import java.net.URISyntaxException;
import java.net.UnknownHostException;
import java.util.Dictionary;
-import java.util.Enumeration;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import javax.naming.Context;
import javax.naming.NamingException;
+import javax.naming.ldap.LdapName;
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
import org.argeo.naming.DnsBrowser;
import org.argeo.naming.NamingUtils;
-import org.osgi.framework.Constants;
/** Properties used to configure user admins. */
public enum UserAdminConf {
/** Read-only source */
readOnly(null),
+ /** Disabled source */
+ disabled(null),
+
/** Authentication realm */
realm(null);
public final static String FACTORY_PID = "org.argeo.osgi.useradmin.config";
- private final static Log log = LogFactory.getLog(UserAdminConf.class);
public final static String SCHEME_LDAP = "ldap";
public final static String SCHEME_FILE = "file";
StringBuilder query = new StringBuilder();
boolean first = true;
- for (Enumeration<String> keys = properties.keys(); keys.hasMoreElements();) {
- String key = keys.nextElement();
- // TODO clarify which keys are relevant (list only the enum?)
- if (!key.equals("service.factoryPid") && !key.equals("cn") && !key.equals("dn")
- && !key.equals(Constants.SERVICE_PID) && !key.startsWith("java") && !key.equals(baseDn.name())
- && !key.equals(uri.name())) {
- if (first)
- first = false;
- else
- query.append('&');
- query.append(valueOf(key).name());
- query.append('=').append(properties.get(key).toString());
- }
+// for (Enumeration<String> keys = properties.keys(); keys.hasMoreElements();) {
+// String key = keys.nextElement();
+// // TODO clarify which keys are relevant (list only the enum?)
+// if (!key.equals("service.factoryPid") && !key.equals("cn") && !key.equals("dn")
+// && !key.equals(Constants.SERVICE_PID) && !key.startsWith("java") && !key.equals(baseDn.name())
+// && !key.equals(uri.name()) && !key.equals(Constants.OBJECTCLASS)
+// && !key.equals(Constants.SERVICE_ID) && !key.equals("bundle.id")) {
+// if (first)
+// first = false;
+// else
+// query.append('&');
+// query.append(valueOf(key).name());
+// query.append('=').append(properties.get(key).toString());
+// }
+// }
+
+ keys: for (UserAdminConf key : UserAdminConf.values()) {
+ if (key.equals(baseDn) || key.equals(uri))
+ continue keys;
+ Object value = properties.get(key.name());
+ if (value == null)
+ continue keys;
+ if (first)
+ first = false;
+ else
+ query.append('&');
+ query.append(key.name());
+ query.append('=').append(value.toString());
+
}
- String bDn = (String) properties.get(baseDn.name());
+ Object bDnObj = properties.get(baseDn.name());
+ String bDn = bDnObj != null ? bDnObj.toString() : null;
try {
return new URI(null, null, bDn != null ? '/' + bDn : null, query.length() != 0 ? query.toString() : null,
null);
if (bDn.endsWith(".ldif"))
bDn = bDn.substring(0, bDn.length() - ".ldif".length());
+ // Normalize base DN as LDAP name
+ bDn = new LdapName(bDn).toString();
+
String principal = null;
String credentials = null;
if (scheme != null)
}
URI convertedUri = new URI(
SCHEME_LDAP + "://" + ldapHostsStr + "/" + IpaUtils.domainToUserDirectoryConfigPath(kerberosRealm));
- if (log.isDebugEnabled())
- log.debug("Converted " + uri + " to " + convertedUri);
return convertedUri;
} catch (NamingException | IOException | URISyntaxException e) {
throw new UserDirectoryException("cannot convert IPA uri " + uri, e);
try {
hostname = InetAddress.getLocalHost().getHostName();
} catch (UnknownHostException e) {
- log.warn("Using localhost as hostname", e);
hostname = "localhost.localdomain";
}
int dotIdx = hostname.indexOf('.');
return "dc=" + hostname;
}
}
+
+ /**
+ * Hash the base DN in order to have a deterministic string to be used as a cn
+ * for the underlying user directory.
+ */
+ public static String baseDnHash(Dictionary<String, Object> properties) {
+ String bDn = (String) properties.get(baseDn.name());
+ if (bDn == null)
+ throw new UserDirectoryException("No baseDn in " + properties);
+ return DigestUtils.sha1str(bDn);
+ }
}