domino整合说明

Domino整合说明

1单点登录（Sso）的实现

Ltpa sso

Key：用户wps的key

导入：

修改http server的配置

创建junction：跟wps的junction的创建方式一致

注：需要在fullname中加入ids的用户dn，用/分割；格式如下：比如：dn：uid=tst,cn=users,dc=hn,dc=Unicom

则fullname为：tst/users/hn/unicom

2用户整合

三种方式：

1、用户提供用户管理的接口，我们调用用户管理的接口通过idi把用户、组织数据写入domino

2、Domino的用户扁平的存放在domino中

用户用数据自定义组织（nsf数据库、关系型数据库）

3、用户在domino中存放用户和组织单元、用户挂在组织单元下

需要注意的问题：Id文件的管理

2.1 用户的整合：

通过tim for domino agent实现

1、部署notes客户端

2、在domino创建agent需要的数据库和组

3、在notes客户端上部署agent

4、配置agent

5、在tim上装profile

6、配置profile

7、配置domino帐号自动创建的策略

Profile的属性示例：

dn: eruid=hy

ernotesaddcertpath:d:\\lotus\\notes\\data\\cert.id

erNotesFirstName:hy

ernotesfullname:cn=hy/o=unicom

erNotesInternetAddress:hy@hn.unicom.local

erNotesLastName:hy

erNotesMailDomain:unicom

erNotesMailFile:mail\\hy

erNotesMailQuotaSize:0

erNotesMailServer:CN=domino1/o=unicom

erNotesMailSystem:1

ernotesmailtemplatename:dwa7.ntf

ernotespasswdaddcert:passw0rd

erNotesPhoneNumber:133********

erNotesShortName:hy

erNotesState:strate

erNotesStreet:street

erNotestitle:title

ernotesuseridfilename:d:\\tivoli\\IDsCreated\\hy.id erNotesZip:zip

ernotesowner:CN=hy/o=unicom ernotespassword:passw0rd

2.2 组织的整合

对于IDI通过domino的api实现：

需要部署notes客户端：

添加部门的代码示例：

import lotus.domino.*;

public class createOrg extends NotesThread{

public static void main(String argv[])

{

createOrg t = new createOrg();

t.start();

}

public void runNotes()

{

try

{

//Session s1 = NotesFactory.createSessionW

//Session s = NotesFactory.createSession();

Session s =

//NotesFactory.createSession((String)null,(String)null,"passw0rd");

//Session s =

NotesFactory.createSession((String)null,"admin/unicom","passw0rd");

Session s =

NotesFactory.createSession("domino1.hn.unicom.local:63148","admin/uni com","passw0rd");

System.out.println("User name = " +

(String)s.getUserName());

Name no = s.getUserNameObject();

if (no.isHierarchical())

System.out.println("Common name = " +

(String)s.getCommonUserName());

System.out.println("Domino " +

(String)s.getNotesVersion() + " running on " +

(String)s.getPlatform());

System.out.println("Create orgunit.");

// (Your code goes here)

Registration reg = s.createRegistration();

reg.setRegistrationServer("domino1/unicom");

reg.setCertifierIDFile("d:\\Lotus\\notes\\data\\cert.id");

DateTime dt = s.createDateTime("Today");

dt.setNow();

dt.adjustYear(1);

reg.setExpiration(dt);

reg.setIDType(Registration.ID_HIERARCHICAL);

reg.setMinPasswordLength(0); // password strength

reg.setNorthAmerican(true);

reg.setOrgUnit("znborg8");

reg.setRegistrationLog("log.nsf");

reg.setUpdateAddressBook(true);

reg.setStoreIDInAddressBook(true);

if(reg.registerNewCertifier("znborg8cert", // certifier name

"d:\\Tivoli\\IDsCreated\\znborg8cert.id", // file to be created

"passw0rd")) // Domino Directory title field

{ System.out.println("Registration succeeded"); }

else { System.out.println("Registration failed"); }

}

catch(NotesException e) {

System.out.println(e.id + " " +

e.text+""+e.getClass().getName());

e.printStackTrace();

}

catch (Exception e1)

{

S ystem.out.println(e1.toString());

e1.printStackTrace();

}

}

}

Domino要启动diiop服务

IDI的classpath的处理：

@echo off

setlocal

set

MYCLASSPA TH="D:\Lotus\notes\jvm\lib\ext\Notes.jar";"D:\Lotus\notes\data\domino\java\NCS O.jar"

"D:\IBMDirectoryIntegrator\_jvm\jre\bin\java" -cp %MYCLASSPA TH% "D:\workspace\notes\createOrg.class"