manage the audit.xml file

manifests/config.pp

@@ -144,6 +144,13 @@ class shibb_idp3::config (
 #    source  => 'puppet:///modules/shibb_idp3/etc/filter-syslog/idp-warn',
 #  }
 
+  # The format of the audit log is set by conf/audit.xml. We add the
+  # nameid type field to the default set of attributes included.
+  file { '/etc/shibboleth-idp/conf/audit.xml':
+    content => template('shibb_idp3/etc/shibboleth-idp/conf/audit.xml.erb'),
+    require => Package['shibboleth-identity-provider'],
+  }
+
 
   # 2. access-control.xml: allow access to status page
   file { '/etc/shibboleth-idp/conf/access-control.xml':

manifests/init.pp

 class shibb_idp3(
   $env                = 'uat',
   $ldap_host          = '',
+  $mysql_support      = true,
 )
 {
 

manifests/install.pp

@@ -19,5 +19,16 @@ class shibb_idp3::install {
     source => 'puppet:///modules/shibb_idp3/etc/tomcat8/Catalina/localhost/idp.xml',
   }
 
+  # If we are using MySQL, install the JDBC MySQL support
+  if ($shibb_idp3::mysql_support) {
+    package { 'libmysql-java': ensure => present }
 
+    # We need to link the mysql java connector jar into the tomcat8
+    # directory so that tomcat8 will be able to find it.
+    file { '/usr/share/tomcat8/lib/mysql-connector-java.jar':
+      ensure  => 'link',
+      target  => '/usr/share/java/mysql-connector-java.jar',
+      require => Package['libmysql-java'],
+    }
+  }
 }

manifests/ldap.pp

@@ -100,12 +100,13 @@ class shibb_idp3::ldap (
                     ]
   }
 
-  file { '/etc/shibboleth-idp/conf/ldap.properties':
-    ensure  => present,
-    mode    => '0640',
-    owner   => 'tomcat8',
-    group   => 'tomcat8',
-    require =>  Exec["generate-conf $ldap_properties_file"],
+  # Set the file permissions??
+  exec { "set_permissions $ldap_properties_file":
+    command     => "chown tomcat8:tomcat8 $ldap_properties_file; chmod 0640 $ldap_properties_file",
+    refreshonly => true,
+    subscribe   => [
+      Exec["generate-conf $ldap_properties_file"],
+      ],
   }