index="15"><value>uniqueMember</value></constructor-arg>
+      <!-- The roleGroupMembershipForRoleAttributes. -->
+      <constructor-arg index="16"><value></value></constructor-arg>      
+      <!-- The defaultSearchBase. -->
+      <constructor-arg index="17"><value></value></constructor-arg>
+      <!-- The roleFilterBase. -->
+      <constructor-arg index="18"><value></value></constructor-arg>
+      <!-- The groupFilterBase. -->
+      <constructor-arg index="19"><value></value></constructor-arg>
+      <!-- The userFilterBase. -->
+      <constructor-arg index="20"><value></value></constructor-arg>
+      <!-- The roleObjectClasses. -->
+      <constructor-arg index="21"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The groupObjectClasses. -->
+      <constructor-arg index="22"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The userObjectClasses. -->
+      <constructor-arg index="23"><value>top,person,organizationalPerson,inetorgperson</value></constructor-arg>
+      <!-- The roleIdAttribute. -->
+      <constructor-arg index="24"><value>cn</value></constructor-arg>
+      <!-- The groupIdAttribute. -->
+      <constructor-arg index="25"><value>cn</value></constructor-arg>
+	  	<!-- The userIdAttribute. -->
+      <constructor-arg index="26"><value>uid</value></constructor-arg>
+      <!-- The UidAttribute. -->
+      <constructor-arg index="27"><value>uid</value></constructor-arg>
+      <!-- The MemberShipSearchScope. -->
+      <constructor-arg index="28"><value>1</value></constructor-arg>
+      <!-- The roleUidAttribute. -->
+      <constructor-arg index="29"><value>cn</value></constructor-arg>
+      <!-- The groupUidAttribute. -->
+      <constructor-arg index="30"><value>cn</value></constructor-arg>
+	  <!-- The userUidAttribute. -->
+      <constructor-arg index="31"><value>uid</value></constructor-arg>
+	  <!-- The roleObjectRequiredAttributeClasses. -->
+      <constructor-arg index="32"><value>uniqueMember</value></constructor-arg>
+	  <!-- The groupObjectRequiredAttributeClasses. -->
+      <constructor-arg index="33"><value>uniqueMember</value></constructor-arg>
+      
+  </bean>
+
+</beans>
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/company-openldap.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/company-openldap.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/company-openldap.ldif	(revision 0)
@@ -0,0 +1,216 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfNames
+#
+# Everything is stored in a flat structure (root level)
+# Makes it difficult to differentiate roles/groups
+# Except if different objectClasses are used.
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+# Role membership for the user
+# stored on the user object via the memberOf attribute
+# 
+# Group membership for the user
+# stored on the user object via the memberOf attribute
+# 
+# Execute this file using the ldapadd command.
+#
+#
+
+dn: ou=People,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: People
+
+
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group1
+
+dn: cn=Group2,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: admin
+
+dn: cn=manager,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: manager
+
+dn: cn=Role1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:cn=Group1,o=sevenSeas
+member:cn=Group2,o=sevenSeas
+member:cn=Group3,o=sevenSeas
+cn: Role1
+
+
+dn: cn=Role2,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role2
+
+
+dn: cn=Role3,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role3
+
+dn: cn=OrgUnit1User1,ou=People,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+memberOf: cn=Role1,o=sevenSeas
+sn: OrgUnit1User1
+cn: OrgUnit1User1
+
+dn: cn=OrgUnit1User2,ou=People,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+memberOf: cn=Role1,o=sevenSeas
+memberOf: cn=Role2,o=sevenSeas
+sn: OrgUnit1User2
+cn: OrgUnit1User2
+
+dn: cn=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+memberOf: cn=Role1,o=sevenSeas
+memberOf: cn=Role2,o=sevenSeas
+memberOf: cn=Role3,o=sevenSeas
+sn: OrgUnit2User1
+cn: OrgUnit2User1
+
+dn: cn=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2
+
+
+dn: cn=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1
+
+dn: cn=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2
+
+dn: cn=admin,ou=People,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+memberOf: cn=admin,o=sevenSeas
+memberOf: cn=Role1,o=sevenSeas
+memberOf: cn=Role2,o=sevenSeas
+memberOf: cn=Role3,o=sevenSeas
+memberOf: cn=Group1,o=sevenSeas
+memberOf: cn=Group2,o=sevenSeas
+memberOf: cn=Group3,o=sevenSeas
+sn: admin
+cn: admin
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/Copy of company-openldap.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/Copy of company-openldap.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/Copy of company-openldap.ldif	(revision 0)
@@ -0,0 +1,233 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfUniqueNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+# Role membership for the user
+# stored on the user object via the memberOf attribute
+# 
+# Group membership for the user
+# stored on the user object via the memberOf attribute
+# 
+# Execute this file using the ldapadd command.
+#
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+member:cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+member:cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: 
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: cn=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+memberOf: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+sn: OrgUnit1User1
+cn: OrgUnit1User1
+
+dn: cn=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+memberOf: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+sn: OrgUnit1User2
+cn: OrgUnit1User2
+
+dn: cn=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+memberOf: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+sn: OrgUnit2User1
+cn: OrgUnit2User1
+
+dn: cn=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2
+
+
+dn: cn=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1
+
+dn: cn=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2
+
+dn: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+memberOf: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+sn: admin
+cn: admin
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/company1.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/company1.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/company1.ldif	(revision 0)
@@ -0,0 +1,210 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfUniqueNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: uid=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1 OrgUnit1User1
+
+dn: uid=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2 OrgUnit1User2
+
+dn: uid=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1 OrgUnit2User1
+
+dn: uid=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2 OrgUnit2User2
+
+
+dn: uid=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1 OrgUnit3User1
+
+dn: uid=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2 OrgUnit3User2
+
+dn: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/ldap.properties
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/ldap.properties	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/ldap.properties	(revision 0)
@@ -0,0 +1,69 @@
+# Ldap Configuration.
+# Ldap Configuration.
+
+org.apache.jetspeed.ldap.initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
+org.apache.jetspeed.ldap.ldapServerName=localhost
+org.apache.jetspeed.ldap.ldapServerPort=389
+org.apache.jetspeed.ldap.rootDn=cn\=Manager\,o\=sevenSeas
+org.apache.jetspeed.ldap.rootPassword=secret
+org.apache.jetspeed.ldap.rootContext=o\=sevenSeas
+#org.apache.jetspeed.ldap.defaultDnSuffix=
+#org.apache.jetspeed.ldap.ou.users=people
+#org.apache.jetspeed.ldap.ou.groups=groups
+#org.apache.jetspeed.ldap.ou.roles=roles
+
+# define the filters needed to search for roles/groups/users
+org.apache.jetspeed.ldap.RoleFilter=(objectclass=groupOfUniqueNames)
+org.apache.jetspeed.ldap.GroupFilter=(objectclass=groupOfUniqueNames)
+org.apache.jetspeed.ldap.UserFilter=(objectclass=inetorgperson)(objectclass=organizationalPerson)
+
+org.apache.jetspeed.ldap.UserAuthenticationFiler=(&(uid=%u)(objectclass=inetorgperson))
+
+# define the way role membership occurs
+# if RoleMembershipAttributes is used, membership attr will be stored on role
+# if UserRoleMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.RoleMembershipAttributes=
+org.apache.jetspeed.ldap.UserRoleMembershipAttributes=memberOf
+
+# define the way group membership occurs
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipAttributes=
+org.apache.jetspeed.ldap.UserGroupMembershipAttributes=memberOf
+
+# define the way group membership occurs 
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes=
+org.apache.jetspeed.ldap.RoleGroupMembershipForRoleAttributes=uniqueMember
+
+
+
+# define the default search base. (=rootContext)
+org.apache.jetspeed.ldap.DefaultSearchBase=
+
+# define the path to roles,groups and users
+# needs to be defined without the defaultsearchbase
+org.apache.jetspeed.ldap.RoleFilterBase=
+org.apache.jetspeed.ldap.GroupFilterBase=
+org.apache.jetspeed.ldap.UserFilterBase=ou=People
+
+org.apache.jetspeed.ldap.RoleObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.GroupObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.UserObjectClasses=top\,person\,organizationalPerson\,inetorgperson
+
+org.apache.jetspeed.ldap.roleObjectRequiredAttributeClasses=uniqueMember
+org.apache.jetspeed.ldap.groupObjectRequiredAttributeClasses=uniqueMember
+
+
+# define the ID attribute used to search roles/groups/users
+org.apache.jetspeed.ldap.RoleIdAttribute=cn
+org.apache.jetspeed.ldap.GroupIdAttribute=cn
+org.apache.jetspeed.ldap.UserIdAttribute=cn
+
+org.apache.jetspeed.ldap.UidAttribute=uid
+org.apache.jetspeed.ldap.MemberShipSearchScope=1
+
+org.apache.jetspeed.ldap.roleUidAttribute=cn
+org.apache.jetspeed.ldap.groupUidAttribute=cn
+org.apache.jetspeed.ldap.userUidAttribute=uid	
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/security-spi-ldap.xml
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/security-spi-ldap.xml	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup2/security-spi-ldap.xml	(revision 0)
@@ -0,0 +1,94 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Ldap Configuration ************** -->
+  <bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig"
+      class="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig">
+      <!-- The LDAP initial context factory. -->
+      <constructor-arg index="0"><value>com.sun.jndi.ldap.LdapCtxFactory</value></constructor-arg>
+      <!-- The LDAP server name. -->
+      <constructor-arg index="1"><value>localhost</value></constructor-arg>
+      <!-- The LDAP server port. -->
+      <constructor-arg index="2"><value>389</value></constructor-arg>
+      <!-- The LDAP server default dn suffix. -->
+      <constructor-arg index="3"><value></value></constructor-arg>
+      <!-- The LDAP server root context. -->
+      <constructor-arg index="4"><value>o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root dn. -->
+      <constructor-arg index="5"><value>cn=Manager,o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root password. -->
+      <constructor-arg index="6"><value>secret</value></constructor-arg>
+      <!-- The roles filter. -->
+      <constructor-arg index="7"><value>(objectclass=groupOfUniqueNames))</value></constructor-arg>
+      <!-- The groups filter. -->
+      <constructor-arg index="8"><value>(objectClass=groupOfUniqueNames)</value></constructor-arg>
+      <!-- The user filter. -->
+      <constructor-arg index="9"><value>(objectclass=inetorgperson)</value></constructor-arg>
+      <!-- The userAuthenticationFiler. -->
+      <constructor-arg index="10"><value>(&amp;(uid=%u)(objectclass=inetorgperson))</value></constructor-arg>
+      <!-- The roleMembershipAttributes. -->
+      <constructor-arg index="11"><value></value></constructor-arg>
+      <!-- The userRoleMembershipAttributes. -->
+      <constructor-arg index="12"><value>memberOf</value></constructor-arg>
+      <!-- The groupMembershipAttributes. -->
+      <constructor-arg index="13"><value></value></constructor-arg>
+      <!-- The userGroupMembershipAttributes. -->
+      <constructor-arg index="14"><value>memberOf</value></constructor-arg>
+      <!-- The groupMembershipForRoleAttributes. -->
+      <constructor-arg index="15"><value></value></constructor-arg>
+      <!-- The roleGroupMembershipForRoleAttributes. -->
+      <constructor-arg index="16"><value>uniqueMember</value></constructor-arg>      
+      <!-- The defaultSearchBase. -->
+      <constructor-arg index="17"><value></value></constructor-arg>
+      <!-- The roleFilterBase. -->
+      <constructor-arg index="18"><value></value></constructor-arg>
+      <!-- The groupFilterBase. -->
+      <constructor-arg index="19"><value></value></constructor-arg>
+      <!-- The userFilterBase (don't specify the root dn here). -->
+      <constructor-arg index="20"><value>ou=People</value></constructor-arg>
+      <!-- The roleObjectClasses. -->
+      <constructor-arg index="21"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The groupObjectClasses. -->
+      <constructor-arg index="22"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The userObjectClasses. -->
+      <constructor-arg index="23"><value>top,person,organizationalPerson,inetorgperson</value></constructor-arg>
+      <!-- The roleIdAttribute. -->
+      <constructor-arg index="24"><value>cn</value></constructor-arg>
+      <!-- The groupIdAttribute. -->
+      <constructor-arg index="25"><value>cn</value></constructor-arg>
+	  	<!-- The userIdAttribute. -->
+      <constructor-arg index="26"><value>cn</value></constructor-arg>
+      <!-- The UidAttribute. -->
+      <constructor-arg index="27"><value>uid</value></constructor-arg>
+      <!-- The MemberShipSearchScope. -->
+      <constructor-arg index="28"><value>1</value></constructor-arg>
+      <!-- The roleUidAttribute. -->
+      <constructor-arg index="29"><value>cn</value></constructor-arg>
+      <!-- The groupUidAttribute. -->
+      <constructor-arg index="30"><value>cn</value></constructor-arg>
+	  <!-- The userUidAttribute. -->
+      <constructor-arg index="31"><value>uid</value></constructor-arg>
+	  <!-- The roleObjectRequiredAttributeClasses. -->
+      <constructor-arg index="32"><value>uniqueMember</value></constructor-arg>
+	  <!-- The groupObjectRequiredAttributeClasses. -->
+      <constructor-arg index="33"><value>uniqueMember</value></constructor-arg>
+      
+  </bean>
+
+</beans>
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup3/company-openldap.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup3/company-openldap.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup3/company-openldap.ldif	(revision 0)
@@ -0,0 +1,213 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+# Execute this file using the ldapadd command.
+#
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: cn=admin,ou=People,ou=OrgUnit1
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: cn=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1
+
+dn: cn=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2
+
+dn: cn=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1
+
+dn: cn=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2
+
+
+dn: cn=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1
+
+dn: cn=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2
+
+dn: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup3/company1.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup3/company1.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup3/company1.ldif	(revision 0)
@@ -0,0 +1,210 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfUniqueNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: uid=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1 OrgUnit1User1
+
+dn: uid=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2 OrgUnit1User2
+
+dn: uid=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1 OrgUnit2User1
+
+dn: uid=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2 OrgUnit2User2
+
+
+dn: uid=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1 OrgUnit3User1
+
+dn: uid=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2 OrgUnit3User2
+
+dn: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup3/ldap.properties
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup3/ldap.properties	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup3/ldap.properties	(revision 0)
@@ -0,0 +1,69 @@
+# Ldap Configuration.
+# Ldap Configuration.
+
+org.apache.jetspeed.ldap.initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
+org.apache.jetspeed.ldap.ldapServerName=localhost
+org.apache.jetspeed.ldap.ldapServerPort=389
+org.apache.jetspeed.ldap.rootDn=cn\=Manager\,o\=sevenSeas
+org.apache.jetspeed.ldap.rootPassword=secret
+org.apache.jetspeed.ldap.rootContext=o\=sevenSeas
+#org.apache.jetspeed.ldap.defaultDnSuffix=
+#org.apache.jetspeed.ldap.ou.users=people
+#org.apache.jetspeed.ldap.ou.groups=groups
+#org.apache.jetspeed.ldap.ou.roles=roles
+
+# define the filters needed to search for roles/groups/users
+org.apache.jetspeed.ldap.RoleFilter=(objectclass=groupOfNames)
+org.apache.jetspeed.ldap.GroupFilter=(objectclass=groupOfUniqueNames)
+org.apache.jetspeed.ldap.UserFilter=(objectclass=inetorgperson)(objectclass=organizationalPerson)
+
+org.apache.jetspeed.ldap.UserAuthenticationFiler=(&(uid=%u)(objectclass=inetorgperson))
+
+# define the way role membership occurs
+# if RoleMembershipAttributes is used, membership attr will be stored on role
+# if UserRoleMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.RoleMembershipAttributes=
+org.apache.jetspeed.ldap.UserRoleMembershipAttributes=memberOf
+
+# define the way group membership occurs
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipAttributes=
+org.apache.jetspeed.ldap.UserGroupMembershipAttributes=memberOf
+
+# define the way group membership occurs 
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes=
+org.apache.jetspeed.ldap.RoleGroupMembershipForRoleAttributes=member
+
+
+
+# define the default search base. (=rootContext)
+org.apache.jetspeed.ldap.DefaultSearchBase=
+
+# define the path to roles,groups and users
+# needs to be defined without the defaultsearchbase
+org.apache.jetspeed.ldap.RoleFilterBase=ou=Roles\,ou=OrgUnit1
+org.apache.jetspeed.ldap.GroupFilterBase=ou=Groups\,ou=OrgUnit1
+org.apache.jetspeed.ldap.UserFilterBase=ou=People\,ou=OrgUnit1
+
+org.apache.jetspeed.ldap.RoleObjectClasses=top\,groupOfNames
+org.apache.jetspeed.ldap.GroupObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.UserObjectClasses=top\,person\,organizationalPerson\,inetorgperson
+
+org.apache.jetspeed.ldap.roleObjectRequiredAttributeClasses=member
+org.apache.jetspeed.ldap.groupObjectRequiredAttributeClasses=uniqueMember
+
+
+# define the ID attribute used to search roles/groups/users
+org.apache.jetspeed.ldap.RoleIdAttribute=cn
+org.apache.jetspeed.ldap.GroupIdAttribute=cn
+org.apache.jetspeed.ldap.UserIdAttribute=cn
+
+org.apache.jetspeed.ldap.UidAttribute=uid
+org.apache.jetspeed.ldap.MemberShipSearchScope=1
+
+org.apache.jetspeed.ldap.roleUidAttribute=cn
+org.apache.jetspeed.ldap.groupUidAttribute=cn
+org.apache.jetspeed.ldap.userUidAttribute=uid	
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup3/security-spi-ldap.xml
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup3/security-spi-ldap.xml	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup3/security-spi-ldap.xml	(revision 0)
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Ldap Configuration ************** -->
+  <bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig"
+      class="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig">
+      <!-- The LDAP initial context factory. -->
+      <constructor-arg index="0"><value>com.sun.jndi.ldap.LdapCtxFactory</value></constructor-arg>
+      <!-- The LDAP server name. -->
+      <constructor-arg index="1"><value>localhost</value></constructor-arg>
+      <!-- The LDAP server port. -->
+      <constructor-arg index="2"><value>389</value></constructor-arg>
+      <!-- The LDAP server default dn suffix. -->
+      <constructor-arg index="3"><value></value></constructor-arg>
+      <!-- The LDAP server root context. -->
+      <constructor-arg index="4"><value>o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root dn. -->
+      <constructor-arg index="5"><value>cn=Manager,o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root password. -->
+      <constructor-arg index="6"><value>secret</value></constructor-arg>
+      <!-- The roles filter. -->
+      <constructor-arg index="7"><value>(objectclass=groupOfNames))</value></constructor-arg>
+      <!-- The groups filter. -->
+      <constructor-arg index="8"><value>(objectClass=groupOfUniqueNames)</value></constructor-arg>
+      <!-- The user filter. -->
+      <constructor-arg index="9"><value>(objectclass=inetorgperson)</value></constructor-arg>
+      <!-- The userAuthenticationFiler. -->
+      <constructor-arg index="10"><value>(&amp;(uid=%u)(objectclass=inetorgperson))</value></constructor-arg>
+      <!-- The roleMembershipAttributes. -->
+      <constructor-arg index="11"><value></value></constructor-arg>
+      <!-- The userRoleMembershipAttributes. -->
+      <constructor-arg index="12"><value>memberOf</value></constructor-arg>
+      <!-- The groupMembershipAttributes. -->
+      <constructor-arg index="13"><value></value></constructor-arg>
+      <!-- The userGroupMembershipAttributes. -->
+      <constructor-arg index="14"><value>memberOf</value></constructor-arg>
+      <!-- The groupMembershipForRoleAttributes. -->
+      <constructor-arg index="15"><value></value></constructor-arg>
+      <!-- The roleGroupMembershipForRoleAttributes. -->
+      <constructor-arg index="16"><value>member</value></constructor-arg>      
+      <!-- The defaultSearchBase. -->
+      <constructor-arg index="17"><value></value></constructor-arg>
+      <!-- The roleFilterBase. -->
+      <constructor-arg index="18"><value>ou=roles,ou=orgunit1</value></constructor-arg>
+      <!-- The groupFilterBase. -->
+      <constructor-arg index="19"><value>ou=groups,ou=orgunit1</value></constructor-arg>
+      <!-- The userFilterBase. -->
+      <constructor-arg index="20"><value>ou=people,ou=orgunit1</value></constructor-arg>
+      <!-- The roleObjectClasses. -->
+      <constructor-arg index="21"><value>top,groupOfNames</value></constructor-arg>
+      <!-- The groupObjectClasses. -->
+      <constructor-arg index="22"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The userObjectClasses. -->
+      <constructor-arg index="23"><value>top,person,organizationalPerson,inetorgperson</value></constructor-arg>
+      <!-- The roleIdAttribute. -->
+      <constructor-arg index="24"><value>cn</value></constructor-arg>
+      <!-- The groupIdAttribute. -->
+      <constructor-arg index="25"><value>cn</value></constructor-arg>
+	  	<!-- The userIdAttribute. -->
+      <constructor-arg index="26"><value>cn</value></constructor-arg>
+      <!-- The UidAttribute. -->
+      <constructor-arg index="27"><value>uid</value></constructor-arg>
+      <!-- The MemberShipSearchScope. -->
+      <constructor-arg index="28"><value>1</value></constructor-arg>
+      <!-- The roleUidAttribute. -->
+      <constructor-arg index="29"><value>cn</value></constructor-arg>
+      <!-- The groupUidAttribute. -->
+      <constructor-arg index="30"><value>cn</value></constructor-arg>
+	  <!-- The userUidAttribute. -->
+      <constructor-arg index="31"><value>uid</value></constructor-arg>
+	  <!-- The roleObjectRequiredAttributeClasses. -->
+      <constructor-arg index="32"><value>member</value></constructor-arg>
+	  <!-- The groupObjectRequiredAttributeClasses. -->
+      <constructor-arg index="33"><value>uniqueMember</value></constructor-arg>
+  </bean>
+
+</beans>
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup4/company-openldap.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup4/company-openldap.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup4/company-openldap.ldif	(revision 0)
@@ -0,0 +1,213 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+# Execute this file using the ldapadd command.
+#
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: cn=admin,ou=People,ou=OrgUnit1
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: cn=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1
+
+dn: cn=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2
+
+dn: cn=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1
+
+dn: cn=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2
+
+
+dn: cn=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1
+
+dn: cn=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2
+
+dn: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup4/company1.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup4/company1.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup4/company1.ldif	(revision 0)
@@ -0,0 +1,210 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfUniqueNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: uid=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1 OrgUnit1User1
+
+dn: uid=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2 OrgUnit1User2
+
+dn: uid=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1 OrgUnit2User1
+
+dn: uid=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2 OrgUnit2User2
+
+
+dn: uid=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1 OrgUnit3User1
+
+dn: uid=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2 OrgUnit3User2
+
+dn: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup4/ldap.properties
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup4/ldap.properties	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup4/ldap.properties	(revision 0)
@@ -0,0 +1,69 @@
+# Ldap Configuration.
+# Ldap Configuration.
+
+org.apache.jetspeed.ldap.initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
+org.apache.jetspeed.ldap.ldapServerName=localhost
+org.apache.jetspeed.ldap.ldapServerPort=389
+org.apache.jetspeed.ldap.rootDn=cn\=Manager\,o\=sevenSeas
+org.apache.jetspeed.ldap.rootPassword=secret
+org.apache.jetspeed.ldap.rootContext=o\=sevenSeas
+#org.apache.jetspeed.ldap.defaultDnSuffix=
+#org.apache.jetspeed.ldap.ou.users=people
+#org.apache.jetspeed.ldap.ou.groups=groups
+#org.apache.jetspeed.ldap.ou.roles=roles
+
+# define the filters needed to search for roles/groups/users
+org.apache.jetspeed.ldap.RoleFilter=(objectclass=groupOfNames)
+org.apache.jetspeed.ldap.GroupFilter=(objectclass=groupOfUniqueNames)
+org.apache.jetspeed.ldap.UserFilter=(objectclass=inetorgperson)(objectclass=organizationalPerson)
+
+org.apache.jetspeed.ldap.UserAuthenticationFiler=(&(uid=%u)(objectclass=inetorgperson))
+
+# define the way role membership occurs
+# if RoleMembershipAttributes is used, membership attr will be stored on role
+# if UserRoleMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.RoleMembershipAttributes=member
+org.apache.jetspeed.ldap.UserRoleMembershipAttributes=
+
+# define the way group membership occurs
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipAttributes=
+org.apache.jetspeed.ldap.UserGroupMembershipAttributes=memberOf
+
+# define the way group membership occurs 
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes=
+org.apache.jetspeed.ldap.RoleGroupMembershipForRoleAttributes=member
+
+
+
+# define the default search base. (=rootContext)
+org.apache.jetspeed.ldap.DefaultSearchBase=
+
+# define the path to roles,groups and users
+# needs to be defined without the defaultsearchbase
+org.apache.jetspeed.ldap.RoleFilterBase=ou=Roles\,ou=OrgUnit1
+org.apache.jetspeed.ldap.GroupFilterBase=ou=Groups\,ou=OrgUnit1
+org.apache.jetspeed.ldap.UserFilterBase=ou=People\,ou=OrgUnit1
+
+org.apache.jetspeed.ldap.RoleObjectClasses=top\,groupOfNames
+org.apache.jetspeed.ldap.GroupObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.UserObjectClasses=top\,person\,organizationalPerson\,inetorgperson
+
+org.apache.jetspeed.ldap.roleObjectRequiredAttributeClasses=member
+org.apache.jetspeed.ldap.groupObjectRequiredAttributeClasses=uniqueMember
+
+
+# define the ID attribute used to search roles/groups/users
+org.apache.jetspeed.ldap.RoleIdAttribute=cn
+org.apache.jetspeed.ldap.GroupIdAttribute=cn
+org.apache.jetspeed.ldap.UserIdAttribute=cn
+
+org.apache.jetspeed.ldap.UidAttribute=uid
+org.apache.jetspeed.ldap.MemberShipSearchScope=1
+
+org.apache.jetspeed.ldap.roleUidAttribute=cn
+org.apache.jetspeed.ldap.groupUidAttribute=cn
+org.apache.jetspeed.ldap.userUidAttribute=uid	
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup4/security-spi-ldap.xml
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup4/security-spi-ldap.xml	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup4/security-spi-ldap.xml	(revision 0)
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Ldap Configuration ************** -->
+  <bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig"
+      class="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig">
+      <!-- The LDAP initial context factory. -->
+      <constructor-arg index="0"><value>com.sun.jndi.ldap.LdapCtxFactory</value></constructor-arg>
+      <!-- The LDAP server name. -->
+      <constructor-arg index="1"><value>localhost</value></constructor-arg>
+      <!-- The LDAP server port. -->
+      <constructor-arg index="2"><value>389</value></constructor-arg>
+      <!-- The LDAP server default dn suffix. -->
+      <constructor-arg index="3"><value></value></constructor-arg>
+      <!-- The LDAP server root context. -->
+      <constructor-arg index="4"><value>o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root dn. -->
+      <constructor-arg index="5"><value>cn=Manager,o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root password. -->
+      <constructor-arg index="6"><value>secret</value></constructor-arg>
+      <!-- The roles filter. -->
+      <constructor-arg index="7"><value>(objectclass=groupOfNames))</value></constructor-arg>
+      <!-- The groups filter. -->
+      <constructor-arg index="8"><value>(objectClass=groupOfUniqueNames)</value></constructor-arg>
+      <!-- The user filter. -->
+      <constructor-arg index="9"><value>(objectclass=inetorgperson)</value></constructor-arg>
+      <!-- The userAuthenticationFiler. -->
+      <constructor-arg index="10"><value>(&amp;(uid=%u)(objectclass=inetorgperson))</value></constructor-arg>
+      <!-- The roleMembershipAttributes. -->
+      <constructor-arg index="11"><value></value></constructor-arg>
+      <!-- The userRoleMembershipAttributes. -->
+      <constructor-arg index="12"><value>memberOf</value></constructor-arg>
+      <!-- The groupMembershipAttributes. -->
+      <constructor-arg index="13"><value></value></constructor-arg>
+      <!-- The userGroupMembershipAttributes. -->
+      <constructor-arg index="14"><value>memberOf</value></constructor-arg>
+      <!-- The groupMembershipForRoleAttributes. -->
+      <constructor-arg index="15"><value></value></constructor-arg>
+      <!-- The roleGroupMembershipForRoleAttributes. -->
+      <constructor-arg index="16"><value>member</value></constructor-arg>      
+      <!-- The defaultSearchBase. -->
+      <constructor-arg index="17"><value></value></constructor-arg>
+      <!-- The roleFilterBase. -->
+      <constructor-arg index="18"><value>ou=roles,ou=orgunit1</value></constructor-arg>
+      <!-- The groupFilterBase. -->
+      <constructor-arg index="19"><value>ou=groups,ou=orgunit1</value></constructor-arg>
+      <!-- The userFilterBase. -->
+      <constructor-arg index="20"><value>ou=people,ou=orgunit1</value></constructor-arg>
+      <!-- The roleObjectClasses. -->
+      <constructor-arg index="21"><value>top,groupOfNames</value></constructor-arg>
+      <!-- The groupObjectClasses. -->
+      <constructor-arg index="22"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The userObjectClasses. -->
+      <constructor-arg index="23"><value>top,person,organizationalPerson,inetorgperson</value></constructor-arg>
+      <!-- The roleIdAttribute. -->
+      <constructor-arg index="24"><value>cn</value></constructor-arg>
+      <!-- The groupIdAttribute. -->
+      <constructor-arg index="25"><value>cn</value></constructor-arg>
+	  	<!-- The userIdAttribute. -->
+      <constructor-arg index="26"><value>cn</value></constructor-arg>
+      <!-- The UidAttribute. -->
+      <constructor-arg index="27"><value>uid</value></constructor-arg>
+      <!-- The MemberShipSearchScope. -->
+      <constructor-arg index="28"><value>1</value></constructor-arg>
+      <!-- The roleUidAttribute. -->
+      <constructor-arg index="29"><value>cn</value></constructor-arg>
+      <!-- The groupUidAttribute. -->
+      <constructor-arg index="30"><value>cn</value></constructor-arg>
+	  <!-- The userUidAttribute. -->
+      <constructor-arg index="31"><value>uid</value></constructor-arg>
+	  <!-- The roleObjectRequiredAttributeClasses. -->
+      <constructor-arg index="32"><value>member</value></constructor-arg>
+	  <!-- The groupObjectRequiredAttributeClasses. -->
+      <constructor-arg index="33"><value>uniqueMember</value></constructor-arg>
+  </bean>
+
+</beans>
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup5/company-openldap.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup5/company-openldap.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup5/company-openldap.ldif	(revision 0)
@@ -0,0 +1,228 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+# Execute this file using the ldapadd command.
+#
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: cn=admin,ou=People,ou=OrgUnit1
+uniqueMember: cn=OrgUnit1User1,ou=people,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=OrgUnit1User2,ou=people,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=Role1,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=Role2,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=Role3,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=admin,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=manager,ou=roles,ou=orgunit1,o=sevenSeas
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+uniqueMember: cn=admin,ou=People,ou=OrgUnit1
+uniqueMember: cn=Role1,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=Role2,ou=roles,ou=orgunit1,o=sevenSeas
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+uniqueMember: cn=Role1,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=Role2,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=Role3,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=admin,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=manager,ou=roles,ou=orgunit1,o=sevenSeas
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: cn=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1
+
+dn: cn=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2
+
+dn: cn=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1
+
+dn: cn=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2
+
+
+dn: cn=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1
+
+dn: cn=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2
+
+dn: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup5/company1.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup5/company1.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup5/company1.ldif	(revision 0)
@@ -0,0 +1,210 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfUniqueNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: uid=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1 OrgUnit1User1
+
+dn: uid=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2 OrgUnit1User2
+
+dn: uid=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1 OrgUnit2User1
+
+dn: uid=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2 OrgUnit2User2
+
+
+dn: uid=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1 OrgUnit3User1
+
+dn: uid=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2 OrgUnit3User2
+
+dn: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup5/ldap.properties
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup5/ldap.properties	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup5/ldap.properties	(revision 0)
@@ -0,0 +1,69 @@
+# Ldap Configuration.
+# Ldap Configuration.
+
+org.apache.jetspeed.ldap.initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
+org.apache.jetspeed.ldap.ldapServerName=localhost
+org.apache.jetspeed.ldap.ldapServerPort=389
+org.apache.jetspeed.ldap.rootDn=cn\=Manager\,o\=sevenSeas
+org.apache.jetspeed.ldap.rootPassword=secret
+org.apache.jetspeed.ldap.rootContext=o\=sevenSeas
+#org.apache.jetspeed.ldap.defaultDnSuffix=
+#org.apache.jetspeed.ldap.ou.users=people
+#org.apache.jetspeed.ldap.ou.groups=groups
+#org.apache.jetspeed.ldap.ou.roles=roles
+
+# define the filters needed to search for roles/groups/users
+org.apache.jetspeed.ldap.RoleFilter=(objectclass=groupOfNames)
+org.apache.jetspeed.ldap.GroupFilter=(objectclass=groupOfUniqueNames)
+org.apache.jetspeed.ldap.UserFilter=(objectclass=inetorgperson)(objectclass=organizationalPerson)
+
+org.apache.jetspeed.ldap.UserAuthenticationFiler=(&(uid=%u)(objectclass=inetorgperson))
+
+# define the way role membership occurs
+# if RoleMembershipAttributes is used, membership attr will be stored on role
+# if UserRoleMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.RoleMembershipAttributes=member
+org.apache.jetspeed.ldap.UserRoleMembershipAttributes=
+
+# define the way group membership occurs
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipAttributes=uniqueMember
+org.apache.jetspeed.ldap.UserGroupMembershipAttributes=
+
+# define the way group membership occurs 
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes=uniqueMember
+org.apache.jetspeed.ldap.RoleGroupMembershipForRoleAttributes=
+
+
+
+# define the default search base. (=rootContext)
+org.apache.jetspeed.ldap.DefaultSearchBase=
+
+# define the path to roles,groups and users
+# needs to be defined without the defaultsearchbase
+org.apache.jetspeed.ldap.RoleFilterBase=ou=Roles\,ou=OrgUnit1
+org.apache.jetspeed.ldap.GroupFilterBase=ou=Groups\,ou=OrgUnit1
+org.apache.jetspeed.ldap.UserFilterBase=ou=People\,ou=OrgUnit1
+
+org.apache.jetspeed.ldap.RoleObjectClasses=top\,groupOfNames
+org.apache.jetspeed.ldap.GroupObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.UserObjectClasses=top\,person\,organizationalPerson\,inetorgperson
+
+org.apache.jetspeed.ldap.roleObjectRequiredAttributeClasses=member
+org.apache.jetspeed.ldap.groupObjectRequiredAttributeClasses=uniqueMember
+
+
+# define the ID attribute used to search roles/groups/users
+org.apache.jetspeed.ldap.RoleIdAttribute=cn
+org.apache.jetspeed.ldap.GroupIdAttribute=cn
+org.apache.jetspeed.ldap.UserIdAttribute=cn
+
+org.apache.jetspeed.ldap.UidAttribute=uid
+org.apache.jetspeed.ldap.MemberShipSearchScope=1
+
+org.apache.jetspeed.ldap.roleUidAttribute=cn
+org.apache.jetspeed.ldap.groupUidAttribute=cn
+org.apache.jetspeed.ldap.userUidAttribute=uid	
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup5/security-spi-ldap.xml
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup5/security-spi-ldap.xml	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/setup5/security-spi-ldap.xml	(revision 0)
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Ldap Configuration ************** -->
+  <bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig"
+      class="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig">
+      <!-- The LDAP initial context factory. -->
+      <constructor-arg index="0"><value>com.sun.jndi.ldap.LdapCtxFactory</value></constructor-arg>
+      <!-- The LDAP server name. -->
+      <constructor-arg index="1"><value>localhost</value></constructor-arg>
+      <!-- The LDAP server port. -->
+      <constructor-arg index="2"><value>389</value></constructor-arg>
+      <!-- The LDAP server default dn suffix. -->
+      <constructor-arg index="3"><value></value></constructor-arg>
+      <!-- The LDAP server root context. -->
+      <constructor-arg index="4"><value>o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root dn. -->
+      <constructor-arg index="5"><value>cn=Manager,o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root password. -->
+      <constructor-arg index="6"><value>secret</value></constructor-arg>
+      <!-- The roles filter. -->
+      <constructor-arg index="7"><value>(objectclass=groupOfNames))</value></constructor-arg>
+      <!-- The groups filter. -->
+      <constructor-arg index="8"><value>(objectClass=groupOfUniqueNames)</value></constructor-arg>
+      <!-- The user filter. -->
+      <constructor-arg index="9"><value>(objectclass=inetorgperson)</value></constructor-arg>
+      <!-- The userAuthenticationFiler. -->
+      <constructor-arg index="10"><value>(&amp;(uid=%u)(objectclass=inetorgperson))</value></constructor-arg>
+      <!-- The roleMembershipAttributes. -->
+      <constructor-arg index="11"><value>member</value></constructor-arg>
+      <!-- The userRoleMembershipAttributes. -->
+      <constructor-arg index="12"><value></value></constructor-arg>
+      <!-- The groupMembershipAttributes. -->
+      <constructor-arg index="13"><value>uniqueMember</value></constructor-arg>
+      <!-- The userGroupMembershipAttributes. -->
+      <constructor-arg index="14"><value></value></constructor-arg>
+      <!-- The groupMembershipForRoleAttributes. -->
+      <constructor-arg index="15"><value>uniqueMember</value></constructor-arg>
+      <!-- The roleGroupMembershipForRoleAttributes. -->
+      <constructor-arg index="16"><value></value></constructor-arg>      
+      <!-- The defaultSearchBase. -->
+      <constructor-arg index="17"><value></value></constructor-arg>
+      <!-- The roleFilterBase. -->
+      <constructor-arg index="18"><value>ou=roles,ou=orgunit1</value></constructor-arg>
+      <!-- The groupFilterBase. -->
+      <constructor-arg index="19"><value>ou=groups,ou=orgunit1</value></constructor-arg>
+      <!-- The userFilterBase. -->
+      <constructor-arg index="20"><value>ou=people,ou=orgunit1</value></constructor-arg>
+      <!-- The roleObjectClasses. -->
+      <constructor-arg index="21"><value>top,groupOfNames</value></constructor-arg>
+      <!-- The groupObjectClasses. -->
+      <constructor-arg index="22"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The userObjectClasses. -->
+      <constructor-arg index="23"><value>top,person,organizationalPerson,inetorgperson</value></constructor-arg>
+      <!-- The roleIdAttribute. -->
+      <constructor-arg index="24"><value>cn</value></constructor-arg>
+      <!-- The groupIdAttribute. -->
+      <constructor-arg index="25"><value>cn</value></constructor-arg>
+	  	<!-- The userIdAttribute. -->
+      <constructor-arg index="26"><value>cn</value></constructor-arg>
+      <!-- The UidAttribute. -->
+      <constructor-arg index="27"><value>uid</value></constructor-arg>
+      <!-- The MemberShipSearchScope. -->
+      <constructor-arg index="28"><value>1</value></constructor-arg>
+      <!-- The roleUidAttribute. -->
+      <constructor-arg index="29"><value>cn</value></constructor-arg>
+      <!-- The groupUidAttribute. -->
+      <constructor-arg index="30"><value>cn</value></constructor-arg>
+	  <!-- The userUidAttribute. -->
+      <constructor-arg index="31"><value>uid</value></constructor-arg>
+	  <!-- The roleObjectRequiredAttributeClasses. -->
+      <constructor-arg index="32"><value>member</value></constructor-arg>
+	  <!-- The groupObjectRequiredAttributeClasses. -->
+      <constructor-arg index="33"><value>uniqueMember</value></constructor-arg>
+  </bean>
+
+</beans>
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/ldap.properties
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/ldap.properties	(revision 466416)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/ldap.properties	(working copy)
@@ -34,7 +34,7 @@
 # if GroupMembershipAttributes is used, membership attr will be stored on group
 # if UserGroupMembershipAttributes is used, membership attr will be stored on user
 org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes=uniqueMember
-org.apache.jetspeed.ldap.RoleGroupMembershipAttributes=
+org.apache.jetspeed.ldap.RoleGroupMembershipForRoleAttributes=
 
 
 
@@ -56,4 +56,4 @@
 org.apache.jetspeed.ldap.GroupIdAttribute=cn
 org.apache.jetspeed.ldap.UserIdAttribute=uid
 
-
+org.apache.jetspeed.ldap.UidAttribute=uid
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/security-spi-ldap.xml
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/security-spi-ldap.xml	(revision 466416)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/openldap/security-spi-ldap.xml	(working copy)
@@ -74,6 +74,17 @@
       <constructor-arg index="25"><value>cn</value></constructor-arg>
 	  <!-- The userIdAttribute. -->
       <constructor-arg index="26"><value>uid</value></constructor-arg>
+      <!-- The UidAttribute. -->
+      <constructor-arg index="27"><value>uid</value></constructor-arg>
+      <!-- The MemberShipSearchScope. -->
+      <constructor-arg index="28"><value>1</value></constructor-arg>
+      <!-- The roleUidAttribute. -->
+      <constructor-arg index="29"><value>cn</value></constructor-arg>
+      <!-- The groupUidAttribute. -->
+      <constructor-arg index="30"><value>cn</value></constructor-arg>
+	  <!-- The userUidAttribute. -->
+      <constructor-arg index="31"><value>uid</value></constructor-arg>
+         
   </bean>
 
 </beans>
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup1/company.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup1/company.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup1/company.ldif	(revision 0)
@@ -0,0 +1,255 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfNames
+#
+# Roles have an empty memberOf attribute upon creation (required by schema)
+# Groups have an empty uniqueMember attribute upon creation (required by schema)
+#
+# Roles, Group and Users are stored under different organizational units.
+#
+dn: ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=ECS
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=ECS
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=ECS
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=ECS
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=ECS
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=ECS
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=ECS
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=ECS
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=ECS
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=ECS
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=ECS
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: cn=admin,ou=People,ou=OrgUnit1
+uniqueMember: CN=OrgUnit1User1,OU=people,OU=orgunit1,O=ECS
+uniqueMember: CN=OrgUnit1User2,OU=people,OU=orgunit1,O=ECS
+uniqueMember: CN=Role1,OU=roles,OU=orgunit1,O=ECS
+uniqueMember: CN=Role2,OU=roles,OU=orgunit1,O=ECS
+uniqueMember: CN=Role3,OU=roles,OU=orgunit1,O=ECS
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: CN=OrgUnit1User1,OU=people,OU=orgunit1,O=ECS
+uniqueMember: CN=Role1,OU=roles,OU=orgunit1,O=ECS
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: CN=OrgUnit1User1,OU=people,OU=orgunit1,O=ECS
+cn: Group3
+
+dn: cn=Group4,ou=Groups,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: CN=OrgUnit1User1,OU=people,OU=orgunit1,O=ECS
+cn: Group4
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfNames
+member:CN=OrgUnit1User1,OU=people,OU=orgunit1,O=ECS
+member:CN=OrgUnit1User2,OU=people,OU=orgunit1,O=ECS
+member:CN=admin,OU=people,OU=orgunit1,O=ECS
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfNames
+member:CN=OrgUnit1User1,OU=people,OU=orgunit1,O=ECS
+member:CN=OrgUnit1User2,OU=people,OU=orgunit1,O=ECS
+member:CN=admin,OU=people,OU=orgunit1,O=ECS
+cn: Role2
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfNames
+member:CN=admin,OU=people,OU=orgunit1,O=ECS
+cn: Role3
+
+dn: cn=Role4,ou=Roles,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role4
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=ECS
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=ECS
+cn: manager
+
+dn: cn=OrgUnit1User1,ou=People,ou=OrgUnit1,o=ECS
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1
+
+dn: cn=OrgUnit1User2,ou=People,ou=OrgUnit1,o=ECS
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2
+
+dn: cn=OrgUnit2User1,ou=People,ou=OrgUnit2,o=ECS
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1
+
+dn: cn=OrgUnit2User2,ou=People,ou=OrgUnit2,o=ECS
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2
+
+
+dn: cn=OrgUnit3User1,ou=People,ou=OrgUnit3,o=ECS
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1
+
+dn: cn=OrgUnit3User2,ou=People,ou=OrgUnit3,o=ECS
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2
+
+dn: cn=admin,ou=People,ou=OrgUnit1,o=ECS
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin admin
+
+dn: cn=user1,ou=People,ou=OrgUnit1,o=ECS
+uid: user1
+givenName: user1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: user1
+sn: user1
+cn: user1
+
+dn: cn=user2,ou=People,ou=OrgUnit1,o=ECS
+uid: user2
+givenName: user2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: user2
+sn: user2
+cn: user2
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup1/ldap.properties
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup1/ldap.properties	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup1/ldap.properties	(revision 0)
@@ -0,0 +1,63 @@
+# Sample LDAP Configuration for Lotus Domino
+
+# Connection parameters
+org.apache.jetspeed.ldap.initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
+org.apache.jetspeed.ldap.ldapServerName=localhost
+org.apache.jetspeed.ldap.ldapServerPort=389
+org.apache.jetspeed.ldap.rootDn=Davy De Waele
+org.apache.jetspeed.ldap.rootPassword=adminadmin2
+org.apache.jetspeed.ldap.rootContext=o=ECS
+
+# define the filters needed to search for roles/groups/users
+org.apache.jetspeed.ldap.RoleFilter=(objectclass=groupOfNames)
+org.apache.jetspeed.ldap.GroupFilter=(objectclass=groupOfUniqueNames)
+org.apache.jetspeed.ldap.UserFilter=(objectclass=inetorgperson)(objectclass=organizationalPerson)
+
+org.apache.jetspeed.ldap.UserAuthenticationFiler=(&(uid=%u)(objectclass=inetorgperson))
+
+# define the way role membership occurs
+# if RoleMembershipAttributes is used, membership attr will be stored on role
+# if UserRoleMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.RoleMembershipAttributes=member
+org.apache.jetspeed.ldap.UserRoleMembershipAttributes=
+
+# define the way group membership occurs
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipAttributes=uniqueMember
+org.apache.jetspeed.ldap.UserGroupMembershipAttributes=
+
+# define the way group membership occurs 
+# if GroupMembershipForRoleAttributes is used, membership attr will be stored on group
+# if RoleGroupMembershipForRoleAttributes is used, membership attr will be stored on role
+org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes=uniqueMember
+org.apache.jetspeed.ldap.RoleGroupMembershipForRoleAttributes=
+
+# define the default search base. (=rootContext)
+org.apache.jetspeed.ldap.DefaultSearchBase=
+
+# define the path to roles,groups and users
+# needs to be defined without the defaultsearchbase
+org.apache.jetspeed.ldap.RoleFilterBase=ou=roles\,ou=orgunit1
+org.apache.jetspeed.ldap.GroupFilterBase=ou=groups\,ou=orgunit1
+org.apache.jetspeed.ldap.UserFilterBase=ou=people\,ou=orgunit1
+
+org.apache.jetspeed.ldap.RoleObjectClasses=top\,groupOfNames
+org.apache.jetspeed.ldap.GroupObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.UserObjectClasses=top\,person\,organizationalPerson\,inetorgperson
+
+# define the attributes that are required upon role/group creation
+org.apache.jetspeed.ldap.roleObjectRequiredAttributeClasses=member
+org.apache.jetspeed.ldap.groupObjectRequiredAttributeClasses=uniqueMember
+
+# define the ID attribute used to search roles/groups/users
+org.apache.jetspeed.ldap.RoleIdAttribute=cn
+org.apache.jetspeed.ldap.GroupIdAttribute=cn
+org.apache.jetspeed.ldap.UserIdAttribute=cn
+
+org.apache.jetspeed.ldap.UidAttribute=uid
+org.apache.jetspeed.ldap.MemberShipSearchScope=1
+
+org.apache.jetspeed.ldap.roleUidAttribute=cn
+org.apache.jetspeed.ldap.groupUidAttribute=cn
+org.apache.jetspeed.ldap.userUidAttribute=uid	
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup1/security-spi-ldap.xml
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup1/security-spi-ldap.xml	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup1/security-spi-ldap.xml	(revision 0)
@@ -0,0 +1,94 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Ldap Configuration ************** -->
+  <bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig"
+      class="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig">
+      <!-- The LDAP initial context factory. -->
+      <constructor-arg index="0"><value>com.sun.jndi.ldap.LdapCtxFactory</value></constructor-arg>
+      <!-- The LDAP server name. -->
+      <constructor-arg index="1"><value>localhost</value></constructor-arg>
+      <!-- The LDAP server port. -->
+      <constructor-arg index="2"><value>389</value></constructor-arg>
+      <!-- The LDAP server default dn suffix. -->
+      <constructor-arg index="3"><value></value></constructor-arg>
+      <!-- The LDAP server root context. -->
+      <constructor-arg index="4"><value>o=ECS</value></constructor-arg>
+      <!-- The LDAP server root dn. -->
+      <constructor-arg index="5"><value>Davy De Waele/ECS</value></constructor-arg>
+      <!-- The LDAP server root password. -->
+      <constructor-arg index="6"><value>adminadmin2</value></constructor-arg>
+      <!-- The roles filter. -->
+      <constructor-arg index="7"><value>(objectclass=groupOfNames))</value></constructor-arg>
+      <!-- The groups filter. -->
+      <constructor-arg index="8"><value>(objectClass=groupOfUniqueNames)</value></constructor-arg>
+      <!-- The user filter. -->
+      <constructor-arg index="9"><value>(objectclass=inetorgperson)</value></constructor-arg>
+      <!-- The userAuthenticationFiler. -->
+      <constructor-arg index="10"><value>(&amp;(uid=%u)(objectclass=inetorgperson))</value></constructor-arg>
+      <!-- The roleMembershipAttributes. -->
+      <constructor-arg index="11"><value>member</value></constructor-arg>
+      <!-- The userRoleMembershipAttributes. -->
+      <constructor-arg index="12"><value></value></constructor-arg>
+      <!-- The groupMembershipAttributes. -->
+      <constructor-arg index="13"><value>uniqueMember</value></constructor-arg>
+      <!-- The userGroupMembershipAttributes. -->
+      <constructor-arg index="14"><value></value></constructor-arg>
+      <!-- The groupMembershipForRoleAttributes. -->
+      <constructor-arg index="15"><value>uniqueMember</value></constructor-arg>
+      <!-- The roleGroupMembershipForRoleAttributes. -->
+      <constructor-arg index="16"><value></value></constructor-arg>      
+      <!-- The defaultSearchBase. -->
+      <constructor-arg index="17"><value></value></constructor-arg>
+      <!-- The roleFilterBase. -->
+      <constructor-arg index="18"><value>ou=roles,ou=orgunit1</value></constructor-arg>
+      <!-- The groupFilterBase. -->
+      <constructor-arg index="19"><value>ou=groups,ou=orgunit1</value></constructor-arg>
+      <!-- The userFilterBase. -->
+      <constructor-arg index="20"><value>ou=people,ou=orgunit1</value></constructor-arg>
+      <!-- The roleObjectClasses. -->
+      <constructor-arg index="21"><value>top,groupOfNames</value></constructor-arg>
+      <!-- The groupObjectClasses. -->
+      <constructor-arg index="22"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The userObjectClasses. -->
+      <constructor-arg index="23"><value>top,person,organizationalPerson,inetorgperson</value></constructor-arg>
+      <!-- The roleIdAttribute. -->
+      <constructor-arg index="24"><value>cn</value></constructor-arg>
+      <!-- The groupIdAttribute. -->
+      <constructor-arg index="25"><value>cn</value></constructor-arg>
+	  	<!-- The userIdAttribute. -->
+      <constructor-arg index="26"><value>cn</value></constructor-arg>
+      <!-- The UidAttribute. -->
+      <constructor-arg index="27"><value>uid</value></constructor-arg>
+      <!-- The MemberShipSearchScope. -->
+      <constructor-arg index="28"><value>1</value></constructor-arg>
+      <!-- The roleUidAttribute. -->
+      <constructor-arg index="29"><value>cn</value></constructor-arg>
+      <!-- The groupUidAttribute. -->
+      <constructor-arg index="30"><value>cn</value></constructor-arg>
+	  <!-- The userUidAttribute. -->
+      <constructor-arg index="31"><value>uid</value></constructor-arg>
+	  <!-- The roleObjectRequiredAttributeClasses. -->
+      <constructor-arg index="32"><value>member</value></constructor-arg>
+	  <!-- The groupObjectRequiredAttributeClasses. -->
+      <constructor-arg index="33"><value>uniqueMember</value></constructor-arg>
+      
+  </bean>
+
+</beans>
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup2/company.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup2/company.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup2/company.ldif	(revision 0)
@@ -0,0 +1,323 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# THIS SCRIPT REQUIRES US TO PUT THE uniqueMember ATTR ON organizationalPerson
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfUniqueNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+# Roles and Groups are stored on the same level (o=ECS)
+#
+###########################################################
+# OrgUnits (objectClass: organizationalunit) 
+# Act as containers for different organizations
+###########################################################
+dn: ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=ECS
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=OrgUnit3,o=ECS
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+###########################################################
+# Subcontainers (objectClass: organizationalunit)
+# Subcontainers for People,Roles & Groups
+###########################################################
+dn: ou=People,ou=OrgUnit1,o=ECS
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=ECS
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=ECS
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=ECS
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=ECS
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=ECS
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=ECS
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=ECS
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=ECS
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+###########################################################
+# The groups (objectClass: groupOfUniqueNames)
+###########################################################
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: 
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: 
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: manager
+
+dn: cn=Group1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group1
+
+dn: cn=Group2,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: 
+cn: Group2
+
+dn: cn=Group3,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: 
+cn: Group3
+
+dn: cn=adminGroup,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: admin
+
+dn: cn=managerGroup,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: manager
+
+###########################################################
+# The roles (objectClass: groupOfUniqueNames)
+###########################################################
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role1
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role2
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: manager
+
+dn: cn=Role1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role1
+
+dn: cn=Role2,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role2
+
+dn: cn=Role3,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role3
+
+dn: cn=admin,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: admin
+
+dn: cn=manager,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: manager
+
+###########################################################
+# The users (objectClass: organizationalPerson)
+###########################################################
+
+dn: cn=OrgUnit1User1,ou=People,ou=OrgUnit1,o=ECS
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1
+
+dn: cn=OrgUnit1User2,ou=People,ou=OrgUnit1,o=ECS
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2
+
+dn: cn=OrgUnit2User1,ou=People,ou=OrgUnit2,o=ECS
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1
+
+dn: cn=OrgUnit2User2,ou=People,ou=OrgUnit2,o=ECS
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2
+
+
+dn: cn=OrgUnit3User1,ou=People,ou=OrgUnit3,o=ECS
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1
+
+dn: cn=OrgUnit3User2,ou=People,ou=OrgUnit3,o=ECS
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2
+
+dn: cn=admin,ou=People,ou=OrgUnit1,o=ECS
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin
+
+
+dn: cn=adminuser,o=ECS
+uid: adminuser
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+uniqueMember: CN=admin,o=ECS
+sn: admin
+cn: adminuser
+
+dn: cn=user1,o=ECS
+uid: user1
+givenName: user1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: user1
+sn: user1
+cn: user1
+
+dn: cn=user2,o=ECS
+uid: user2
+givenName: user2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: user2
+sn: user2
+cn: user2
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup2/ldap.properties
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup2/ldap.properties	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup2/ldap.properties	(revision 0)
@@ -0,0 +1,67 @@
+# Ldap Configuration.
+org.apache.jetspeed.ldap.initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
+org.apache.jetspeed.ldap.ldapServerName=localhost
+org.apache.jetspeed.ldap.ldapServerPort=389
+org.apache.jetspeed.ldap.rootDn=Davy De Waele
+org.apache.jetspeed.ldap.rootPassword=adminadmin2
+org.apache.jetspeed.ldap.rootContext=o=ECS
+#org.apache.jetspeed.ldap.defaultDnSuffix=
+#org.apache.jetspeed.ldap.ou.users=people
+#org.apache.jetspeed.ldap.ou.groups=groups
+#org.apache.jetspeed.ldap.ou.roles=roles
+
+# define the filters needed to search for roles/groups/users
+org.apache.jetspeed.ldap.RoleFilter=(objectclass=groupOfUniqueNames)
+org.apache.jetspeed.ldap.GroupFilter=(objectclass=groupOfUniqueNames)
+org.apache.jetspeed.ldap.UserFilter=(objectclass=inetorgperson)(objectclass=organizationalPerson)
+
+org.apache.jetspeed.ldap.UserAuthenticationFiler=(&(uid=%u)(objectclass=inetorgperson))
+
+# define the way role membership occurs
+# if RoleMembershipAttributes is used, membership attr will be stored on role
+# if UserRoleMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.RoleMembershipAttributes=
+org.apache.jetspeed.ldap.UserRoleMembershipAttributes=uniqueMember
+
+# define the way group membership occurs
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipAttributes=
+org.apache.jetspeed.ldap.UserGroupMembershipAttributes=uniqueMember
+
+# define the way group membership occurs 
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes=
+org.apache.jetspeed.ldap.RoleGroupMembershipForRoleAttributes=uniqueMember
+
+
+
+# define the default search base. (=rootContext)
+org.apache.jetspeed.ldap.DefaultSearchBase=
+
+# define the path to roles,groups and users
+# needs to be defined without the defaultsearchbase
+org.apache.jetspeed.ldap.RoleFilterBase=
+org.apache.jetspeed.ldap.GroupFilterBase=
+org.apache.jetspeed.ldap.UserFilterBase=
+
+org.apache.jetspeed.ldap.RoleObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.GroupObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.UserObjectClasses=top\,person\,organizationalPerson\,inetorgperson
+
+org.apache.jetspeed.ldap.roleObjectRequiredAttributeClasses=uniqueMember
+org.apache.jetspeed.ldap.groupObjectRequiredAttributeClasses=uniqueMember
+
+
+# define the ID attribute used to search roles/groups/users
+org.apache.jetspeed.ldap.RoleIdAttribute=cn
+org.apache.jetspeed.ldap.GroupIdAttribute=cn
+org.apache.jetspeed.ldap.UserIdAttribute=cn
+
+org.apache.jetspeed.ldap.UidAttribute=uid
+org.apache.jetspeed.ldap.MemberShipSearchScope=1
+
+org.apache.jetspeed.ldap.roleUidAttribute=cn
+org.apache.jetspeed.ldap.groupUidAttribute=cn
+org.apache.jetspeed.ldap.userUidAttribute=uid	
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup2/security-spi-ldap.xml
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup2/security-spi-ldap.xml	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup2/security-spi-ldap.xml	(revision 0)
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Ldap Configuration ************** -->
+  <bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig"
+      class="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig">
+      <!-- The LDAP initial context factory. -->
+      <constructor-arg index="0"><value>com.sun.jndi.ldap.LdapCtxFactory</value></constructor-arg>
+      <!-- The LDAP server name. -->
+      <constructor-arg index="1"><value>localhost</value></constructor-arg>
+      <!-- The LDAP server port. -->
+      <constructor-arg index="2"><value>389</value></constructor-arg>
+      <!-- The LDAP server default dn suffix. -->
+      <constructor-arg index="3"><value></value></constructor-arg>
+      <!-- The LDAP server root context. -->
+      <constructor-arg index="4"><value>o=ECS</value></constructor-arg>
+      <!-- The LDAP server root dn. -->
+      <constructor-arg index="5"><value>Davy De Waele/ECS</value></constructor-arg>
+      <!-- The LDAP server root password. -->
+      <constructor-arg index="6"><value>adminadmin2</value></constructor-arg>
+      <!-- The roles filter. -->
+      <constructor-arg index="7"><value>(objectclass=groupOfUniqueNames))</value></constructor-arg>
+      <!-- The groups filter. -->
+      <constructor-arg index="8"><value>(objectClass=groupOfUniqueNames)</value></constructor-arg>
+      <!-- The user filter. -->
+      <constructor-arg index="9"><value>(objectclass=inetorgperson)</value></constructor-arg>
+      <!-- The userAuthenticationFiler. -->
+      <constructor-arg index="10"><value>(&amp;(uid=%u)(objectclass=inetorgperson))</value></constructor-arg>
+      <!-- The roleMembershipAttributes. -->
+      <constructor-arg index="11"><value></value></constructor-arg>
+      <!-- The userRoleMembershipAttributes. -->
+      <constructor-arg index="12"><value>uniqueMember</value></constructor-arg>
+      <!-- The groupMembershipAttributes. -->
+      <constructor-arg index="13"><value></value></constructor-arg>
+      <!-- The userGroupMembershipAttributes. -->
+      <constructor-arg index="14"><value>uniqueMember</value></constructor-arg>
+      <!-- The groupMembershipForRoleAttributes. -->
+      <constructor-arg index="15"><value></value></constructor-arg>
+      <!-- The roleGroupMembershipForRoleAttributes. -->
+      <constructor-arg index="16"><value>uniqueMember</value></constructor-arg>      
+      <!-- The defaultSearchBase. -->
+      <constructor-arg index="17"><value></value></constructor-arg>
+      <!-- The roleFilterBase. -->
+      <constructor-arg index="18"><value></value></constructor-arg>
+      <!-- The groupFilterBase. -->
+      <constructor-arg index="19"><value></value></constructor-arg>
+      <!-- The userFilterBase. -->
+      <constructor-arg index="20"><value></value></constructor-arg>
+      <!-- The roleObjectClasses. -->
+      <constructor-arg index="21"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The groupObjectClasses. -->
+      <constructor-arg index="22"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The userObjectClasses. -->
+      <constructor-arg index="23"><value>top,person,organizationalPerson,inetorgperson</value></constructor-arg>
+      <!-- The roleIdAttribute. -->
+      <constructor-arg index="24"><value>cn</value></constructor-arg>
+      <!-- The groupIdAttribute. -->
+      <constructor-arg index="25"><value>cn</value></constructor-arg>
+	  	<!-- The userIdAttribute. -->
+      <constructor-arg index="26"><value>cn</value></constructor-arg>
+      <!-- The UidAttribute. -->
+      <constructor-arg index="27"><value>uid</value></constructor-arg>
+      <!-- The MemberShipSearchScope. -->
+      <constructor-arg index="28"><value>1</value></constructor-arg>
+      <!-- The roleUidAttribute. -->
+      <constructor-arg index="29"><value>cn</value></constructor-arg>
+      <!-- The groupUidAttribute. -->
+      <constructor-arg index="30"><value>cn</value></constructor-arg>
+	  <!-- The userUidAttribute. -->
+      <constructor-arg index="31"><value>uid</value></constructor-arg>
+	  <!-- The roleObjectRequiredAttributeClasses. -->
+      <constructor-arg index="32"><value>uniqueMember</value></constructor-arg>
+	  <!-- The groupObjectRequiredAttributeClasses. -->
+      <constructor-arg index="33"><value>uniqueMember</value></constructor-arg>
+  </bean>
+
+</beans>
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup3/company.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup3/company.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup3/company.ldif	(revision 0)
@@ -0,0 +1,344 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# THIS SCRIPT REQUIRES US TO PUT THE uniqueMember ATTR ON organizationalPerson
+#
+# Group objectClass = groupOfNames
+# Role objectClass = groupOfUniqueNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+# Roles and Groups are stored on the same level (o=ECS)
+#
+###########################################################
+# OrgUnits (objectClass: organizationalunit) 
+# Act as containers for different organizations
+###########################################################
+dn: ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=ECS
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=OrgUnit3,o=ECS
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+###########################################################
+# Subcontainers (objectClass: organizationalunit)
+# Subcontainers for People,Roles & Groups
+###########################################################
+dn: ou=People,ou=OrgUnit1,o=ECS
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=ECS
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=ECS
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=ECS
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=ECS
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=ECS
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=ECS
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=ECS
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=ECS
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+###########################################################
+# The groups (objectClass: groupOfUniqueNames)
+###########################################################
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfNames
+objectClass: dominoGroup
+member:
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfNames
+objectClass: dominoGroup
+member: 
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfNames
+objectClass: dominoGroup
+member: 
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfNames
+objectClass: dominoGroup
+member:
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfNames
+objectClass: dominoGroup
+member:
+cn: manager
+
+dn: cn=Group1,o=ECS
+objectClass: top
+objectClass: groupOfNames
+objectClass: dominoGroup
+member:
+cn: Group1
+
+dn: cn=Group2,o=ECS
+objectClass: top
+objectClass: groupOfNames
+objectClass: dominoGroup
+member: 
+cn: Group2
+
+dn: cn=Group3,o=ECS
+objectClass: top
+objectClass: groupOfNames
+objectClass: dominoGroup
+member: 
+cn: Group3
+
+dn: cn=adminGroup,o=ECS
+objectClass: top
+objectClass: groupOfNames
+objectClass: dominoGroup
+member:
+cn: admin
+
+dn: cn=managerGroup,o=ECS
+objectClass: top
+objectClass: groupOfNames
+objectClass: dominoGroup
+member:
+cn: manager
+
+###########################################################
+# The roles (objectClass: groupOfUniqueNames)
+###########################################################
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role1
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role2
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: manager
+
+dn: cn=Role1,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role1
+
+dn: cn=Role2,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role2
+
+dn: cn=Role3,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role3
+
+dn: cn=admin,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+uniqueMember: cn=adminuser,o=ECS
+cn: admin
+
+dn: cn=manager,o=ECS
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: manager
+
+###########################################################
+# The users (objectClass: organizationalPerson)
+###########################################################
+
+dn: cn=OrgUnit1User1,ou=People,ou=OrgUnit1,o=ECS
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+objectClass: dominoPerson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1
+
+dn: cn=OrgUnit1User2,ou=People,ou=OrgUnit1,o=ECS
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+objectClass: dominoPerson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2
+
+dn: cn=OrgUnit2User1,ou=People,ou=OrgUnit2,o=ECS
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+objectClass: dominoPerson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1
+
+dn: cn=OrgUnit2User2,ou=People,ou=OrgUnit2,o=ECS
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+objectClass: dominoPerson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2
+
+
+dn: cn=OrgUnit3User1,ou=People,ou=OrgUnit3,o=ECS
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+objectClass: dominoPerson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1
+
+dn: cn=OrgUnit3User2,ou=People,ou=OrgUnit3,o=ECS
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+objectClass: dominoPerson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2
+
+dn: cn=admin,ou=People,ou=OrgUnit1,o=ECS
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+objectClass: dominoPerson
+userPassword: admin
+sn: admin
+cn: admin
+
+
+dn: cn=adminuser,o=ECS
+uid: adminuser
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+objectClass: dominoPerson
+userPassword: admin
+uniqueMember: CN=admin,o=ECS
+sn: admin
+cn: adminuser
+
+dn: cn=user1,o=ECS
+uid: user1
+givenName: user1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+objectClass: dominoPerson
+userPassword: user1
+sn: user1
+cn: user1
+
+dn: cn=user2,o=ECS
+uid: user2
+givenName: user2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+objectClass: dominoPerson
+userPassword: user2
+sn: user2
+cn: user2
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup3/ldap.properties
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup3/ldap.properties	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup3/ldap.properties	(revision 0)
@@ -0,0 +1,67 @@
+# Ldap Configuration.
+org.apache.jetspeed.ldap.initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
+org.apache.jetspeed.ldap.ldapServerName=localhost
+org.apache.jetspeed.ldap.ldapServerPort=389
+org.apache.jetspeed.ldap.rootDn=Davy De Waele
+org.apache.jetspeed.ldap.rootPassword=adminadmin2
+org.apache.jetspeed.ldap.rootContext=o=ECS
+#org.apache.jetspeed.ldap.defaultDnSuffix=
+#org.apache.jetspeed.ldap.ou.users=people
+#org.apache.jetspeed.ldap.ou.groups=groups
+#org.apache.jetspeed.ldap.ou.roles=roles
+
+# define the filters needed to search for roles/groups/users
+org.apache.jetspeed.ldap.RoleFilter=(&(objectclass=groupOfUniqueNames)(!(objectClass=dominoGroup)))
+org.apache.jetspeed.ldap.GroupFilter=(objectclass=dominoGroup)
+org.apache.jetspeed.ldap.UserFilter=(objectclass=inetorgperson)(objectclass=organizationalPerson)(objectclass=dominoPerson)
+
+org.apache.jetspeed.ldap.UserAuthenticationFiler=(&(uid=%u)(objectclass=inetorgperson))
+
+# define the way role membership occurs
+# if RoleMembershipAttributes is used, membership attr will be stored on role
+# if UserRoleMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.RoleMembershipAttributes=uniqueMember
+org.apache.jetspeed.ldap.UserRoleMembershipAttributes=
+
+# define the way group membership occurs
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipAttributes=member
+org.apache.jetspeed.ldap.UserGroupMembershipAttributes=
+
+# define the way group membership occurs 
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes=uniqueMember
+org.apache.jetspeed.ldap.RoleGroupMembershipForRoleAttributes=
+
+
+
+# define the default search base. (=rootContext)
+org.apache.jetspeed.ldap.DefaultSearchBase=
+
+# define the path to roles,groups and users
+# needs to be defined without the defaultsearchbase
+org.apache.jetspeed.ldap.RoleFilterBase=
+org.apache.jetspeed.ldap.GroupFilterBase=
+org.apache.jetspeed.ldap.UserFilterBase=
+
+org.apache.jetspeed.ldap.RoleObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.GroupObjectClasses=top\,groupOfNames\,dominoGroup
+org.apache.jetspeed.ldap.UserObjectClasses=top\,person\,organizationalPerson\,inetorgperson\,dominoPerson
+
+org.apache.jetspeed.ldap.roleObjectRequiredAttributeClasses=uniqueMember
+org.apache.jetspeed.ldap.groupObjectRequiredAttributeClasses=member
+
+
+# define the ID attribute used to search roles/groups/users
+org.apache.jetspeed.ldap.RoleIdAttribute=cn
+org.apache.jetspeed.ldap.GroupIdAttribute=cn
+org.apache.jetspeed.ldap.UserIdAttribute=cn
+
+org.apache.jetspeed.ldap.UidAttribute=uid
+org.apache.jetspeed.ldap.MemberShipSearchScope=1
+
+org.apache.jetspeed.ldap.roleUidAttribute=cn
+org.apache.jetspeed.ldap.groupUidAttribute=cn
+org.apache.jetspeed.ldap.userUidAttribute=uid	
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup3/security-spi-ldap.xml
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup3/security-spi-ldap.xml	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/domino/setup3/security-spi-ldap.xml	(revision 0)
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Ldap Configuration ************** -->
+  <bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig"
+      class="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig">
+      <!-- The LDAP initial context factory. -->
+      <constructor-arg index="0"><value>com.sun.jndi.ldap.LdapCtxFactory</value></constructor-arg>
+      <!-- The LDAP server name. -->
+      <constructor-arg index="1"><value>localhost</value></constructor-arg>
+      <!-- The LDAP server port. -->
+      <constructor-arg index="2"><value>389</value></constructor-arg>
+      <!-- The LDAP server default dn suffix. -->
+      <constructor-arg index="3"><value></value></constructor-arg>
+      <!-- The LDAP server root context. -->
+      <constructor-arg index="4"><value>o=ECS</value></constructor-arg>
+      <!-- The LDAP server root dn. -->
+      <constructor-arg index="5"><value>Davy De Waele/ECS</value></constructor-arg>
+      <!-- The LDAP server root password. -->
+      <constructor-arg index="6"><value>adminadmin2</value></constructor-arg>
+      <!-- The roles filter. -->
+      <constructor-arg index="7"><value>(&(objectclass=groupOfUniqueNames)(!(objectClass=dominoGroup)))</value></constructor-arg>
+      <!-- The groups filter. -->
+      <constructor-arg index="8"><value>(objectClass=dominoGroup)</value></constructor-arg>
+      <!-- The user filter. -->
+      <constructor-arg index="9"><value>(objectclass=dominoPerson)</value></constructor-arg>
+      <!-- The userAuthenticationFiler. -->
+      <constructor-arg index="10"><value>(&amp;(uid=%u)(objectclass=inetorgperson))</value></constructor-arg>
+      <!-- The roleMembershipAttributes. -->
+      <constructor-arg index="11"><value>uniqueMember</value></constructor-arg>
+      <!-- The userRoleMembershipAttributes. -->
+      <constructor-arg index="12"><value></value></constructor-arg>
+      <!-- The groupMembershipAttributes. -->
+      <constructor-arg index="13"><value>member</value></constructor-arg>
+      <!-- The userGroupMembershipAttributes. -->
+      <constructor-arg index="14"><value></value></constructor-arg>
+      <!-- The groupMembershipForRoleAttributes. -->
+      <constructor-arg index="15"><value>uniqueMember</value></constructor-arg>
+      <!-- The roleGroupMembershipForRoleAttributes. -->
+      <constructor-arg index="16"><value></value></constructor-arg>      
+      <!-- The defaultSearchBase. -->
+      <constructor-arg index="17"><value></value></constructor-arg>
+      <!-- The roleFilterBase. -->
+      <constructor-arg index="18"><value></value></constructor-arg>
+      <!-- The groupFilterBase. -->
+      <constructor-arg index="19"><value></value></constructor-arg>
+      <!-- The userFilterBase. -->
+      <constructor-arg index="20"><value></value></constructor-arg>
+      <!-- The roleObjectClasses. -->
+      <constructor-arg index="21"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The groupObjectClasses. -->
+      <constructor-arg index="22"><value>top,groupOfNames,dominoGroup</value></constructor-arg>
+      <!-- The userObjectClasses. -->
+      <constructor-arg index="23"><value>top,person,organizationalPerson,inetorgperson,dominoPerson</value></constructor-arg>
+      <!-- The roleIdAttribute. -->
+      <constructor-arg index="24"><value>cn</value></constructor-arg>
+      <!-- The groupIdAttribute. -->
+      <constructor-arg index="25"><value>cn</value></constructor-arg>
+	  	<!-- The userIdAttribute. -->
+      <constructor-arg index="26"><value>cn</value></constructor-arg>
+      <!-- The UidAttribute. -->
+      <constructor-arg index="27"><value>uid</value></constructor-arg>
+      <!-- The MemberShipSearchScope. -->
+      <constructor-arg index="28"><value>1</value></constructor-arg>
+      <!-- The roleUidAttribute. -->
+      <constructor-arg index="29"><value>cn</value></constructor-arg>
+      <!-- The groupUidAttribute. -->
+      <constructor-arg index="30"><value>cn</value></constructor-arg>
+	  <!-- The userUidAttribute. -->
+      <constructor-arg index="31"><value>uid</value></constructor-arg>
+	  <!-- The roleObjectRequiredAttributeClasses. -->
+      <constructor-arg index="32"><value>uniqueMember</value></constructor-arg>
+	  <!-- The groupObjectRequiredAttributeClasses. -->
+      <constructor-arg index="33"><value>member</value></constructor-arg>
+  </bean>
+
+</beans>
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup1/company-openldap.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup1/company-openldap.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup1/company-openldap.ldif	(revision 0)
@@ -0,0 +1,213 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfUniqueNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+# Execute this file using the ldapadd command.
+#
+#
+dn: ou=OrgUnit1,ou=System
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,ou=System
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,ou=System
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,ou=System
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,ou=System
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,ou=System
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,ou=System
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,ou=System
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,ou=System
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,ou=System
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,ou=System
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,ou=System
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,ou=System
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: cn=admin,ou=People,ou=OrgUnit1
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,ou=System
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,ou=System
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,ou=System
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,ou=System
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,ou=System
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,ou=System
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,ou=System
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,ou=System
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,ou=System
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,ou=System
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,ou=System
+cn: manager
+
+dn: cn=OrgUnit1User1,ou=People,ou=OrgUnit1,ou=System
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1
+
+dn: cn=OrgUnit1User2,ou=People,ou=OrgUnit1,ou=System
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2
+
+dn: cn=OrgUnit2User1,ou=People,ou=OrgUnit2,ou=System
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1
+
+dn: cn=OrgUnit2User2,ou=People,ou=OrgUnit2,ou=System
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2
+
+
+dn: cn=OrgUnit3User1,ou=People,ou=OrgUnit3,ou=System
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1
+
+dn: cn=OrgUnit3User2,ou=People,ou=OrgUnit3,ou=System
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2
+
+dn: cn=admin,ou=People,ou=OrgUnit1,ou=System
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup1/company1.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup1/company1.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup1/company1.ldif	(revision 0)
@@ -0,0 +1,210 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfUniqueNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: uid=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1 OrgUnit1User1
+
+dn: uid=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2 OrgUnit1User2
+
+dn: uid=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1 OrgUnit2User1
+
+dn: uid=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2 OrgUnit2User2
+
+
+dn: uid=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1 OrgUnit3User1
+
+dn: uid=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2 OrgUnit3User2
+
+dn: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup1/ldap.properties
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup1/ldap.properties	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup1/ldap.properties	(revision 0)
@@ -0,0 +1,69 @@
+# Ldap Configuration.
+# Ldap Configuration.
+
+org.apache.jetspeed.ldap.initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
+org.apache.jetspeed.ldap.ldapServerName=localhost
+org.apache.jetspeed.ldap.ldapServerPort=389
+org.apache.jetspeed.ldap.rootDn=uid\=admin\,ou\=system
+org.apache.jetspeed.ldap.rootPassword=secret
+org.apache.jetspeed.ldap.rootContext=ou\=system
+#org.apache.jetspeed.ldap.defaultDnSuffix=
+#org.apache.jetspeed.ldap.ou.users=people
+#org.apache.jetspeed.ldap.ou.groups=groups
+#org.apache.jetspeed.ldap.ou.roles=roles
+
+# define the filters needed to search for roles/groups/users
+org.apache.jetspeed.ldap.RoleFilter=(objectclass=groupOfUniqueNames)
+org.apache.jetspeed.ldap.GroupFilter=(objectclass=groupOfUniqueNames)
+org.apache.jetspeed.ldap.UserFilter=(objectclass=inetorgperson)(objectclass=organizationalPerson)
+
+org.apache.jetspeed.ldap.UserAuthenticationFiler=(&(uid=%u)(objectclass=inetorgperson))
+
+# define the way role membership occurs
+# if RoleMembershipAttributes is used, membership attr will be stored on role
+# if UserRoleMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.RoleMembershipAttributes=uniqueMember
+org.apache.jetspeed.ldap.UserRoleMembershipAttributes=
+
+# define the way group membership occurs
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipAttributes=uniqueMember
+org.apache.jetspeed.ldap.UserGroupMembershipAttributes=
+
+# define the way group membership occurs 
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes=uniqueMember
+org.apache.jetspeed.ldap.RoleGroupMembershipForRoleAttributes=
+
+
+
+# define the default search base. (=rootContext)
+org.apache.jetspeed.ldap.DefaultSearchBase=
+
+# define the path to roles,groups and users
+# needs to be defined without the defaultsearchbase
+org.apache.jetspeed.ldap.RoleFilterBase=
+org.apache.jetspeed.ldap.GroupFilterBase=
+org.apache.jetspeed.ldap.UserFilterBase=
+
+org.apache.jetspeed.ldap.RoleObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.GroupObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.UserObjectClasses=top\,person\,organizationalPerson\,inetorgperson
+
+org.apache.jetspeed.ldap.roleObjectRequiredAttributeClasses=uniqueMember
+org.apache.jetspeed.ldap.groupObjectRequiredAttributeClasses=uniqueMember
+
+
+# define the ID attribute used to search roles/groups/users
+org.apache.jetspeed.ldap.RoleIdAttribute=cn
+org.apache.jetspeed.ldap.GroupIdAttribute=cn
+org.apache.jetspeed.ldap.UserIdAttribute=uid
+
+org.apache.jetspeed.ldap.UidAttribute=uid
+org.apache.jetspeed.ldap.MemberShipSearchScope=1
+
+org.apache.jetspeed.ldap.roleUidAttribute=cn
+org.apache.jetspeed.ldap.groupUidAttribute=cn
+org.apache.jetspeed.ldap.userUidAttribute=uid	
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup1/security-spi-ldap.xml
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup1/security-spi-ldap.xml	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup1/security-spi-ldap.xml	(revision 0)
@@ -0,0 +1,94 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Ldap Configuration ************** -->
+  <bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig"
+      class="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig">
+      <!-- The LDAP initial context factory. -->
+      <constructor-arg index="0"><value>com.sun.jndi.ldap.LdapCtxFactory</value></constructor-arg>
+      <!-- The LDAP server name. -->
+      <constructor-arg index="1"><value>localhost</value></constructor-arg>
+      <!-- The LDAP server port. -->
+      <constructor-arg index="2"><value>389</value></constructor-arg>
+      <!-- The LDAP server default dn suffix. -->
+      <constructor-arg index="3"><value></value></constructor-arg>
+      <!-- The LDAP server root context. -->
+      <constructor-arg index="4"><value>o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root dn. -->
+      <constructor-arg index="5"><value>cn=Manager,o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root password. -->
+      <constructor-arg index="6"><value>secret</value></constructor-arg>
+      <!-- The roles filter. -->
+      <constructor-arg index="7"><value>(objectclass=groupOfUniqueNames))</value></constructor-arg>
+      <!-- The groups filter. -->
+      <constructor-arg index="8"><value>(objectClass=groupOfUniqueNames)</value></constructor-arg>
+      <!-- The user filter. -->
+      <constructor-arg index="9"><value>(objectclass=inetorgperson)</value></constructor-arg>
+      <!-- The userAuthenticationFiler. -->
+      <constructor-arg index="10"><value>(&amp;(uid=%u)(objectclass=inetorgperson))</value></constructor-arg>
+      <!-- The roleMembershipAttributes. -->
+      <constructor-arg index="11"><value>uniqueMember</value></constructor-arg>
+      <!-- The userRoleMembershipAttributes. -->
+      <constructor-arg index="12"><value></value></constructor-arg>
+      <!-- The groupMembershipAttributes. -->
+      <constructor-arg index="13"><value>uniqueMember</value></constructor-arg>
+      <!-- The userGroupMembershipAttributes. -->
+      <constructor-arg index="14"><value></value></constructor-arg>
+      <!-- The groupMembershipForRoleAttributes. -->
+      <constructor-arg index="15"><value>uniqueMember</value></constructor-arg>
+      <!-- The roleGroupMembershipForRoleAttributes. -->
+      <constructor-arg index="16"><value></value></constructor-arg>      
+      <!-- The defaultSearchBase. -->
+      <constructor-arg index="17"><value></value></constructor-arg>
+      <!-- The roleFilterBase. -->
+      <constructor-arg index="18"><value></value></constructor-arg>
+      <!-- The groupFilterBase. -->
+      <constructor-arg index="19"><value></value></constructor-arg>
+      <!-- The userFilterBase. -->
+      <constructor-arg index="20"><value></value></constructor-arg>
+      <!-- The roleObjectClasses. -->
+      <constructor-arg index="21"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The groupObjectClasses. -->
+      <constructor-arg index="22"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The userObjectClasses. -->
+      <constructor-arg index="23"><value>top,person,organizationalPerson,inetorgperson</value></constructor-arg>
+      <!-- The roleIdAttribute. -->
+      <constructor-arg index="24"><value>cn</value></constructor-arg>
+      <!-- The groupIdAttribute. -->
+      <constructor-arg index="25"><value>cn</value></constructor-arg>
+	  	<!-- The userIdAttribute. -->
+      <constructor-arg index="26"><value>uid</value></constructor-arg>
+      <!-- The UidAttribute. -->
+      <constructor-arg index="27"><value>uid</value></constructor-arg>
+      <!-- The MemberShipSearchScope. -->
+      <constructor-arg index="28"><value>1</value></constructor-arg>
+      <!-- The roleUidAttribute. -->
+      <constructor-arg index="29"><value>cn</value></constructor-arg>
+      <!-- The groupUidAttribute. -->
+      <constructor-arg index="30"><value>cn</value></constructor-arg>
+	  <!-- The userUidAttribute. -->
+      <constructor-arg index="31"><value>uid</value></constructor-arg>
+	  <!-- The roleObjectRequiredAttributeClasses. -->
+      <constructor-arg index="32"><value>uniqueMember</value></constructor-arg>
+	  <!-- The groupObjectRequiredAttributeClasses. -->
+      <constructor-arg index="33"><value>uniqueMember</value></constructor-arg>
+      
+  </bean>
+
+</beans>
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/Copy of company-openldap.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/Copy of company-openldap.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/Copy of company-openldap.ldif	(revision 0)
@@ -0,0 +1,233 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfUniqueNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+# Role membership for the user
+# stored on the user object via the memberOf attribute
+# 
+# Group membership for the user
+# stored on the user object via the memberOf attribute
+# 
+# Execute this file using the ldapadd command.
+#
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+member:cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+member:cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: 
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: cn=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+memberOf: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+sn: OrgUnit1User1
+cn: OrgUnit1User1
+
+dn: cn=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+memberOf: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+sn: OrgUnit1User2
+cn: OrgUnit1User2
+
+dn: cn=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+memberOf: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+sn: OrgUnit2User1
+cn: OrgUnit2User1
+
+dn: cn=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2
+
+
+dn: cn=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1
+
+dn: cn=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2
+
+dn: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+memberOf: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+memberOf: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+sn: admin
+cn: admin
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/company-openldap.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/company-openldap.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/company-openldap.ldif	(revision 0)
@@ -0,0 +1,216 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfNames
+#
+# Everything is stored in a flat structure (root level)
+# Makes it difficult to differentiate roles/groups
+# Except if different objectClasses are used.
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+# Role membership for the user
+# stored on the user object via the memberOf attribute
+# 
+# Group membership for the user
+# stored on the user object via the memberOf attribute
+# 
+# Execute this file using the ldapadd command.
+#
+#
+
+dn: ou=People,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: People
+
+
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group1
+
+dn: cn=Group2,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: admin
+
+dn: cn=manager,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: manager
+
+dn: cn=Role1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:cn=Group1,o=sevenSeas
+member:cn=Group2,o=sevenSeas
+member:cn=Group3,o=sevenSeas
+cn: Role1
+
+
+dn: cn=Role2,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role2
+
+
+dn: cn=Role3,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role3
+
+dn: cn=OrgUnit1User1,ou=People,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+memberOf: cn=Role1,o=sevenSeas
+sn: OrgUnit1User1
+cn: OrgUnit1User1
+
+dn: cn=OrgUnit1User2,ou=People,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+memberOf: cn=Role1,o=sevenSeas
+memberOf: cn=Role2,o=sevenSeas
+sn: OrgUnit1User2
+cn: OrgUnit1User2
+
+dn: cn=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+memberOf: cn=Role1,o=sevenSeas
+memberOf: cn=Role2,o=sevenSeas
+memberOf: cn=Role3,o=sevenSeas
+sn: OrgUnit2User1
+cn: OrgUnit2User1
+
+dn: cn=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2
+
+
+dn: cn=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1
+
+dn: cn=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2
+
+dn: cn=admin,ou=People,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+memberOf: cn=admin,o=sevenSeas
+memberOf: cn=Role1,o=sevenSeas
+memberOf: cn=Role2,o=sevenSeas
+memberOf: cn=Role3,o=sevenSeas
+memberOf: cn=Group1,o=sevenSeas
+memberOf: cn=Group2,o=sevenSeas
+memberOf: cn=Group3,o=sevenSeas
+sn: admin
+cn: admin
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/company1.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/company1.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/company1.ldif	(revision 0)
@@ -0,0 +1,210 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfUniqueNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: uid=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1 OrgUnit1User1
+
+dn: uid=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2 OrgUnit1User2
+
+dn: uid=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1 OrgUnit2User1
+
+dn: uid=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2 OrgUnit2User2
+
+
+dn: uid=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1 OrgUnit3User1
+
+dn: uid=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2 OrgUnit3User2
+
+dn: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/ldap.properties
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/ldap.properties	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/ldap.properties	(revision 0)
@@ -0,0 +1,69 @@
+# Ldap Configuration.
+# Ldap Configuration.
+
+org.apache.jetspeed.ldap.initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
+org.apache.jetspeed.ldap.ldapServerName=localhost
+org.apache.jetspeed.ldap.ldapServerPort=389
+org.apache.jetspeed.ldap.rootDn=uid\=admin\,ou\=system
+org.apache.jetspeed.ldap.rootPassword=secret
+org.apache.jetspeed.ldap.rootContext=o\=sevenSeas
+#org.apache.jetspeed.ldap.defaultDnSuffix=
+#org.apache.jetspeed.ldap.ou.users=people
+#org.apache.jetspeed.ldap.ou.groups=groups
+#org.apache.jetspeed.ldap.ou.roles=roles
+
+# define the filters needed to search for roles/groups/users
+org.apache.jetspeed.ldap.RoleFilter=(objectclass=groupOfUniqueNames)
+org.apache.jetspeed.ldap.GroupFilter=(objectclass=groupOfUniqueNames)
+org.apache.jetspeed.ldap.UserFilter=(objectclass=inetorgperson)(objectclass=organizationalPerson)
+
+org.apache.jetspeed.ldap.UserAuthenticationFiler=(&(uid=%u)(objectclass=inetorgperson))
+
+# define the way role membership occurs
+# if RoleMembershipAttributes is used, membership attr will be stored on role
+# if UserRoleMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.RoleMembershipAttributes=
+org.apache.jetspeed.ldap.UserRoleMembershipAttributes=memberOf
+
+# define the way group membership occurs
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipAttributes=
+org.apache.jetspeed.ldap.UserGroupMembershipAttributes=memberOf
+
+# define the way group membership occurs 
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes=
+org.apache.jetspeed.ldap.RoleGroupMembershipForRoleAttributes=uniqueMember
+
+
+
+# define the default search base. (=rootContext)
+org.apache.jetspeed.ldap.DefaultSearchBase=
+
+# define the path to roles,groups and users
+# needs to be defined without the defaultsearchbase
+org.apache.jetspeed.ldap.RoleFilterBase=
+org.apache.jetspeed.ldap.GroupFilterBase=
+org.apache.jetspeed.ldap.UserFilterBase=ou=People
+
+org.apache.jetspeed.ldap.RoleObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.GroupObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.UserObjectClasses=top\,person\,organizationalPerson\,inetorgperson
+
+org.apache.jetspeed.ldap.roleObjectRequiredAttributeClasses=uniqueMember
+org.apache.jetspeed.ldap.groupObjectRequiredAttributeClasses=uniqueMember
+
+
+# define the ID attribute used to search roles/groups/users
+org.apache.jetspeed.ldap.RoleIdAttribute=cn
+org.apache.jetspeed.ldap.GroupIdAttribute=cn
+org.apache.jetspeed.ldap.UserIdAttribute=cn
+
+org.apache.jetspeed.ldap.UidAttribute=uid
+org.apache.jetspeed.ldap.MemberShipSearchScope=1
+
+org.apache.jetspeed.ldap.roleUidAttribute=cn
+org.apache.jetspeed.ldap.groupUidAttribute=cn
+org.apache.jetspeed.ldap.userUidAttribute=uid	
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/security-spi-ldap.xml
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/security-spi-ldap.xml	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup2/security-spi-ldap.xml	(revision 0)
@@ -0,0 +1,94 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Ldap Configuration ************** -->
+  <bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig"
+      class="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig">
+      <!-- The LDAP initial context factory. -->
+      <constructor-arg index="0"><value>com.sun.jndi.ldap.LdapCtxFactory</value></constructor-arg>
+      <!-- The LDAP server name. -->
+      <constructor-arg index="1"><value>localhost</value></constructor-arg>
+      <!-- The LDAP server port. -->
+      <constructor-arg index="2"><value>389</value></constructor-arg>
+      <!-- The LDAP server default dn suffix. -->
+      <constructor-arg index="3"><value></value></constructor-arg>
+      <!-- The LDAP server root context. -->
+      <constructor-arg index="4"><value>o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root dn. -->
+      <constructor-arg index="5"><value>cn=Manager,o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root password. -->
+      <constructor-arg index="6"><value>secret</value></constructor-arg>
+      <!-- The roles filter. -->
+      <constructor-arg index="7"><value>(objectclass=groupOfUniqueNames))</value></constructor-arg>
+      <!-- The groups filter. -->
+      <constructor-arg index="8"><value>(objectClass=groupOfUniqueNames)</value></constructor-arg>
+      <!-- The user filter. -->
+      <constructor-arg index="9"><value>(objectclass=inetorgperson)</value></constructor-arg>
+      <!-- The userAuthenticationFiler. -->
+      <constructor-arg index="10"><value>(&amp;(uid=%u)(objectclass=inetorgperson))</value></constructor-arg>
+      <!-- The roleMembershipAttributes. -->
+      <constructor-arg index="11"><value></value></constructor-arg>
+      <!-- The userRoleMembershipAttributes. -->
+      <constructor-arg index="12"><value>memberOf</value></constructor-arg>
+      <!-- The groupMembershipAttributes. -->
+      <constructor-arg index="13"><value></value></constructor-arg>
+      <!-- The userGroupMembershipAttributes. -->
+      <constructor-arg index="14"><value>memberOf</value></constructor-arg>
+      <!-- The groupMembershipForRoleAttributes. -->
+      <constructor-arg index="15"><value></value></constructor-arg>
+      <!-- The roleGroupMembershipForRoleAttributes. -->
+      <constructor-arg index="16"><value>uniqueMember</value></constructor-arg>      
+      <!-- The defaultSearchBase. -->
+      <constructor-arg index="17"><value></value></constructor-arg>
+      <!-- The roleFilterBase. -->
+      <constructor-arg index="18"><value></value></constructor-arg>
+      <!-- The groupFilterBase. -->
+      <constructor-arg index="19"><value></value></constructor-arg>
+      <!-- The userFilterBase (don't specify the root dn here). -->
+      <constructor-arg index="20"><value>ou=People</value></constructor-arg>
+      <!-- The roleObjectClasses. -->
+      <constructor-arg index="21"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The groupObjectClasses. -->
+      <constructor-arg index="22"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The userObjectClasses. -->
+      <constructor-arg index="23"><value>top,person,organizationalPerson,inetorgperson</value></constructor-arg>
+      <!-- The roleIdAttribute. -->
+      <constructor-arg index="24"><value>cn</value></constructor-arg>
+      <!-- The groupIdAttribute. -->
+      <constructor-arg index="25"><value>cn</value></constructor-arg>
+	  	<!-- The userIdAttribute. -->
+      <constructor-arg index="26"><value>cn</value></constructor-arg>
+      <!-- The UidAttribute. -->
+      <constructor-arg index="27"><value>uid</value></constructor-arg>
+      <!-- The MemberShipSearchScope. -->
+      <constructor-arg index="28"><value>1</value></constructor-arg>
+      <!-- The roleUidAttribute. -->
+      <constructor-arg index="29"><value>cn</value></constructor-arg>
+      <!-- The groupUidAttribute. -->
+      <constructor-arg index="30"><value>cn</value></constructor-arg>
+	  <!-- The userUidAttribute. -->
+      <constructor-arg index="31"><value>uid</value></constructor-arg>
+	  <!-- The roleObjectRequiredAttributeClasses. -->
+      <constructor-arg index="32"><value>uniqueMember</value></constructor-arg>
+	  <!-- The groupObjectRequiredAttributeClasses. -->
+      <constructor-arg index="33"><value>uniqueMember</value></constructor-arg>
+      
+  </bean>
+
+</beans>
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup3/company-openldap.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup3/company-openldap.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup3/company-openldap.ldif	(revision 0)
@@ -0,0 +1,213 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+# Execute this file using the ldapadd command.
+#
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: cn=admin,ou=People,ou=OrgUnit1
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: cn=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1
+
+dn: cn=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2
+
+dn: cn=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1
+
+dn: cn=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2
+
+
+dn: cn=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1
+
+dn: cn=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2
+
+dn: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup3/company1.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup3/company1.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup3/company1.ldif	(revision 0)
@@ -0,0 +1,210 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfUniqueNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: uid=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1 OrgUnit1User1
+
+dn: uid=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2 OrgUnit1User2
+
+dn: uid=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1 OrgUnit2User1
+
+dn: uid=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2 OrgUnit2User2
+
+
+dn: uid=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1 OrgUnit3User1
+
+dn: uid=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2 OrgUnit3User2
+
+dn: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup3/ldap.properties
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup3/ldap.properties	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup3/ldap.properties	(revision 0)
@@ -0,0 +1,69 @@
+# Ldap Configuration.
+# Ldap Configuration.
+
+org.apache.jetspeed.ldap.initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
+org.apache.jetspeed.ldap.ldapServerName=localhost
+org.apache.jetspeed.ldap.ldapServerPort=389
+org.apache.jetspeed.ldap.rootDn=uid\=admin\,ou\=system
+org.apache.jetspeed.ldap.rootPassword=secret
+org.apache.jetspeed.ldap.rootContext=ou\=system
+#org.apache.jetspeed.ldap.defaultDnSuffix=
+#org.apache.jetspeed.ldap.ou.users=people
+#org.apache.jetspeed.ldap.ou.groups=groups
+#org.apache.jetspeed.ldap.ou.roles=roles
+
+# define the filters needed to search for roles/groups/users
+org.apache.jetspeed.ldap.RoleFilter=(objectclass=groupOfNames)
+org.apache.jetspeed.ldap.GroupFilter=(objectclass=groupOfUniqueNames)
+org.apache.jetspeed.ldap.UserFilter=(objectclass=inetorgperson)(objectclass=organizationalPerson)
+
+org.apache.jetspeed.ldap.UserAuthenticationFiler=(&(uid=%u)(objectclass=inetorgperson))
+
+# define the way role membership occurs
+# if RoleMembershipAttributes is used, membership attr will be stored on role
+# if UserRoleMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.RoleMembershipAttributes=member
+org.apache.jetspeed.ldap.UserRoleMembershipAttributes=
+
+# define the way group membership occurs
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipAttributes=member
+org.apache.jetspeed.ldap.UserGroupMembershipAttributes=
+
+# define the way group membership occurs 
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes=member
+org.apache.jetspeed.ldap.RoleGroupMembershipForRoleAttributes=
+
+
+
+# define the default search base. (=rootContext)
+org.apache.jetspeed.ldap.DefaultSearchBase=
+
+# define the path to roles,groups and users
+# needs to be defined without the defaultsearchbase
+org.apache.jetspeed.ldap.RoleFilterBase=ou=Roles\,ou=OrgUnit1
+org.apache.jetspeed.ldap.GroupFilterBase=ou=Groups\,ou=OrgUnit1
+org.apache.jetspeed.ldap.UserFilterBase=ou=People\,ou=OrgUnit1
+
+org.apache.jetspeed.ldap.RoleObjectClasses=top\,groupOfNames
+org.apache.jetspeed.ldap.GroupObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.UserObjectClasses=top\,person\,organizationalPerson\,inetorgperson
+
+org.apache.jetspeed.ldap.roleObjectRequiredAttributeClasses=member
+org.apache.jetspeed.ldap.groupObjectRequiredAttributeClasses=member
+
+
+# define the ID attribute used to search roles/groups/users
+org.apache.jetspeed.ldap.RoleIdAttribute=cn
+org.apache.jetspeed.ldap.GroupIdAttribute=cn
+org.apache.jetspeed.ldap.UserIdAttribute=cn
+
+org.apache.jetspeed.ldap.UidAttribute=uid
+org.apache.jetspeed.ldap.MemberShipSearchScope=1
+
+org.apache.jetspeed.ldap.roleUidAttribute=cn
+org.apache.jetspeed.ldap.groupUidAttribute=cn
+org.apache.jetspeed.ldap.userUidAttribute=uid	
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup3/security-spi-ldap.xml
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup3/security-spi-ldap.xml	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup3/security-spi-ldap.xml	(revision 0)
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Ldap Configuration ************** -->
+  <bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig"
+      class="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig">
+      <!-- The LDAP initial context factory. -->
+      <constructor-arg index="0"><value>com.sun.jndi.ldap.LdapCtxFactory</value></constructor-arg>
+      <!-- The LDAP server name. -->
+      <constructor-arg index="1"><value>localhost</value></constructor-arg>
+      <!-- The LDAP server port. -->
+      <constructor-arg index="2"><value>389</value></constructor-arg>
+      <!-- The LDAP server default dn suffix. -->
+      <constructor-arg index="3"><value></value></constructor-arg>
+      <!-- The LDAP server root context. -->
+      <constructor-arg index="4"><value>o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root dn. -->
+      <constructor-arg index="5"><value>cn=Manager,o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root password. -->
+      <constructor-arg index="6"><value>secret</value></constructor-arg>
+      <!-- The roles filter. -->
+      <constructor-arg index="7"><value>(objectclass=groupOfNames))</value></constructor-arg>
+      <!-- The groups filter. -->
+      <constructor-arg index="8"><value>(objectClass=groupOfUniqueNames)</value></constructor-arg>
+      <!-- The user filter. -->
+      <constructor-arg index="9"><value>(objectclass=inetorgperson)</value></constructor-arg>
+      <!-- The userAuthenticationFiler. -->
+      <constructor-arg index="10"><value>(&amp;(uid=%u)(objectclass=inetorgperson))</value></constructor-arg>
+      <!-- The roleMembershipAttributes. -->
+      <constructor-arg index="11"><value>member</value></constructor-arg>
+      <!-- The userRoleMembershipAttributes. -->
+      <constructor-arg index="12"><value></value></constructor-arg>
+      <!-- The groupMembershipAttributes. -->
+      <constructor-arg index="13"><value>member</value></constructor-arg>
+      <!-- The userGroupMembershipAttributes. -->
+      <constructor-arg index="14"><value></value></constructor-arg>
+      <!-- The groupMembershipForRoleAttributes. -->
+      <constructor-arg index="15"><value>member</value></constructor-arg>
+      <!-- The roleGroupMembershipForRoleAttributes. -->
+      <constructor-arg index="16"><value></value></constructor-arg>      
+      <!-- The defaultSearchBase. -->
+      <constructor-arg index="17"><value></value></constructor-arg>
+      <!-- The roleFilterBase. -->
+      <constructor-arg index="18"><value>ou=roles,ou=orgunit1</value></constructor-arg>
+      <!-- The groupFilterBase. -->
+      <constructor-arg index="19"><value>ou=groups,ou=orgunit1</value></constructor-arg>
+      <!-- The userFilterBase. -->
+      <constructor-arg index="20"><value>ou=people,ou=orgunit1</value></constructor-arg>
+      <!-- The roleObjectClasses. -->
+      <constructor-arg index="21"><value>top,groupOfNames</value></constructor-arg>
+      <!-- The groupObjectClasses. -->
+      <constructor-arg index="22"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The userObjectClasses. -->
+      <constructor-arg index="23"><value>top,person,organizationalPerson,inetorgperson</value></constructor-arg>
+      <!-- The roleIdAttribute. -->
+      <constructor-arg index="24"><value>cn</value></constructor-arg>
+      <!-- The groupIdAttribute. -->
+      <constructor-arg index="25"><value>cn</value></constructor-arg>
+	  	<!-- The userIdAttribute. -->
+      <constructor-arg index="26"><value>cn</value></constructor-arg>
+      <!-- The UidAttribute. -->
+      <constructor-arg index="27"><value>uid</value></constructor-arg>
+      <!-- The MemberShipSearchScope. -->
+      <constructor-arg index="28"><value>1</value></constructor-arg>
+      <!-- The roleUidAttribute. -->
+      <constructor-arg index="29"><value>cn</value></constructor-arg>
+      <!-- The groupUidAttribute. -->
+      <constructor-arg index="30"><value>cn</value></constructor-arg>
+	  <!-- The userUidAttribute. -->
+      <constructor-arg index="31"><value>uid</value></constructor-arg>
+	  <!-- The roleObjectRequiredAttributeClasses. -->
+      <constructor-arg index="32"><value>member</value></constructor-arg>
+	  <!-- The groupObjectRequiredAttributeClasses. -->
+      <constructor-arg index="33"><value>member</value></constructor-arg>
+  </bean>
+
+</beans>
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup4/company-openldap.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup4/company-openldap.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup4/company-openldap.ldif	(revision 0)
@@ -0,0 +1,213 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+# Execute this file using the ldapadd command.
+#
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: cn=admin,ou=People,ou=OrgUnit1
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: cn=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1
+
+dn: cn=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2
+
+dn: cn=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1
+
+dn: cn=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2
+
+
+dn: cn=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1
+
+dn: cn=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2
+
+dn: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup4/company1.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup4/company1.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup4/company1.ldif	(revision 0)
@@ -0,0 +1,210 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfUniqueNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: uid=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1 OrgUnit1User1
+
+dn: uid=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2 OrgUnit1User2
+
+dn: uid=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1 OrgUnit2User1
+
+dn: uid=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2 OrgUnit2User2
+
+
+dn: uid=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1 OrgUnit3User1
+
+dn: uid=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2 OrgUnit3User2
+
+dn: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup4/ldap.properties
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup4/ldap.properties	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup4/ldap.properties	(revision 0)
@@ -0,0 +1,69 @@
+# Ldap Configuration.
+# Ldap Configuration.
+
+org.apache.jetspeed.ldap.initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
+org.apache.jetspeed.ldap.ldapServerName=localhost
+org.apache.jetspeed.ldap.ldapServerPort=389
+org.apache.jetspeed.ldap.rootDn=uid\=admin\,ou\=system
+org.apache.jetspeed.ldap.rootPassword=secret
+org.apache.jetspeed.ldap.rootContext=ou\=system
+#org.apache.jetspeed.ldap.defaultDnSuffix=
+#org.apache.jetspeed.ldap.ou.users=people
+#org.apache.jetspeed.ldap.ou.groups=groups
+#org.apache.jetspeed.ldap.ou.roles=roles
+
+# define the filters needed to search for roles/groups/users
+org.apache.jetspeed.ldap.RoleFilter=(objectclass=groupOfNames)
+org.apache.jetspeed.ldap.GroupFilter=(objectclass=groupOfUniqueNames)
+org.apache.jetspeed.ldap.UserFilter=(objectclass=inetorgperson)(objectclass=organizationalPerson)
+
+org.apache.jetspeed.ldap.UserAuthenticationFiler=(&(uid=%u)(objectclass=inetorgperson))
+
+# define the way role membership occurs
+# if RoleMembershipAttributes is used, membership attr will be stored on role
+# if UserRoleMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.RoleMembershipAttributes=member
+org.apache.jetspeed.ldap.UserRoleMembershipAttributes=
+
+# define the way group membership occurs
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipAttributes=member
+org.apache.jetspeed.ldap.UserGroupMembershipAttributes=
+
+# define the way group membership occurs 
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes=
+org.apache.jetspeed.ldap.RoleGroupMembershipForRoleAttributes=member
+
+
+
+# define the default search base. (=rootContext)
+org.apache.jetspeed.ldap.DefaultSearchBase=
+
+# define the path to roles,groups and users
+# needs to be defined without the defaultsearchbase
+org.apache.jetspeed.ldap.RoleFilterBase=ou=Roles\,ou=OrgUnit1
+org.apache.jetspeed.ldap.GroupFilterBase=ou=Groups\,ou=OrgUnit1
+org.apache.jetspeed.ldap.UserFilterBase=ou=People\,ou=OrgUnit1
+
+org.apache.jetspeed.ldap.RoleObjectClasses=top\,groupOfNames
+org.apache.jetspeed.ldap.GroupObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.UserObjectClasses=top\,person\,organizationalPerson\,inetorgperson
+
+org.apache.jetspeed.ldap.roleObjectRequiredAttributeClasses=member
+org.apache.jetspeed.ldap.groupObjectRequiredAttributeClasses=uniqueMember
+
+
+# define the ID attribute used to search roles/groups/users
+org.apache.jetspeed.ldap.RoleIdAttribute=cn
+org.apache.jetspeed.ldap.GroupIdAttribute=cn
+org.apache.jetspeed.ldap.UserIdAttribute=cn
+
+org.apache.jetspeed.ldap.UidAttribute=uid
+org.apache.jetspeed.ldap.MemberShipSearchScope=1
+
+org.apache.jetspeed.ldap.roleUidAttribute=cn
+org.apache.jetspeed.ldap.groupUidAttribute=cn
+org.apache.jetspeed.ldap.userUidAttribute=uid	
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup4/security-spi-ldap.xml
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup4/security-spi-ldap.xml	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup4/security-spi-ldap.xml	(revision 0)
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Ldap Configuration ************** -->
+  <bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig"
+      class="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig">
+      <!-- The LDAP initial context factory. -->
+      <constructor-arg index="0"><value>com.sun.jndi.ldap.LdapCtxFactory</value></constructor-arg>
+      <!-- The LDAP server name. -->
+      <constructor-arg index="1"><value>localhost</value></constructor-arg>
+      <!-- The LDAP server port. -->
+      <constructor-arg index="2"><value>389</value></constructor-arg>
+      <!-- The LDAP server default dn suffix. -->
+      <constructor-arg index="3"><value></value></constructor-arg>
+      <!-- The LDAP server root context. -->
+      <constructor-arg index="4"><value>o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root dn. -->
+      <constructor-arg index="5"><value>cn=Manager,o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root password. -->
+      <constructor-arg index="6"><value>secret</value></constructor-arg>
+      <!-- The roles filter. -->
+      <constructor-arg index="7"><value>(objectclass=groupOfNames))</value></constructor-arg>
+      <!-- The groups filter. -->
+      <constructor-arg index="8"><value>(objectClass=groupOfUniqueNames)</value></constructor-arg>
+      <!-- The user filter. -->
+      <constructor-arg index="9"><value>(objectclass=inetorgperson)</value></constructor-arg>
+      <!-- The userAuthenticationFiler. -->
+      <constructor-arg index="10"><value>(&amp;(uid=%u)(objectclass=inetorgperson))</value></constructor-arg>
+      <!-- The roleMembershipAttributes. -->
+      <constructor-arg index="11"><value></value></constructor-arg>
+      <!-- The userRoleMembershipAttributes. -->
+      <constructor-arg index="12"><value>memberOf</value></constructor-arg>
+      <!-- The groupMembershipAttributes. -->
+      <constructor-arg index="13"><value></value></constructor-arg>
+      <!-- The userGroupMembershipAttributes. -->
+      <constructor-arg index="14"><value>memberOf</value></constructor-arg>
+      <!-- The groupMembershipForRoleAttributes. -->
+      <constructor-arg index="15"><value></value></constructor-arg>
+      <!-- The roleGroupMembershipForRoleAttributes. -->
+      <constructor-arg index="16"><value>member</value></constructor-arg>      
+      <!-- The defaultSearchBase. -->
+      <constructor-arg index="17"><value></value></constructor-arg>
+      <!-- The roleFilterBase. -->
+      <constructor-arg index="18"><value>ou=roles,ou=orgunit1</value></constructor-arg>
+      <!-- The groupFilterBase. -->
+      <constructor-arg index="19"><value>ou=groups,ou=orgunit1</value></constructor-arg>
+      <!-- The userFilterBase. -->
+      <constructor-arg index="20"><value>ou=people,ou=orgunit1</value></constructor-arg>
+      <!-- The roleObjectClasses. -->
+      <constructor-arg index="21"><value>top,groupOfNames</value></constructor-arg>
+      <!-- The groupObjectClasses. -->
+      <constructor-arg index="22"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The userObjectClasses. -->
+      <constructor-arg index="23"><value>top,person,organizationalPerson,inetorgperson</value></constructor-arg>
+      <!-- The roleIdAttribute. -->
+      <constructor-arg index="24"><value>cn</value></constructor-arg>
+      <!-- The groupIdAttribute. -->
+      <constructor-arg index="25"><value>cn</value></constructor-arg>
+	  	<!-- The userIdAttribute. -->
+      <constructor-arg index="26"><value>cn</value></constructor-arg>
+      <!-- The UidAttribute. -->
+      <constructor-arg index="27"><value>uid</value></constructor-arg>
+      <!-- The MemberShipSearchScope. -->
+      <constructor-arg index="28"><value>1</value></constructor-arg>
+      <!-- The roleUidAttribute. -->
+      <constructor-arg index="29"><value>cn</value></constructor-arg>
+      <!-- The groupUidAttribute. -->
+      <constructor-arg index="30"><value>cn</value></constructor-arg>
+	  <!-- The userUidAttribute. -->
+      <constructor-arg index="31"><value>uid</value></constructor-arg>
+	  <!-- The roleObjectRequiredAttributeClasses. -->
+      <constructor-arg index="32"><value>member</value></constructor-arg>
+	  <!-- The groupObjectRequiredAttributeClasses. -->
+      <constructor-arg index="33"><value>uniqueMember</value></constructor-arg>
+  </bean>
+
+</beans>
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup5/company-openldap.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup5/company-openldap.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup5/company-openldap.ldif	(revision 0)
@@ -0,0 +1,228 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+# Execute this file using the ldapadd command.
+#
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: cn=admin,ou=People,ou=OrgUnit1
+uniqueMember: cn=OrgUnit1User1,ou=people,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=OrgUnit1User2,ou=people,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=Role1,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=Role2,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=Role3,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=admin,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=manager,ou=roles,ou=orgunit1,o=sevenSeas
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+uniqueMember: cn=admin,ou=People,ou=OrgUnit1
+uniqueMember: cn=Role1,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=Role2,ou=roles,ou=orgunit1,o=sevenSeas
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+uniqueMember: cn=Role1,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=Role2,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=Role3,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=admin,ou=roles,ou=orgunit1,o=sevenSeas
+uniqueMember: cn=manager,ou=roles,ou=orgunit1,o=sevenSeas
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:cn=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfNames
+member: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: cn=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1
+
+dn: cn=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2
+
+dn: cn=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1
+
+dn: cn=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2
+
+
+dn: cn=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1
+
+dn: cn=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2
+
+dn: cn=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup5/company1.ldif
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup5/company1.ldif	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup5/company1.ldif	(revision 0)
@@ -0,0 +1,210 @@
+# Sample LDIF file for populating Lotus LDAP Server
+#
+# Group objectClass = groupOfUniqueNames
+# Role objectClass = groupOfUniqueNames
+#
+# Roles and groups have an empty uniqueMember attribute (required by schema)
+#
+dn: ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: organizationalunit
+ou: OrgUnit1
+
+dn: ou=OrgUnit2,o=sevenSeas
+ou: OrgUnit2
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=OrgUnit3,o=sevenSeas
+ou: OrgUnit3
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit1,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit1,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit1,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: ou=People,ou=OrgUnit2,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit2,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit2,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=People,ou=OrgUnit3,o=sevenSeas
+ou: People
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Groups,ou=OrgUnit3,o=sevenSeas
+ou: Groups
+objectClass: top
+objectClass: organizationalunit
+
+dn: ou=Roles,ou=OrgUnit3,o=sevenSeas
+ou: Roles
+objectClass: top
+objectClass: organizationalunit
+
+
+dn: cn=Group1,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1
+cn: Group1
+
+dn: cn=Group2,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group2
+
+dn: cn=Group3,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Group3
+
+dn: cn=admin,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: admin
+
+dn: cn=manager,ou=Groups,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:uid=admin,ou=People,ou=OrgUnit1
+cn: manager
+
+dn: cn=Role1,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role1
+
+
+dn: cn=Role2,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role2
+
+
+dn: cn=Role3,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember:
+cn: Role3
+
+dn: cn=admin,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: admin
+
+dn: cn=manager,ou=Roles,ou=OrgUnit1,o=sevenSeas
+objectClass: top
+objectClass: groupOfUniqueNames
+uniqueMember: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+cn: manager
+
+dn: uid=OrgUnit1User1,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User1
+givenName: OrgUnit1User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User1
+cn: OrgUnit1User1 OrgUnit1User1
+
+dn: uid=OrgUnit1User2,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: OrgUnit1User2
+givenName: OrgUnit1User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit1User2
+cn: OrgUnit1User2 OrgUnit1User2
+
+dn: uid=OrgUnit2User1,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User1
+givenName: OrgUnit2User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User1
+cn: OrgUnit2User1 OrgUnit2User1
+
+dn: uid=OrgUnit2User2,ou=People,ou=OrgUnit2,o=sevenSeas
+uid: OrgUnit2User2
+givenName: OrgUnit2User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit2User2
+cn: OrgUnit2User2 OrgUnit2User2
+
+
+dn: uid=OrgUnit3User1,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User1
+givenName: OrgUnit3User1
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User1
+cn: OrgUnit3User1 OrgUnit3User1
+
+dn: uid=OrgUnit3User2,ou=People,ou=OrgUnit3,o=sevenSeas
+uid: OrgUnit3User2
+givenName: OrgUnit3User2
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: x
+sn: OrgUnit3User2
+cn: OrgUnit3User2 OrgUnit3User2
+
+dn: uid=admin,ou=People,ou=OrgUnit1,o=sevenSeas
+uid: admin
+givenName: admin
+objectClass: top
+objectClass: person
+objectClass: organizationalPerson
+objectClass: inetorgperson
+userPassword: admin
+sn: admin
+cn: admin admin
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup5/ldap.properties
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup5/ldap.properties	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup5/ldap.properties	(revision 0)
@@ -0,0 +1,70 @@
+# Ldap Configuration.
+# Ldap Configuration.
+
+org.apache.jetspeed.ldap.initialContextFactory=com.sun.jndi.ldap.LdapCtxFactory
+org.apache.jetspeed.ldap.ldapServerName=localhost
+org.apache.jetspeed.ldap.ldapServerPort=389
+org.apache.jetspeed.ldap.rootDn=uid\=admin\,ou\=system
+org.apache.jetspeed.ldap.rootPassword=secret
+org.apache.jetspeed.ldap.rootContext=ou\=system
+#org.apache.jetspeed.ldap.defaultDnSuffix=
+#org.apache.jetspeed.ldap.ou.users=people
+#org.apache.jetspeed.ldap.ou.groups=groups
+#org.apache.jetspeed.ldap.ou.roles=roles
+
+# define the filters needed to search for roles/groups/users
+org.apache.jetspeed.ldap.RoleFilter=(objectclass=groupOfNames)
+org.apache.jetspeed.ldap.GroupFilter=(objectclass=groupOfUniqueNames)
+org.apache.jetspeed.ldap.UserFilter=(objectclass=inetorgperson)(objectclass=organizationalPerson)
+
+org.apache.jetspeed.ldap.UserAuthenticationFiler=(&(uid=%u)(objectclass=inetorgperson))
+
+# define the way role membership occurs
+# if RoleMembershipAttributes is used, membership attr will be stored on role
+# if UserRoleMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.RoleMembershipAttributes=
+org.apache.jetspeed.ldap.UserRoleMembershipAttributes=member
+
+# define the way group membership occurs
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipAttributes=
+org.apache.jetspeed.ldap.UserGroupMembershipAttributes=member
+
+# define the way group membership occurs 
+# if GroupMembershipAttributes is used, membership attr will be stored on group
+# if UserGroupMembershipAttributes is used, membership attr will be stored on user
+org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes=
+org.apache.jetspeed.ldap.RoleGroupMembershipForRoleAttributes=member
+
+
+
+# define the default search base. (=rootContext)
+org.apache.jetspeed.ldap.DefaultSearchBase=
+
+# define the path to roles,groups and users
+# needs to be defined without the defaultsearchbase
+org.apache.jetspeed.ldap.RoleFilterBase=ou=Roles\,ou=OrgUnit1
+org.apache.jetspeed.ldap.GroupFilterBase=ou=Groups\,ou=OrgUnit1
+org.apache.jetspeed.ldap.UserFilterBase=ou=People\,ou=OrgUnit1
+
+org.apache.jetspeed.ldap.RoleObjectClasses=top\,groupOfNames
+org.apache.jetspeed.ldap.GroupObjectClasses=top\,groupOfUniqueNames
+org.apache.jetspeed.ldap.UserObjectClasses=top\,person\,organizationalPerson\,inetorgperson
+
+# define the required attributes for roles/groups
+org.apache.jetspeed.ldap.roleObjectRequiredAttributeClasses=member
+org.apache.jetspeed.ldap.groupObjectRequiredAttributeClasses=uniqueMember
+
+
+# define the ID attribute used to search roles/groups/users
+org.apache.jetspeed.ldap.RoleIdAttribute=cn
+org.apache.jetspeed.ldap.GroupIdAttribute=cn
+org.apache.jetspeed.ldap.UserIdAttribute=cn
+
+org.apache.jetspeed.ldap.UidAttribute=uid
+org.apache.jetspeed.ldap.MemberShipSearchScope=1
+
+org.apache.jetspeed.ldap.roleUidAttribute=cn
+org.apache.jetspeed.ldap.groupUidAttribute=cn
+org.apache.jetspeed.ldap.userUidAttribute=uid	
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup5/security-spi-ldap.xml
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup5/security-spi-ldap.xml	(revision 0)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/setup5/security-spi-ldap.xml	(revision 0)
@@ -0,0 +1,93 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
+<!--
+Copyright 2004 The Apache Software Foundation
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+-->
+<beans>
+
+  <!-- ************** Ldap Configuration ************** -->
+  <bean id="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig"
+      class="org.apache.jetspeed.security.spi.impl.ldap.LdapBindingConfig">
+      <!-- The LDAP initial context factory. -->
+      <constructor-arg index="0"><value>com.sun.jndi.ldap.LdapCtxFactory</value></constructor-arg>
+      <!-- The LDAP server name. -->
+      <constructor-arg index="1"><value>localhost</value></constructor-arg>
+      <!-- The LDAP server port. -->
+      <constructor-arg index="2"><value>389</value></constructor-arg>
+      <!-- The LDAP server default dn suffix. -->
+      <constructor-arg index="3"><value></value></constructor-arg>
+      <!-- The LDAP server root context. -->
+      <constructor-arg index="4"><value>o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root dn. -->
+      <constructor-arg index="5"><value>cn=Manager,o=sevenSeas</value></constructor-arg>
+      <!-- The LDAP server root password. -->
+      <constructor-arg index="6"><value>secret</value></constructor-arg>
+      <!-- The roles filter. -->
+      <constructor-arg index="7"><value>(objectclass=groupOfNames))</value></constructor-arg>
+      <!-- The groups filter. -->
+      <constructor-arg index="8"><value>(objectClass=groupOfUniqueNames)</value></constructor-arg>
+      <!-- The user filter. -->
+      <constructor-arg index="9"><value>(objectclass=inetorgperson)</value></constructor-arg>
+      <!-- The userAuthenticationFiler. -->
+      <constructor-arg index="10"><value>(&amp;(uid=%u)(objectclass=inetorgperson))</value></constructor-arg>
+      <!-- The roleMembershipAttributes. -->
+      <constructor-arg index="11"><value>member</value></constructor-arg>
+      <!-- The userRoleMembershipAttributes. -->
+      <constructor-arg index="12"><value></value></constructor-arg>
+      <!-- The groupMembershipAttributes. -->
+      <constructor-arg index="13"><value>uniqueMember</value></constructor-arg>
+      <!-- The userGroupMembershipAttributes. -->
+      <constructor-arg index="14"><value></value></constructor-arg>
+      <!-- The groupMembershipForRoleAttributes. -->
+      <constructor-arg index="15"><value>uniqueMember</value></constructor-arg>
+      <!-- The roleGroupMembershipForRoleAttributes. -->
+      <constructor-arg index="16"><value></value></constructor-arg>      
+      <!-- The defaultSearchBase. -->
+      <constructor-arg index="17"><value></value></constructor-arg>
+      <!-- The roleFilterBase. -->
+      <constructor-arg index="18"><value>ou=roles,ou=orgunit1</value></constructor-arg>
+      <!-- The groupFilterBase. -->
+      <constructor-arg index="19"><value>ou=groups,ou=orgunit1</value></constructor-arg>
+      <!-- The userFilterBase. -->
+      <constructor-arg index="20"><value>ou=people,ou=orgunit1</value></constructor-arg>
+      <!-- The roleObjectClasses. -->
+      <constructor-arg index="21"><value>top,groupOfNames</value></constructor-arg>
+      <!-- The groupObjectClasses. -->
+      <constructor-arg index="22"><value>top,groupOfUniqueNames</value></constructor-arg>
+      <!-- The userObjectClasses. -->
+      <constructor-arg index="23"><value>top,person,organizationalPerson,inetorgperson</value></constructor-arg>
+      <!-- The roleIdAttribute. -->
+      <constructor-arg index="24"><value>cn</value></constructor-arg>
+      <!-- The groupIdAttribute. -->
+      <constructor-arg index="25"><value>cn</value></constructor-arg>
+	  	<!-- The userIdAttribute. -->
+      <constructor-arg index="26"><value>cn</value></constructor-arg>
+      <!-- The UidAttribute. -->
+      <constructor-arg index="27"><value>uid</value></constructor-arg>
+      <!-- The MemberShipSearchScope. -->
+      <constructor-arg index="28"><value>1</value></constructor-arg>
+      <!-- The roleUidAttribute. -->
+      <constructor-arg index="29"><value>cn</value></constructor-arg>
+      <!-- The groupUidAttribute. -->
+      <constructor-arg index="30"><value>cn</value></constructor-arg>
+	  <!-- The userUidAttribute. -->
+      <constructor-arg index="31"><value>uid</value></constructor-arg>
+	  <!-- The roleObjectRequiredAttributeClasses. -->
+      <constructor-arg index="32"><value>member</value></constructor-arg>
+	  <!-- The groupObjectRequiredAttributeClasses. -->
+      <constructor-arg index="33"><value>uniqueMember</value></constructor-arg>
+  </bean>
+
+</beans>
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/security-spi-ldap.xml
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/security-spi-ldap.xml	(revision 466416)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/test/JETSPEED-INF/directory/config/apacheds/security-spi-ldap.xml	(working copy)
@@ -77,6 +77,17 @@
       <constructor-arg index="25"><value>cn</value></constructor-arg>
 	  <!-- The userIdAttribute. -->
       <constructor-arg index="26"><value>uid</value></constructor-arg>
+      <!-- The UidAttribute. -->
+      <constructor-arg index="27"><value>uid</value></constructor-arg>
+      <!-- The MemberShipSearchScope. -->
+      <constructor-arg index="28"><value>1</value></constructor-arg>
+      <!-- The roleUidAttribute. -->
+      <constructor-arg index="29"><value>cn</value></constructor-arg>
+      <!-- The groupUidAttribute. -->
+      <constructor-arg index="30"><value>cn</value></constructor-arg>
+	  <!-- The userUidAttribute. -->
+      <constructor-arg index="31"><value>uid</value></constructor-arg>
+         
 </bean>
 
 </beans>
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserCredentialDaoImpl.java
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserCredentialDaoImpl.java	(revision 466416)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserCredentialDaoImpl.java	(working copy)
@@ -29,6 +29,7 @@
 import javax.naming.directory.SearchControls;
 import javax.naming.directory.SearchResult;
 
+import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.jetspeed.security.SecurityException;
@@ -80,7 +81,9 @@
     {
         validateUid(uid);
         validatePassword(password);
+        logger.debug("changePassword for " + uid + " with " + password);
         String userDn = lookupByUid(uid);
+        logger.debug("userDn = " + userDn);
         try
         {
             setPassword(userDn, password);
@@ -113,9 +116,16 @@
 			String savedPassword = String.valueOf(getPassword(uid));
 			String oldCredential = (String)env.get(Context.SECURITY_CREDENTIALS);
 			String oldUsername = (String)env.get(Context.SECURITY_PRINCIPAL);
-			env.put(Context.SECURITY_PRINCIPAL,"uid=" + uid + "," + getUserFilterBase() + "," + getRootContext());
+			
+			String principal = getEntryPrefix() + "=" + uid;
+			if (!StringUtils.isEmpty(getUserFilterBase()))
+				principal+="," + getUserFilterBase();
+			if (!StringUtils.isEmpty(getRootContext()))
+				principal+="," + getRootContext();
+			
+			env.put(Context.SECURITY_PRINCIPAL,principal);
 			env.put(Context.SECURITY_CREDENTIALS,password);
-			InitialContext ctx = new InitialContext(env);
+			new InitialContext(env);
 			env.put(Context.SECURITY_PRINCIPAL,oldUsername);
 			env.put(Context.SECURITY_CREDENTIALS,oldCredential);
 			return true;
@@ -160,7 +170,11 @@
      */
     private void setPassword(final String userDn, final String password) throws NamingException
     {
+    	logger.debug("setPassword userDn = " + userDn);
         String rdn = getSubcontextName(userDn);
+        if (!StringUtils.isEmpty(getUserFilterBase()))
+        	rdn+="," + getUserFilterBase();
+        logger.debug("setPassword rdn = " + rdn);
         Attributes attrs = new BasicAttributes(false);
 
         attrs.put("userPassword", password);
@@ -277,7 +291,7 @@
     }
 
 	protected String getEntryPrefix() {
-		return "uid";
+		return this.getUserIdAttribute();
 	}
 	
 	protected String getSearchSuffix() {
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapBindingConfig.java
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapBindingConfig.java	(revision 466416)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapBindingConfig.java	(working copy)
@@ -65,6 +65,9 @@
 	private String roleIdAttribute;
 	private String groupIdAttribute;
 	private String userIdAttribute;
+	
+	private String uidAttribute;
+	private String memberShipSearchScope;
 
 	private String[] roleObjectClasses;
 
@@ -74,8 +77,15 @@
 
 	private String roleGroupMembershipForRoleAttributes;
 
-	private String groupMembershipForRoleAttributes;	
+	private String groupMembershipForRoleAttributes;
 
+	private String roleUidAttribute;
+	private String groupUidAttribute;
+	private String userUidAttribute;	
+	
+	private String roleObjectRequiredAttributeClasses;
+	private String groupObjectRequiredAttributeClasses;
+
     /**
      * @param factory The initial context factory.
      * @param name The ldap server name.
@@ -113,7 +123,14 @@
 			String userObjectClasses,			
 			String roleIdAttribute,
 			String groupIdAttribute,
-			String userIdAttribute)    
+			String userIdAttribute,
+			String uidAttribute,
+			String memberShipSearchScope,
+			String roleUidAttribute,
+			String groupUidAttribute,
+			String userUidAttribute,
+			String roleObjectRequiredAttributeClasses,
+			String groupObjectRequiredAttributeClasses)    
     {
         try
         {
@@ -153,6 +170,17 @@
     		this.groupIdAttribute=groupIdAttribute;
     		this.userIdAttribute=userIdAttribute;
     		
+    		this.uidAttribute = uidAttribute;
+    		this.memberShipSearchScope=memberShipSearchScope;
+    		
+
+    		this.roleUidAttribute=roleUidAttribute;
+    		this.groupUidAttribute=groupUidAttribute;
+    		this.userUidAttribute=userUidAttribute;	    		
+    		
+    		this.roleObjectRequiredAttributeClasses=roleObjectRequiredAttributeClasses;
+    		this.groupObjectRequiredAttributeClasses=groupObjectRequiredAttributeClasses;
+    		
             new InitLdapSchema(this);
         }
         catch (SecurityException se)
@@ -175,7 +203,7 @@
     {
         try
         {
-            props = new PropertiesConfiguration("JETSPEED-INF/ldap/" + ldapType + "/ldap.properties");
+            props = new PropertiesConfiguration("JETSPEED-INF/directory/config/" + ldapType + "/ldap.properties");
             initialContextFactory = props.getString("org.apache.jetspeed.ldap.initialContextFactory");
             ldapServerName = props.getString("org.apache.jetspeed.ldap.ldapServerName");
             ldapServerPort = props.getString("org.apache.jetspeed.ldap.ldapServerPort");
@@ -199,6 +227,7 @@
             groupMembershipForRoleAttributes=props.getString("org.apache.jetspeed.ldap.GroupMembershipForRoleAttributes");
             roleGroupMembershipForRoleAttributes=props.getString("org.apache.jetspeed.ldap.RoleGroupMembershipForRoleAttributes");
 
+            
             defaultSearchBase=props.getString("org.apache.jetspeed.ldap.DefaultSearchBase");
             
             roleFilterBase=props.getString("org.apache.jetspeed.ldap.RoleFilterBase");
@@ -213,6 +242,16 @@
             groupIdAttribute=props.getString("org.apache.jetspeed.ldap.GroupIdAttribute");
             userIdAttribute=props.getString("org.apache.jetspeed.ldap.UserIdAttribute");
 
+            uidAttribute =props.getString("org.apache.jetspeed.ldap.UidAttribute");
+            memberShipSearchScope = props.getString("org.apache.jetspeed.ldap.MemberShipSearchScope");
+            
+    		this.roleUidAttribute=props.getString("org.apache.jetspeed.ldap.roleUidAttribute");
+    		this.groupUidAttribute=props.getString("org.apache.jetspeed.ldap.groupUidAttribute");
+    		this.userUidAttribute=props.getString("org.apache.jetspeed.ldap.userUidAttribute");
+
+    		this.roleObjectRequiredAttributeClasses=props.getString("org.apache.jetspeed.ldap.roleObjectRequiredAttributeClasses");
+    		this.groupObjectRequiredAttributeClasses=props.getString("org.apache.jetspeed.ldap.groupObjectRequiredAttributeClasses");
+    		
             new InitLdapSchema(this);
         }
         catch (ConfigurationException ce)
@@ -499,6 +538,63 @@
 
 	public void setGroupMembershipForRoleAttributes(String groupMembershipForRoleAttributes) {
 		this.groupMembershipForRoleAttributes=groupMembershipForRoleAttributes;
+	}
+
+	public String getUidAttribute() {
+		return uidAttribute;
+	}
+
+	public void setUidAttribute(String uidAttribute) {
+		this.uidAttribute = uidAttribute;
+	}
+
+	public String getMemberShipSearchScope() {
+		return memberShipSearchScope;
+	}
+
+	public void setMemberShipSearchScope(String memberShipSearchScope) {
+		this.memberShipSearchScope = memberShipSearchScope;
+	}
+
+	public String getRoleUidAttribute() {
+		return this.roleUidAttribute;
+	}
+
+	public void setRoleUidAttribute(String roleUidAttribute) {
+		this.roleUidAttribute = roleUidAttribute;
+	}
+	
+	public String getGroupUidAttribute() {
+		return this.groupUidAttribute;
+	}
+
+	public void setGroupUidAttribute(String groupUidAttribute) {
+		this.groupUidAttribute = groupUidAttribute;
+	}
+
+	public String getUserUidAttribute() {
+		return this.userUidAttribute;
+	}		
+	
+	public void setUserUidAttribute(String userUidAttribute) {
+		this.userUidAttribute = userUidAttribute;
+	}
+
+	public String getGroupObjectRequiredAttributeClasses() {
+		return groupObjectRequiredAttributeClasses;
+	}
+
+	public void setGroupObjectRequiredAttributeClasses(
+			String groupObjectRequiredAttributeClasses) {
+		this.groupObjectRequiredAttributeClasses = groupObjectRequiredAttributeClasses;
+	}
+
+	public String getRoleObjectRequiredAttributeClasses() {
+		return roleObjectRequiredAttributeClasses;
+	}
+
+	public void setRoleObjectRequiredAttributeClasses(
+			String roleObjectRequiredAttributeClasses) {
+		this.roleObjectRequiredAttributeClasses = roleObjectRequiredAttributeClasses;
 	}	
-	
 }
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapMemberShipDaoImpl.java
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapMemberShipDaoImpl.java	(revision 466416)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapMemberShipDaoImpl.java	(working copy)
@@ -6,7 +6,6 @@
 import java.util.Iterator;
 import java.util.List;
 
-import javax.naming.Name;
 import javax.naming.NamingEnumeration;
 import javax.naming.NamingException;
 import javax.naming.directory.Attribute;
@@ -16,10 +15,8 @@
 import javax.naming.directory.DirContext;
 import javax.naming.directory.SearchControls;
 import javax.naming.directory.SearchResult;
-/* TODO: Java 5 dependency, needs to be resolved for Java 1.4 first before this can be enabled again
-import javax.naming.ldap.LdapName;
-*/
 
+import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.jetspeed.security.SecurityException;
@@ -43,20 +40,28 @@
 	 * @see org.apache.jetspeed.security.spi.impl.ldap.LdapMembershipDao#searchGroupMemberShipByGroup(java.lang.String, javax.naming.directory.SearchControls)
 	 */
 	public String[] searchGroupMemberShipByGroup(final String userPrincipalUid, SearchControls cons) throws NamingException {
-		String subfilter = "uid=" + userPrincipalUid + "," + getUserFilterBase() + "," + getRootContext(); 
+		String subfilter = getUserIdAttribute() + "=" + userPrincipalUid;
+		
+		if (!StringUtils.isEmpty(getUserFilterBase()))
+			subfilter+="," + getUserFilterBase();
+		
+		if (!StringUtils.isEmpty(getRootContext()))
+			subfilter+="," + getRootContext(); 
+		
 		String query = "(&(" + getGroupMembershipAttribute() + "=" + subfilter + ")" + getGroupFilter()  + ")";
 		
 	    if (logger.isDebugEnabled())
 	    {
 	        logger.debug("query[" + query + "]");
 	    }
+	    //TODO: see if this doesn't break anything
+	    String searchBase = "";
+	    if (!StringUtils.isEmpty(getGroupFilterBase()))
+	    	searchBase+=getGroupFilterBase();
+	    cons.setSearchScope(getSearchScope());
+	    NamingEnumeration searchResults = ((DirContext) ctx).search(searchBase,query , cons);	    
 
-/* TODO: Java 5 dependency, needs to be resolved for Java 1.4 first before this can be enabled again
-        Name name = new LdapName(getGroupFilterBase());
-	    NamingEnumeration searchResults = ((DirContext) ctx).search(name,query , cons);
-*/
 	   List groupPrincipalUids = new ArrayList();
-/*       
 	    while (searchResults.hasMore())
 	    {
 	        SearchResult result = (SearchResult) searchResults.next();
@@ -64,7 +69,6 @@
 	
 	        groupPrincipalUids.addAll(getAttributes(getAttribute(getGroupIdAttribute(), answer)));
 	    }
-*/        
 	    return (String[]) groupPrincipalUids.toArray(new String[groupPrincipalUids.size()]);
 	
 	}
@@ -80,8 +84,9 @@
 	        throw new NamingException("Could not find any user with uid[" + userPrincipalUid + "]");
 	    }
 	
+	    //TODO: when the roles & groups are in 
 	    Attributes userAttributes = getFirstUser(searchResults);
-	    List uids = getAttributes(getAttribute(getUserGroupMembershipAttribute(), userAttributes));
+	    List uids = getAttributes(getAttribute(getUserGroupMembershipAttribute(), userAttributes),getGroupFilterBase());
 	    return (String[]) uids.toArray(new String[uids.size()]);
 	}
 
@@ -89,7 +94,14 @@
 	 * @see org.apache.jetspeed.security.spi.impl.ldap.LdapMembershipDao#searchRoleMemberShipByRole(java.lang.String, javax.naming.directory.SearchControls)
 	 */
 	public String[] searchRoleMemberShipByRole(final String userPrincipalUid, SearchControls cons) throws NamingException {
-		String subfilter = "uid=" + userPrincipalUid + "," + getUserFilterBase() + "," + getRootContext(); 
+		String subfilter = getUserIdAttribute() + "=" + userPrincipalUid;
+		
+		if (!StringUtils.isEmpty(getUserFilterBase()))
+			subfilter += "," + getUserFilterBase();
+		
+		if (!StringUtils.isEmpty(getRootContext()))
+			subfilter += "," + getRootContext();
+
 		String query = "(&(" + getRoleMembershipAttribute() + "=" + subfilter + ")" + getRoleFilter()  + ")";
 		
 	    if (logger.isDebugEnabled())
@@ -97,12 +109,15 @@
 	        logger.debug("query[" + query + "]");
 	    }
 
-/* TODO: Java 5 dependency, needs to be resolved for Java 1.4 first before this can be enabled again
-	    Name name = new LdapName(getRoleFilterBase()) ;
-	    NamingEnumeration searchResults = ((DirContext) ctx).search(name,query , cons);
-*/	
+	    cons.setSearchScope(getSearchScope());
+	    
+	    //TODO: see if this doesn't break anything
+	    String searchBase = "";
+	    if (!StringUtils.isEmpty(getRoleFilterBase()))
+	    	searchBase+=getRoleFilterBase();
+	    cons.setSearchScope(getSearchScope());
+	    NamingEnumeration searchResults = ((DirContext) ctx).search(searchBase,query , cons);
 	    List rolePrincipalUids = new ArrayList();
-/*        
 	     while (searchResults.hasMore())
 	     {
 	    	 
@@ -111,7 +126,6 @@
 	
 	         rolePrincipalUids.addAll(getAttributes(getAttribute(getRoleIdAttribute(), answer)));
 	     }
-*/         
 	     return (String[]) rolePrincipalUids.toArray(new String[rolePrincipalUids.size()]);
 	}
 
@@ -134,37 +148,15 @@
 		        Iterator it = attrs.iterator();
 		        while(it.hasNext()) {
 		        	String cnfull = (String)it.next();
-		        	String cn = extractCn(cnfull);
-		        	newAttrs.add(cn);
+		        	if(cnfull.toLowerCase().indexOf(getRoleFilterBase().toLowerCase())!=-1) {
+			        	String cn = extractLdapAttr(cnfull,getRoleUidAttribute());
+			        	newAttrs.add(cn);
+		        	}
 		        }
 		//List uids = getAttributes(attr);
 		return (String[]) newAttrs.toArray(new String[newAttrs.size()]);
 	}
 
-//	/**
-//	 * <p>
-//	 * Search user by group.
-//	 * </p>
-//	 * 
-//	 * @param groupPrincipalUid
-//	 * @param cons
-//	 * @return
-//	 * @throws NamingException A {@link NamingException}.
-//	 */
-//	private NamingEnumeration searchRolesByGroup(final String rolePrincipalUid, SearchControls cons)
-//	        throws NamingException
-//	{
-//	    String query = "(&(cn=" + (rolePrincipalUid) + ")" + getRoleFilter() + ")";
-//	
-//	    if (logger.isDebugEnabled())
-//	    {
-//	        logger.debug("query[" + query + "]");
-//	    }
-//	    NamingEnumeration searchResults = ((DirContext) ctx).search("",query , cons);
-//	
-//	    return searchResults;
-//	}
-
 	/* (non-Javadoc)
 	 * @see org.apache.jetspeed.security.spi.impl.ldap.LdapMembershipDao#searchUsersFromGroupByGroup(java.lang.String, javax.naming.directory.SearchControls)
 	 */
@@ -181,7 +173,12 @@
 	    
 	    ArrayList userPrincipalUids=new ArrayList();
 	    
-	    NamingEnumeration results = ((DirContext) ctx).search("",query , cons);
+	    //TODO: see if this doesn't break anything
+	    String searchBase = "";
+	    if (!StringUtils.isEmpty(getGroupFilterBase()))
+	    	searchBase+=getGroupFilterBase();
+	    cons.setSearchScope(getSearchScope());
+	    NamingEnumeration results = ((DirContext) ctx).search(searchBase,query , cons);	    
 		
 	    while (results.hasMore())
 	    {
@@ -195,9 +192,12 @@
 	        Iterator it = attrs.iterator();
 	        while(it.hasNext()) {
 	        	String uidfull = (String)it.next();
-	        	String uid = extractUid(uidfull);
-	        	if (uidfull.indexOf(getUserFilterBase())!=-1)
-	        		newAttrs.add(uid);
+	        	if (!StringUtils.isEmpty(uidfull)) {
+		        	if (uidfull.toLowerCase().indexOf(getUserFilterBase().toLowerCase())!=-1) {
+			        	String uid = extractLdapAttr(uidfull,getUserIdAttribute());
+		        		newAttrs.add(uid);
+		        	}
+	        	}
 	        }
 	        userPrincipalUids.addAll(newAttrs);
 	    }
@@ -211,16 +211,24 @@
 	        throws NamingException
 	{
 		
-		String subfilter = getGroupIdAttribute() + "=" 	+  getGroupFilterBase(); 
-	    if (getGroupFilterBase()!=null && !getGroupFilterBase().equals("")) subfilter+="," + getGroupFilterBase();
-	    subfilter+="," + getRootContext();
+		String subfilter = getGroupIdAttribute() + "=" 	+  groupPrincipalUid; 
+	    if (!StringUtils.isEmpty(getGroupFilterBase())) 
+	    	subfilter+="," + getGroupFilterBase();
+	    if (!StringUtils.isEmpty(getRootContext())) 
+	    	subfilter+="," + getRootContext();
 		String query = "(&(" + getUserGroupMembershipAttribute() + "=" + subfilter + ")" + getUserFilter() + ")";
 	    if (logger.isDebugEnabled())
 	    {
 	        logger.debug("query[" + query + "]");
 	    }
-	    NamingEnumeration results = ((DirContext) ctx).search("", query, cons);
-	
+	    //TODO: see if this doesn't break anything
+	    String searchBase = "";
+	    if (!StringUtils.isEmpty(getRoleFilterBase()))
+	    	searchBase+=getRoleFilterBase();
+	    cons.setSearchScope(getSearchScope());
+	    //TODO: changed the searchdomain for openldap , uses ou=People (ommiting o=sevenSeas)
+	    NamingEnumeration results = ((DirContext) ctx).search(getSearchDomain(),query , cons);	    
+
 	    ArrayList userPrincipalUids = new ArrayList();
 	    
 	    while (results.hasMore())
@@ -228,7 +236,8 @@
 	        SearchResult result = (SearchResult) results.next();
 	        Attributes answer = result.getAttributes();
 	
-	        userPrincipalUids.addAll(getAttributes(getAttribute("uid", answer)));
+	        
+	        userPrincipalUids.addAll(getAttributes(getAttribute(getUserIdAttribute(), answer)));
 	    }
 	    return (String[]) userPrincipalUids.toArray(new String[userPrincipalUids.size()]);
 	}
@@ -245,7 +254,13 @@
 
 		ArrayList rolePrincipalUids = new ArrayList();
 
-		NamingEnumeration results = ((DirContext) ctx).search("", query, cons);
+	    //TODO: see if this doesn't break anything
+	    String searchBase = "";
+	    if (!StringUtils.isEmpty(getGroupFilterBase()))
+	    	searchBase+=getGroupFilterBase();
+	    //TODO: put this here for Domino ... wouldn't work otherwize.
+	    cons.setSearchScope(getSearchScope());
+	    NamingEnumeration results = ((DirContext) ctx).search(searchBase,query , cons);	    
 
 		while (results.hasMore()) {
 			SearchResult result = (SearchResult) results.next();
@@ -259,9 +274,20 @@
 			Iterator it = attrs.iterator();
 			while (it.hasNext()) {
 				String uidfull = (String) it.next();
-				String uid = extractUid(uidfull);
-				if (uidfull.indexOf(getRoleFilterBase())!=-1)
-					newAttrs.add(uid);
+
+				NamingEnumeration e = answer.get("objectClass").getAll();
+				while(e.hasMore()) {
+					Attribute attr = (Attribute)e.next();
+					logger.debug("--------------------" + attr.get().toString());
+					
+				}
+				
+				
+				if (!StringUtils.isEmpty(uidfull)) {
+					String uid = extractLdapAttr(uidfull,getRoleUidAttribute());
+					if (uidfull.toLowerCase().indexOf(getRoleFilterBase().toLowerCase())!=-1)
+						newAttrs.add(uid);
+				}
 			}
 			rolePrincipalUids.addAll(newAttrs);
 		}
@@ -279,23 +305,37 @@
 			SearchControls cons) throws NamingException {
 
 		String subfilter = getGroupIdAttribute() + "=" + groupPrincipalUid;
-		if (getGroupFilterBase() != null && !getGroupFilterBase().equals(""))
-			subfilter += "," + getGroupFilterBase() + "," + getRootContext();
-		String query = "(&(" + getRoleGroupMembershipForRoleAttribute() + "="
-				+ subfilter + ")" + getUserFilter() + ")";
+		if (!StringUtils.isEmpty(getGroupFilterBase()))
+			subfilter += "," + getGroupFilterBase();
+		
+		//TODO: openldap seems to create the following query :
+		// (&(uniqueMember=cn=group1,o=sevenSeas)(objectclass=inetorgperson)(objectclass=organizationalPerson))
+		// o=sevenSeas is not really necessary here since the openldap uniqueMember inserts on the 
+		// role object doesn't contain the root context --- SHOULDNT BE THE CASE ANYMORE .. UNCOMMENTING NOW.
+		if (!StringUtils.isEmpty(getRootContext()))
+			subfilter += "," + getRootContext();
+		
+		String query = "(&(" + getRoleGroupMembershipForRoleAttribute() + "=" + subfilter + ")" + getRoleFilter() + ")";
+		
+		
 		if (logger.isDebugEnabled()) {
 			logger.debug("query[" + query + "]");
 		}
-		NamingEnumeration results = ((DirContext) ctx).search("", query, cons);
+		
+	    //TODO: see if this doesn't break anything
+	    String searchBase = "";
+	    if (!StringUtils.isEmpty(getRoleFilterBase()))
+	    	searchBase+=getRoleFilterBase();
+	    cons.setSearchScope(getSearchScope());
+	    //TODO: changed to base search here for OpenLDAP ... CHECK TO SEE IF IT HOLDS !!!
+	    NamingEnumeration results = ((DirContext) ctx).search(getRoleFilterBase(),query , cons);	    
 
 		ArrayList userPrincipalUids = new ArrayList();
 
 		while (results.hasMore()) {
 			SearchResult result = (SearchResult) results.next();
 			Attributes answer = result.getAttributes();
-
-			userPrincipalUids
-					.addAll(getAttributes(getAttribute("uid", answer)));
+			userPrincipalUids.addAll(getAttributes(getAttribute(getUserIdAttribute(), answer)));
 		}
 		return (String[]) userPrincipalUids
 				.toArray(new String[userPrincipalUids.size()]);
@@ -317,7 +357,12 @@
 	    
 	    ArrayList userPrincipalUids=new ArrayList();
 	    
-	    NamingEnumeration results = ((DirContext) ctx).search("",query , cons);
+	    //TODO: see if this doesn't break anything
+	    String searchBase = "";
+	    if (!StringUtils.isEmpty(getRoleFilterBase()))
+	    	searchBase+=getRoleFilterBase();
+	    cons.setSearchScope(getSearchScope());
+	    NamingEnumeration results = ((DirContext) ctx).search(searchBase,query , cons);	    
 		
 	    while (results.hasMore())
 	    {
@@ -333,13 +378,12 @@
 	        Iterator it = attrs.iterator();
 	        while(it.hasNext()) {
 	        	String uidfull = (String)it.next();
-	        	String uid = extractUid(uidfull);
-	        	newAttrs.add(uid);
+	        	if (!StringUtils.isEmpty(uidfull)) {	        	
+		        	String uid = extractLdapAttr(uidfull,getUserUidAttribute());
+		        	newAttrs.add(uid);
+	        	}
 	        }
 	        userPrincipalUids.addAll(newAttrs);
-
-	        
-	        //userPrincipalUids.addAll(cUserPrincipalUid);
 	    }
 	    return (String[]) userPrincipalUids.toArray(new String[userPrincipalUids.size()]);
 	}
@@ -351,25 +395,32 @@
 	throws NamingException
 	{
 	
-		//TODO: rename params / vars !!!
+		//TODO: changed this for openldap, includes o=sevenSeas in membership searches.
 		String subfilter = getRoleIdAttribute() + "=" + rolePrincipalUid; 
-		if (getRoleFilterBase()!=null && !getRoleFilterBase().equals("")) subfilter+="," + getRoleFilterBase();
-		subfilter+="," + getRootContext();
+		if (!StringUtils.isEmpty(getRoleFilterBase())) 
+			subfilter+="," + getRoleFilterBase();
+		if (!StringUtils.isEmpty(getRootContext())) 
+			subfilter+="," + getRootContext();
+
 		String query = "(&(" + getUserRoleMembershipAttribute() + "=" + subfilter + ")" + getUserFilter() + ")";
 		if (logger.isDebugEnabled())
 		{
 		    logger.debug("query[" + query + "]");
 		}
-		NamingEnumeration results = ((DirContext) ctx).search("", query, cons);
-		
+	    //TODO: see if this doesn't break anything
+	    String searchBase = "";
+	    if (!StringUtils.isEmpty(getRoleFilterBase()))
+	    	searchBase+=getRoleFilterBase();
+	    cons.setSearchScope(getSearchScope());
+	    NamingEnumeration results = ((DirContext) ctx).search(getSearchDomain(),query , cons);	    
+
 		ArrayList userPrincipalUids = new ArrayList();
 		
 		while (results.hasMore())
 		{
 		    SearchResult result = (SearchResult) results.next();
 		    Attributes answer = result.getAttributes();
-		
-		    userPrincipalUids.addAll(getAttributes(getAttribute("uid", answer)));
+		    userPrincipalUids.addAll(getAttributes(getAttribute(getUserIdAttribute(), answer)));
 		}
 		return (String[]) userPrincipalUids.toArray(new String[userPrincipalUids.size()]);
 	}
@@ -382,13 +433,27 @@
      */
     protected List getAttributes(Attribute attr) throws NamingException
     {
+    	return getAttributes(attr, null);
+    }
+    /**
+     * @param attr
+     * @return
+     * @throws NamingException
+     */
+    protected List getAttributes(Attribute attr,String filter) throws NamingException
+    {
         List uids = new ArrayList();
         if (attr != null)
         {
             Enumeration groupUidEnum = attr.getAll();
             while (groupUidEnum.hasMoreElements())
             {
-                uids.add(groupUidEnum.nextElement());
+            	String groupDN = (String)groupUidEnum.nextElement();
+            	if (filter==null) {
+            		uids.add(groupDN);
+            	} else if (filter!=null && groupDN.toLowerCase().indexOf(filter.toLowerCase())!=-1) {
+            		uids.add(groupDN);
+            	}
             }
         }
         return uids;
@@ -440,12 +505,12 @@
 	}
 
 	/**
-	     * @see org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDaoImpl#getDnSuffix()
-	     */
-	    protected String getDnSuffix()
-	    {
-	        return this.getUserFilterBase();
-	    }
+     * @see org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDaoImpl#getDnSuffix()
+     */
+    protected String getDnSuffix()
+    {
+        return this.getUserFilterBase();
+    }
 
 	/**
 	 * <p>
@@ -460,21 +525,21 @@
 	    return new UserPrincipalImpl(principalUid);
 	}    
 	
-	private String extractUid(String ldapName) {
+	private String extractLdapAttr(String ldapName,String ldapAttrName) {
 		if (ldapName.indexOf(",")!=-1)
-			return ldapName.substring(ldapName.indexOf("uid=")+4,ldapName.indexOf(","));
-		return ldapName.substring(ldapName.indexOf("uid=")+4,ldapName.length());
+			return ldapName.substring(ldapName.toLowerCase().indexOf(ldapAttrName.toLowerCase())+ldapAttrName.length()+1,ldapName.indexOf(","));
+		return ldapName.substring(ldapName.toLowerCase().indexOf(ldapAttrName.toLowerCase())+ldapAttrName.length()+1,ldapName.length());
 	}
+
 	
-	private String extractCn(String ldapName) {
-		if (ldapName.indexOf(",")!=-1)
-			return ldapName.substring(ldapName.indexOf("cn=")+3,ldapName.indexOf(","));
-		return ldapName.substring(ldapName.indexOf("cn=")+3,ldapName.length());
-	}
-	
 	protected String[] getObjectClasses() {
 		return this.getUserObjectClasses();
 	}
 	
+	protected String getUidAttributeForPrincipal() {
+		return this.getUserUidAttribute();
+	}
 	
+	
+	
 }
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapGroupDaoImpl.java
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapGroupDaoImpl.java	(revision 466416)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapGroupDaoImpl.java	(working copy)
@@ -21,6 +21,7 @@
 import javax.naming.directory.BasicAttribute;
 import javax.naming.directory.BasicAttributes;
 
+import org.apache.commons.lang.StringUtils;
 import org.apache.jetspeed.security.SecurityException;
 import org.apache.jetspeed.security.impl.GroupPrincipalImpl;
 
@@ -77,6 +78,9 @@
         	classes.add(getObjectClasses()[i]);
         attrs.put(classes);
         attrs.put(getEntryPrefix(), principalUid);
+        if(!StringUtils.isEmpty(getGroupMembershipAttribute()))
+        	attrs.put(getGroupMembershipAttribute(), "");
+        attrs.put(getGroupObjectRequiredAttributeClasses(), "");
         return attrs;
     }
 
@@ -117,6 +121,10 @@
 	protected String[] getObjectClasses() {
 		return this.getGroupObjectClasses();
 	}
+
+	protected String getUidAttributeForPrincipal() {
+		return this.getGroupUidAttribute();
+	}
 	
  	
 }
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/InitLdapSchema.java
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/InitLdapSchema.java	(revision 466416)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/InitLdapSchema.java	(working copy)
@@ -67,6 +67,7 @@
     public void init() throws SecurityException
     {
     	initOu("OrgUnit1");
+    	initOu("People");
     	initOu("People","ou=OrgUnit1");
     	initOu("Groups","ou=OrgUnit1");
     	initOu("Roles","ou=OrgUnit1");
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserPrincipalDaoImpl.java
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserPrincipalDaoImpl.java	(revision 466416)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserPrincipalDaoImpl.java	(working copy)
@@ -16,22 +16,20 @@
 package org.apache.jetspeed.security.spi.impl.ldap;
 
 import java.security.Principal;
-import java.util.ArrayList;
-import java.util.List;
 
-import javax.naming.NamingEnumeration;
 import javax.naming.NamingException;
 import javax.naming.directory.Attributes;
 import javax.naming.directory.BasicAttribute;
 import javax.naming.directory.BasicAttributes;
 import javax.naming.directory.DirContext;
 import javax.naming.directory.SearchControls;
-import javax.naming.directory.SearchResult;
 
+import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.jetspeed.security.SecurityException;
 import org.apache.jetspeed.security.impl.UserPrincipalImpl;
+import org.omg.CosNaming.IstringHelper;
 
 /**
  * @author <a href="mailto:mike.long@dataline.com">Mike Long </a>, <a
@@ -100,7 +98,8 @@
         validateUid(userPrincipalUid);
         validateUid(groupPrincipalUid);
         
-        String userDn = "uid=" + userPrincipalUid + "," + getUserFilterBase();
+        String userDn = getEntryPrefix() + "=" + userPrincipalUid;
+        if (getUserFilterBase()!=null &&  !getUserFilterBase().equals("")) userDn+= "," + getUserFilterBase();
         userDn+="," + getRootContext();
         try
         {
@@ -137,15 +136,20 @@
         validateUid(userPrincipalUid);
         validateUid(groupPrincipalUid);
         
-        String userDn = "uid=" + userPrincipalUid + "," + getUserFilterBase();
+        String userDn = getUserIdAttribute() + "=" + userPrincipalUid;
+        
+    	if (!StringUtils.isEmpty(getUserFilterBase()))
+    		userDn+="," + getUserFilterBase();
         try
         {
         	groupPrincipalUid = getGroupIdAttribute() + "=" + groupPrincipalUid; 
         	
-        	if (getGroupFilterBase()!=null && !getGroupFilterBase().equals(""))
+        	if (!StringUtils.isEmpty(getGroupFilterBase()))
         		groupPrincipalUid+="," + getGroupFilterBase();
-        	groupPrincipalUid+="," + getRootContext();
-            String rdn = getSubcontextName(userDn);
+        	if (!StringUtils.isEmpty(getRootContext()))
+        		groupPrincipalUid+="," + getRootContext();
+        	
+        	String rdn = getSubcontextName(userDn);
             Attributes attrs = new BasicAttributes(false);
 
             attrs.put(getUserGroupMembershipAttribute(), groupPrincipalUid);
@@ -205,11 +209,19 @@
         try
         {
         	rolePrincipalUid = getRoleIdAttribute() + "=" + rolePrincipalUid; 
+
+        	if (!StringUtils.isEmpty(getRoleFilterBase()))
+        		rolePrincipalUid+="," + getRoleFilterBase();
+        	if (!StringUtils.isEmpty(getRootContext()))
+        		rolePrincipalUid+="," + getRootContext();
+
+        	//TODO: added this for OpenLDAP ... adds ou=People to the rdn
+        	String rdn = getSubcontextName(userDn);
+        	if (!StringUtils.isEmpty(getUserFilterBase()))
+        		rdn+="," + getUserFilterBase();
         	
-        	if (getRoleFilterBase()!=null && !getRoleFilterBase().equals(""))
-        		rolePrincipalUid+="," + getRoleFilterBase();
-        	rolePrincipalUid+="," + getRootContext();
-            String rdn = getSubcontextName(userDn);
+        	
+        	
             Attributes attrs = new BasicAttributes(false);
 
             attrs.put(getUserRoleMembershipAttribute(), rolePrincipalUid);
@@ -237,13 +249,18 @@
     {
         validateUid(userPrincipalUid);
         validateUid(rolePrincipalUid);
-        String userDn = "uid=" + userPrincipalUid + "," + getUserFilterBase() + "," + getRootContext();
+        String userDn = getUserIdAttribute() + "=" + userPrincipalUid;
         
+        if (!StringUtils.isEmpty(getUserFilterBase()))
+        		userDn+= "," + getUserFilterBase();
+        if (!StringUtils.isEmpty(getRootContext()))
+        		userDn+= "," + getRootContext();
+        
         try
         {
         	rolePrincipalUid = getRoleIdAttribute() + "=" + rolePrincipalUid; 
-        	
-        	if (getRoleFilterBase()!=null && !getRoleFilterBase().equals(""))
+
+        	if (!StringUtils.isEmpty(getRoleFilterBase()))
         		rolePrincipalUid+="," + getRoleFilterBase();
         	
             String rdn = getSubcontextName(rolePrincipalUid);
@@ -285,6 +302,8 @@
         for (int i=0;i<getObjectClasses().length;i++)
         	classes.add(getObjectClasses()[i]);
         attrs.put(classes);
+        //TODO : customize this behaviour as well ... how to determine the values here.
+        attrs.put("uid", principalUid);
         attrs.put("cn", principalUid);
         attrs.put("sn", principalUid);
         attrs.put(getEntryPrefix(), principalUid);
@@ -341,19 +360,26 @@
     {
         validateUid(groupPrincipalUid);
         validateUid(rolePrincipalUid);
-        String userDn = lookupGroupByUid(groupPrincipalUid);
+        String roleId = lookupRoleByUid(rolePrincipalUid);
         try
         {
         	groupPrincipalUid = getGroupIdAttribute() + "=" + groupPrincipalUid; 
-        	
-        	if (getRoleFilterBase()!=null && !getRoleFilterBase().equals(""))
-        		rolePrincipalUid+="," + getRoleFilterBase();
-        	
-            String rdn = getSubcontextName(userDn);
+        	if (!StringUtils.isEmpty(getGroupFilterBase()))
+        		groupPrincipalUid+="," + getGroupFilterBase();
+        	if (!StringUtils.isEmpty(getRootContext()))
+        		groupPrincipalUid+="," + getRootContext();
+                        
+
+        	if (!StringUtils.isEmpty(getRoleFilterBase()))
+            	roleId+="," + getRoleFilterBase();
+        	//TODO: doesn't work for openLDAP .... NameNotFoundException. ... commented out
+        	//if (!StringUtils.isEmpty(getRootContext()))
+            //	roleId+="," + getRootContext();
+                       
             Attributes attrs = new BasicAttributes(false);
 
-            attrs.put(getRoleGroupMembershipForRoleAttribute(), rolePrincipalUid);
-            ctx.modifyAttributes(rdn, operationType, attrs);
+            attrs.put(getRoleGroupMembershipForRoleAttribute(), groupPrincipalUid);
+            ctx.modifyAttributes(roleId, operationType, attrs);
         }
         catch (NamingException e)
         {
@@ -381,12 +407,21 @@
         {
         	rolePrincipalUid = getRoleIdAttribute() + "=" + rolePrincipalUid; 
         	
-        	if (getRoleFilterBase()!=null && !getRoleFilterBase().equals(""))
+        	if (!StringUtils.isEmpty(getRoleFilterBase()))
         		rolePrincipalUid+="," + getRoleFilterBase();
+        	if (!StringUtils.isEmpty(getRootContext()))
+        		rolePrincipalUid+="," + getRootContext();
+        	        	
         	
             String rdn = getSubcontextName(userDn);
+            if (!(StringUtils.isEmpty(getUserFilterBase())))
+            	rdn+="," + getGroupFilterBase();
+            //TODO: this was commented out ... check why ? --- OpenLDAP doesn't like it.
+            //if (!(StringUtils.isEmpty(getRootContext())))
+            //	rdn+="," + getRootContext();
+//            
+            
             Attributes attrs = new BasicAttributes(false);
-
             attrs.put(getGroupMembershipForRoleAttribute(), rolePrincipalUid);
             ctx.modifyAttributes(rdn, operationType, attrs);
         }
@@ -558,4 +593,9 @@
 	protected String[] getObjectClasses() {
 		return this.getUserObjectClasses();
 	}	
+	
+	protected String getUidAttributeForPrincipal() {
+		return this.getUserUidAttribute();
+	}
+	
 }
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java	(revision 466416)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java	(working copy)
@@ -28,6 +28,8 @@
 import javax.naming.ldap.LdapContext;
 
 import org.apache.commons.lang.StringUtils;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
 import org.apache.jetspeed.security.InvalidDnException;
 import org.apache.jetspeed.security.InvalidPasswordException;
 import org.apache.jetspeed.security.InvalidUidException;
@@ -43,6 +45,9 @@
  */
 public abstract class AbstractLdapDao
 {
+	
+	private static final Log logger = LogFactory.getLog(AbstractLdapDao.class);
+	
     /** The ldap binding configuration. */
     private LdapBindingConfig ldapBindingConfig = null;
 
@@ -167,7 +172,7 @@
     protected SearchControls setSearchControls()
     {
         SearchControls controls = new SearchControls();
-        controls.setReturningAttributes(new String[] {"cn","sn","o","uid","ou","objectClass","nsroledn","userPassword","member","uniqueMember"});
+        controls.setReturningAttributes(new String[] {"cn","sn","o","uid","ou","objectClass","nsroledn","userPassword","member","uniqueMember","memberOf"});
         controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
         controls.setReturningObjFlag(true);
 
@@ -261,15 +266,7 @@
         while ((null != searchResults) && searchResults.hasMore())
         {
             SearchResult searchResult = (SearchResult) searchResults.next();
-            
-/* TODO: Java 5 dependency, needs to be resolved for Java 1.4 first before this can be enabled again
-            userDn = searchResult.getNameInNamespace();
-*/            
-//            if (searchResult.getObject() instanceof DirContext)
-//            {
-//                DirContext userEntry = (DirContext) searchResult.getObject();
-//                userDn = userEntry.getNameInNamespace();
-//            }
+            userDn = searchResult.getName();
         }
         return userDn;
     }
@@ -303,16 +300,28 @@
     protected NamingEnumeration searchByWildcardedUid(final String filter, SearchControls cons) throws NamingException
     {
     	// usa a template method to use users/groups/roles
-        String searchFilter = "";
+        String query = "";
         if (getSearchSuffix()==null || getSearchSuffix().equals("")) {
-        	searchFilter = "(" + getEntryPrefix() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")";
+        	query = "(" + getEntryPrefix() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")";
         } else {
-        	searchFilter = "(&(" + getEntryPrefix() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")" + getSearchSuffix() + ")";
+        	query = "(&(" + getEntryPrefix() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")" + getSearchSuffix() + ")";
         }
+        logger.debug("searchByWildCardedUid = " + query); 
+
         
-        NamingEnumeration searchResults = ((DirContext) ctx).search(getSearchDomain(), searchFilter, cons);
+//      TODO: see if this doesn't break anything - was put here for domino , see if still necessary
+//	    String searchBase = "";
+//	    if (!StringUtils.isEmpty(getUserFilterBase()))
+//	    	searchBase+=getUserFilterBase();
+//	    if (!StringUtils.isEmpty(getRootContext()))
+//	    	searchBase+="," + getRootContext();
 
-        return searchResults;
+	    cons.setSearchScope(getSearchScope());
+	    //TODO: added this here for OpenLDAP (when users are stored in ou=People,o=evenSeas)
+	    String searchBase = StringUtils.replace(getSearchDomain(), "," + getRootContext(), "");
+	    NamingEnumeration results = ((DirContext) ctx).search(searchBase,query , cons);	
+
+        return results;
     }
     
     /**
@@ -328,16 +337,20 @@
     protected NamingEnumeration searchGroupByWildcardedUid(final String filter, SearchControls cons) throws NamingException
     {
     	// usa a template method to use users/groups/roles
-        String searchFilter = "";
-        if (getSearchSuffix()==null || getSearchSuffix().equals("")) {
-        	searchFilter = "(" + getGroupIdAttribute() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")";
+        String query = "";
+        if (StringUtils.isEmpty(getGroupFilter())) {
+        	query = "(" + getGroupIdAttribute() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")";
         } else {
-        	searchFilter = "(&(" + getGroupIdAttribute() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")" + getGroupFilter() + ")";
+        	query = "(&(" + getGroupIdAttribute() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")" + getGroupFilter() + ")";
         }        
         
-        NamingEnumeration searchResults = ((DirContext) ctx).search("", searchFilter, cons);
+	    String searchBase = "";
+	    if (!StringUtils.isEmpty(getGroupFilterBase()))
+	    	searchBase+=getGroupFilterBase();
+	    cons.setSearchScope(getSearchScope());
+	    NamingEnumeration results = ((DirContext) ctx).search(searchBase,query , cons);	
 
-        return searchResults;
+        return results;
     }   
     
     /**
@@ -352,16 +365,20 @@
      */
     protected NamingEnumeration searchRoleByWildcardedUid(final String filter, SearchControls cons) throws NamingException
     {
-        //String searchFilter = "(&(uid=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ") (objectclass="+ "jetspeed-2-role" + "))";
-        String searchFilter = "";
-        if (getRoleFilter()==null || getRoleFilter().equals("")) {
-        	searchFilter = "(" + getGroupIdAttribute() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")";
+        String query = "";
+        if (StringUtils.isEmpty(getRoleFilter())) {
+        	query = "(" + getRoleIdAttribute() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")";
         } else {
-        	searchFilter = "(&(" + getGroupIdAttribute() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")" + getRoleFilter() + ")";
-        }      	
-        NamingEnumeration searchResults = ((DirContext) ctx).search("", searchFilter, cons);
+        	query = "(&(" + getRoleIdAttribute() + "=" + (StringUtils.isEmpty(filter) ? "*" : filter) + ")" + getRoleFilter() + ")";
+        }  
+        
+	    String searchBase = "";
+	    if (!StringUtils.isEmpty(getRoleFilterBase()))
+	    	searchBase+=getRoleFilterBase();
+	    cons.setSearchScope(getSearchScope());
+	    NamingEnumeration results = ((DirContext) ctx).search(searchBase,query , cons);	
 
-        return searchResults;
+        return results;
     }      
 
     /**
@@ -501,14 +518,7 @@
     {
         return this.ldapBindingConfig.getUserFilter();
     }
-    
-    /**
-     * <p>
-     * Returns the default Group suffix dn.
-     * </p>
-     * 
-     * @return The defaultDnSuffix.
-     */
+
     protected String[] getUserObjectClasses()
     {
         return this.ldapBindingConfig.getUserObjectClasses();
@@ -560,6 +570,41 @@
         return this.ldapBindingConfig.getUserIdAttribute();
     }    
 
+    protected  String getUidAttribute()
+    {
+        return this.ldapBindingConfig.getUidAttribute();
+    }        
+    
+    protected  int getSearchScope()
+    {
+        return Integer.parseInt(this.ldapBindingConfig.getMemberShipSearchScope());
+    }        
+    
+    protected String getRoleUidAttribute()
+    {
+        return this.ldapBindingConfig.getRoleUidAttribute();
+    }        
+    
+    protected String getGroupUidAttribute()
+    {
+        return this.ldapBindingConfig.getGroupUidAttribute();
+    }        
+    
+    protected String getUserUidAttribute()
+    {
+        return this.ldapBindingConfig.getUserUidAttribute();
+    }        
+    
+    protected String getGroupObjectRequiredAttributeClasses()
+    {
+        return this.ldapBindingConfig.getGroupObjectRequiredAttributeClasses();
+    }        
+    
+    protected String getRoleObjectRequiredAttributeClasses()
+    {
+        return this.ldapBindingConfig.getRoleObjectRequiredAttributeClasses();
+    }        
+        
 	protected abstract String[] getObjectClasses();
 	
 }
\ No newline at end of file
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapPrincipalDaoImpl.java
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapPrincipalDaoImpl.java	(revision 466416)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapPrincipalDaoImpl.java	(working copy)
@@ -27,6 +27,7 @@
 import javax.naming.directory.SearchControls;
 import javax.naming.directory.SearchResult;
 
+import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.apache.jetspeed.security.GroupPrincipal;
@@ -98,11 +99,19 @@
     public void create(final String principalUid) throws SecurityException
     {
         Attributes attrs = defineLdapAttributes(principalUid);
+        logger.debug("creating principal with " + attrs);
         try
         {
-            String userDn = getEntryPrefix() + "=" + principalUid;
-            if (getDnSuffix()!=null && !getDnSuffix().equals("")) userDn+="," + getDnSuffix();// + ',' + getDefaultSearchBase();
+        	String userDn = getEntryPrefix() + "=" + principalUid;
+            if (!StringUtils.isEmpty(getDnSuffix())) 
+            		userDn+="," + getDnSuffix();
             
+            //TODO: OpenLDAP doesn't like creating an entry with o=sevenSeas on it.
+           // if (!StringUtils.isEmpty(getRootContext())) 
+        	//	userDn+="," + getRootContext();
+        
+            logger.debug("userDn = " + userDn);
+            
             ctx.createSubcontext(userDn, attrs);
             if (logger.isDebugEnabled())
             {
@@ -125,6 +134,16 @@
     protected abstract String getDnSuffix();
 
     /**
+     * <p>
+     * Builds the dn suffix.
+     * </p>
+     * 
+     * @return The dn suffix.
+     */
+    protected abstract String getUidAttributeForPrincipal();
+
+    
+    /**
      * @see org.apache.jetspeed.security.spi.impl.ldap.LdapPrincipalDao#delete(java.lang.String)
      */
     public void delete(final String principalUid) throws SecurityException
@@ -140,6 +159,8 @@
         try
         {
             rdn = getSubcontextName(dn);
+            if(!StringUtils.isEmpty(getSearchDomain()))
+            	rdn+="," + getSearchDomain();
             ctx.destroySubcontext(rdn);
         }
         catch (NamingException e)
@@ -261,7 +282,7 @@
         {
             Attributes atts = searchResult.getAttributes();
 
-            String uid = (String) getAttribute(getEntryPrefix(), atts).getAll().next();
+            String uid = (String) getAttribute(getUidAttributeForPrincipal(), atts).getAll().next();
             Principal principal = makePrincipal(uid);
 
             principals.add(principal);
@@ -281,7 +302,7 @@
         {
             Attribute attr = (Attribute) ae.next();
 
-            if (attr.getID().equals(attributeName))
+            if (attr.getID().equalsIgnoreCase(attributeName))
             {
                 return attr;
             }
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapRoleDaoImpl.java
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapRoleDaoImpl.java	(revision 466416)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/ldap/LdapRoleDaoImpl.java	(working copy)
@@ -21,6 +21,7 @@
 import javax.naming.directory.BasicAttribute;
 import javax.naming.directory.BasicAttributes;
 
+import org.apache.commons.lang.StringUtils;
 import org.apache.jetspeed.security.SecurityException;
 import org.apache.jetspeed.security.impl.RolePrincipalImpl;
 
@@ -76,6 +77,9 @@
         	classes.add(getObjectClasses()[i]);
         attrs.put(classes);
         attrs.put(getEntryPrefix(), principalUid);
+        if(!StringUtils.isEmpty(getRoleMembershipAttribute()))
+        	attrs.put(getRoleMembershipAttribute(), "");
+        attrs.put(getRoleObjectRequiredAttributeClasses(), "");
         return attrs;
     }
 
@@ -115,6 +119,11 @@
 	protected String[] getObjectClasses() {
 		return this.getRoleObjectClasses();
 	}
+
+	protected String getUidAttributeForPrincipal() {
+		return this.getRoleUidAttribute();
+	}
 	
 	
 }
+
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapUserSecurityHandler.java
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapUserSecurityHandler.java	(revision 466416)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapUserSecurityHandler.java	(working copy)
@@ -151,6 +151,7 @@
         verifyUserPrincipal(userPrincipal);
 
         String uid = userPrincipal.getName();
+        logger.debug("addUserPrincipal : " +  uid);
         if (isUserPrincipal(uid))
         {
             throw new SecurityException(SecurityException.USER_ALREADY_EXISTS.create(uid));
Index: D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java
===================================================================
--- D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java	(revision 466416)
+++ D:/PROJECTS/ECLIPSE/JETSPEED2/jetspeed-2/components/security/src/java/org/apache/jetspeed/security/spi/impl/LdapSecurityMappingHandler.java	(working copy)
@@ -159,7 +159,6 @@
      */
     public void removeUserPrincipalInRole(String username, String roleFullPathName) throws SecurityException
     {
-    	//TODO: check if this is ok
         verifyUserAndRoleExist(username, roleFullPathName);
         removeUserFromRole(username, roleFullPathName);
     }