As a developer of an Alfresco system, I want to easily override the standard synchronization mapping to meet my custom requirements about what user properties should be synchronized.
For example, I have the requirement to synchronize user accounts from an LDAP server and to keep the organization attribute editable in Alfresco. Because the organization attribute is part of the standard synchronization mapping, it is read-only inside Alfresco and controlled by LDAP. I want to override the mapping so that the organization attribute is not synchronized with LDAP and is only controlled inside Alfresco.
- There is a straightforward way to override the LDAP person attribute mapping to change which fields are synchronized.
- Fields which are not synchronized should not become read-only.
- Should be able to define new LDAP fields for synchronization to Alfresco.
- It is a documented extension point.
The actual packaging seems to prevent us from overriding the standard synchronization mapping. The mapping is defined by the property personAttributeMapping of bean org.alfresco.repo.security.sync.ldap.LDAPUserRegistry. This property is defined in the file common-ldap-context.xml. We tried different places (deployment in shared classpath; deployment via amp) to drop a file that should overwrite common-ldap-context.xml but no luck.
We guess that the actual packaging that puts common-ldap-context.xml into a jar and places it thereby on some position on the classpath prevents us from overriding it.