import javax.naming.Binding;
import javax.naming.Context;
import javax.naming.InvalidNameException;
+import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.argeo.ArgeoException;
import org.osgi.framework.Filter;
/**
super(properties);
try {
Hashtable<String, Object> connEnv = new Hashtable<String, Object>();
- connEnv.put(Context.INITIAL_CONTEXT_FACTORY,
- "com.sun.jndi.ldap.LdapCtxFactory");
+ connEnv.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
connEnv.put(Context.PROVIDER_URL, getUri().toString());
- connEnv.put("java.naming.ldap.attributes.binary",
- LdifName.userPassword.name());
+ connEnv.put("java.naming.ldap.attributes.binary", LdifName.userPassword.name());
initialLdapContext = new InitialLdapContext(connEnv, null);
// StartTlsResponse tls = (StartTlsResponse) ctx
// .extendedOperation(new StartTlsRequest());
// tls.negotiate();
- initialLdapContext.addToEnvironment(
- Context.SECURITY_AUTHENTICATION, "simple");
+ initialLdapContext.addToEnvironment(Context.SECURITY_AUTHENTICATION, "simple");
Object principal = properties.get(Context.SECURITY_PRINCIPAL);
if (principal != null) {
- initialLdapContext.addToEnvironment(Context.SECURITY_PRINCIPAL,
- principal.toString());
+ initialLdapContext.addToEnvironment(Context.SECURITY_PRINCIPAL, principal.toString());
Object creds = properties.get(Context.SECURITY_CREDENTIALS);
if (creds != null) {
- initialLdapContext.addToEnvironment(
- Context.SECURITY_CREDENTIALS, creds.toString());
+ initialLdapContext.addToEnvironment(Context.SECURITY_CREDENTIALS, creds.toString());
}
}
LdifUser res;
if (attrs.get(objectClass.name()).contains(getGroupObjectClass()))
res = new LdifGroup(this, name, attrs);
- else if (attrs.get(objectClass.name()).contains(
- getUserObjectClass()))
+ else if (attrs.get(objectClass.name()).contains(getUserObjectClass()))
res = new LdifUser(this, name, attrs);
else
- throw new UserDirectoryException("Unsupported LDAP type for "
- + name);
+ throw new UserDirectoryException("Unsupported LDAP type for " + name);
return res;
} catch (NamingException e) {
- throw new UserDirectoryException("Cannot get role for " + name, e);
+ return null;
}
}
@Override
protected List<DirectoryUser> doGetRoles(Filter f) {
try {
- String searchFilter = f != null ? f.toString() : "(|("
- + objectClass + "=" + getUserObjectClass() + ")("
- + objectClass + "=" + getGroupObjectClass() + "))";
+ String searchFilter = f != null ? f.toString()
+ : "(|(" + objectClass + "=" + getUserObjectClass() + ")(" + objectClass + "="
+ + getGroupObjectClass() + "))";
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
- String searchBase = getBaseDn();
- NamingEnumeration<SearchResult> results = getLdapContext().search(
- searchBase, searchFilter, searchControls);
+ LdapName searchBase = getBaseDn();
+ NamingEnumeration<SearchResult> results = getLdapContext().search(searchBase, searchFilter, searchControls);
ArrayList<DirectoryUser> res = new ArrayList<DirectoryUser>();
results: while (results.hasMoreElements()) {
else if (objectClassAttr.contains(getUserObjectClass()))
role = new LdifUser(this, dn, attrs);
else {
- log.warn("Unsupported LDAP type for "
- + searchResult.getName());
+ log.warn("Unsupported LDAP type for " + searchResult.getName());
continue results;
}
res.add(role);
}
return res;
} catch (Exception e) {
- throw new UserDirectoryException(
- "Cannot get roles for filter " + f, e);
+ throw new UserDirectoryException("Cannot get roles for filter " + f, e);
}
}
- private LdapName toDn(String baseDn, Binding binding)
- throws InvalidNameException {
- return new LdapName(binding.isRelative() ? binding.getName() + ","
- + baseDn : binding.getName());
+ private LdapName toDn(LdapName baseDn, Binding binding) throws InvalidNameException {
+ return new LdapName(binding.isRelative() ? binding.getName() + "," + baseDn : binding.getName());
}
@Override
protected List<LdapName> getDirectGroups(LdapName dn) {
List<LdapName> directGroups = new ArrayList<LdapName>();
try {
- String searchFilter = "(&(" + objectClass + "="
- + getGroupObjectClass() + ")(" + getMemberAttributeId()
+ String searchFilter = "(&(" + objectClass + "=" + getGroupObjectClass() + ")(" + getMemberAttributeId()
+ "=" + dn + "))";
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
- String searchBase = getBaseDn();
- NamingEnumeration<SearchResult> results = getLdapContext().search(
- searchBase, searchFilter, searchControls);
+ LdapName searchBase = getBaseDn();
+ NamingEnumeration<SearchResult> results = getLdapContext().search(searchBase, searchFilter, searchControls);
while (results.hasMoreElements()) {
- SearchResult searchResult = (SearchResult) results
- .nextElement();
+ SearchResult searchResult = (SearchResult) results.nextElement();
directGroups.add(toDn(searchBase, searchResult));
}
return directGroups;
} catch (Exception e) {
- throw new ArgeoException("Cannot populate direct members of " + dn,
- e);
+ throw new UserDirectoryException("Cannot populate direct members of " + dn, e);
}
}
// delete
for (LdapName dn : wc.getDeletedUsers().keySet()) {
if (!entryExists(dn))
- throw new UserDirectoryException("User to delete no found "
- + dn);
+ throw new UserDirectoryException("User to delete no found " + dn);
}
// add
for (LdapName dn : wc.getNewUsers().keySet()) {
- if (!entryExists(dn))
- throw new UserDirectoryException("User to create found "
- + dn);
+ if (entryExists(dn))
+ throw new UserDirectoryException("User to create found " + dn);
}
// modify
for (LdapName dn : wc.getModifiedUsers().keySet()) {
- if (!entryExists(dn))
- throw new UserDirectoryException("User to modify no found "
- + dn);
+ if (!wc.getNewUsers().containsKey(dn) && !entryExists(dn))
+ throw new UserDirectoryException("User to modify not found " + dn);
}
} catch (NamingException e) {
throw new UserDirectoryException("Cannot prepare LDAP", e);
}
private boolean entryExists(LdapName dn) throws NamingException {
- return getLdapContext().getAttributes(dn).size() != 0;
+ try {
+ return getLdapContext().getAttributes(dn).size() != 0;
+ } catch (NameNotFoundException e) {
+ return false;
+ }
}
@Override
// modify
for (LdapName dn : wc.getModifiedUsers().keySet()) {
Attributes modifiedAttrs = wc.getModifiedUsers().get(dn);
- getLdapContext().modifyAttributes(dn,
- DirContext.REPLACE_ATTRIBUTE, modifiedAttrs);
+ getLdapContext().modifyAttributes(dn, DirContext.REPLACE_ATTRIBUTE, modifiedAttrs);
}
} catch (NamingException e) {
throw new UserDirectoryException("Cannot commit LDAP", e);