import javax.naming.directory.SearchResult;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapName;
+import javax.transaction.TransactionManager;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.argeo.ArgeoException;
import org.osgi.framework.Filter;
-import org.osgi.service.useradmin.User;
+/**
+ * A user admin based on a LDAP server. Requires a {@link TransactionManager}
+ * and an open transaction for write access.
+ */
public class LdapUserAdmin extends AbstractUserDirectory {
private final static Log log = LogFactory.getLog(LdapUserAdmin.class);
"com.sun.jndi.ldap.LdapCtxFactory");
connEnv.put(Context.PROVIDER_URL, getUri().toString());
connEnv.put("java.naming.ldap.attributes.binary",
- LdifName.userPassword.name());
+ LdifName.userpassword.name());
initialLdapContext = new InitialLdapContext(connEnv, null);
// StartTlsResponse tls = (StartTlsResponse) ctx
}
}
- @Override
- protected void doGetUser(String key, String value,
- List<DirectoryUser> collectedUsers) {
- try {
- String searchFilter = "(&(" + objectClass + "="
- + getUserObjectClass() + ")(" + key + "=" + value + "))";
-
- SearchControls searchControls = new SearchControls();
- searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
-
- String searchBase = getBaseDn();
- NamingEnumeration<SearchResult> results = getLdapContext().search(
- searchBase, searchFilter, searchControls);
-
- SearchResult searchResult = null;
- if (results.hasMoreElements()) {
- searchResult = (SearchResult) results.nextElement();
- if (results.hasMoreElements())
- searchResult = null;
- }
- if (searchResult != null)
- collectedUsers.add(new LdifUser(this, toDn(searchBase,
- searchResult), searchResult.getAttributes()));
- } catch (Exception e) {
- throw new UserDirectoryException("Cannot get user with " + key
- + "=" + value, e);
- }
-
- }
-
private LdapName toDn(String baseDn, Binding binding)
throws InvalidNameException {
return new LdapName(binding.isRelative() ? binding.getName() + ","
}
@Override
- protected List<DirectoryGroup> getDirectGroups(User user) {
- List<DirectoryGroup> directGroups = new ArrayList<DirectoryGroup>();
+ protected List<LdapName> getDirectGroups(LdapName dn) {
+ List<LdapName> directGroups = new ArrayList<LdapName>();
try {
String searchFilter = "(&(" + objectClass + "="
+ getGroupObjectClass() + ")(" + getMemberAttributeId()
- + "=" + user.getName() + "))";
+ + "=" + dn + "))";
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
while (results.hasMoreElements()) {
SearchResult searchResult = (SearchResult) results
.nextElement();
- LdifGroup group = new LdifGroup(this, toDn(searchBase,
- searchResult), searchResult.getAttributes());
- directGroups.add(group);
+ directGroups.add(toDn(searchBase, searchResult));
}
return directGroups;
} catch (Exception e) {
- throw new ArgeoException("Cannot populate direct members of "
- + user, e);
+ throw new ArgeoException("Cannot populate direct members of " + dn,
+ e);
}
}
@Override
- protected void prepare(WorkingCopy wc) {
+ protected void prepare(UserDirectoryWorkingCopy wc) {
try {
getLdapContext().reconnect(getLdapContext().getConnectControls());
// delete
}
@Override
- protected void commit(WorkingCopy wc) {
+ protected void commit(UserDirectoryWorkingCopy wc) {
try {
// delete
for (LdapName dn : wc.getDeletedUsers().keySet()) {
}
@Override
- protected void rollback(WorkingCopy wc) {
+ protected void rollback(UserDirectoryWorkingCopy wc) {
// prepare not impacting
}