X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.enterprise%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FLdapUserAdmin.java;h=58f6eb1face2b1c92a76fad634abeeb9db918adb;hb=4e5217621733b3f8b9c2427a688a18c68dbc1e5d;hp=cf97ebea393e5cbe06a9de38180ec14615d858da;hpb=780f1fce719bb66b4e4899c2339cb49d62c07dc6;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
index cf97ebea3..58f6eb1fa 100644
--- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
@@ -22,8 +22,6 @@ import javax.naming.ldap.InitialLdapContext;
 import javax.naming.ldap.LdapName;
 import javax.transaction.TransactionManager;
 
-import org.apache.commons.logging.Log;
-import org.apache.commons.logging.LogFactory;
 import org.argeo.naming.LdapAttrs;
 import org.osgi.framework.Filter;
 import org.osgi.service.useradmin.Role;
@@ -34,8 +32,6 @@ import org.osgi.service.useradmin.User;
  * and an open transaction for write access.
  */
 public class LdapUserAdmin extends AbstractUserDirectory {
-	private final static Log log = LogFactory.getLog(LdapUserAdmin.class);
-
 	private InitialLdapContext initialLdapContext = null;
 
 	public LdapUserAdmin(Dictionary<String, ?> properties) {
@@ -74,24 +70,26 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 			// tls.close();
 			initialLdapContext.close();
 		} catch (NamingException e) {
-			log.error("Cannot destroy LDAP user admin", e);
+			e.printStackTrace();
 		}
 	}
 
-	@SuppressWarnings("unchecked")
 	@Override
 	protected AbstractUserDirectory scope(User user) {
 		Dictionary<String, Object> credentials = user.getCredentials();
-		// FIXME use arrays
 		String username = (String) credentials.get(SHARED_STATE_USERNAME);
 		if (username == null)
 			username = user.getName();
-		// byte[] pwd = (byte[]) credentials.get(SHARED_STATE_PASSWORD);
-		// char[] password = DigestUtils.bytesToChars(pwd);
 		Dictionary<String, Object> properties = cloneProperties();
 		properties.put(Context.SECURITY_PRINCIPAL, username.toString());
-		// properties.put(Context.SECURITY_CREDENTIALS, password);
-		properties.put(Context.SECURITY_AUTHENTICATION, "GSSAPI");
+		Object pwdCred = credentials.get(SHARED_STATE_PASSWORD);
+		byte[] pwd = (byte[]) pwdCred;
+		if (pwd != null) {
+			char[] password = DigestUtils.bytesToChars(pwd);
+			properties.put(Context.SECURITY_CREDENTIALS, new String(password));
+		} else {
+			properties.put(Context.SECURITY_AUTHENTICATION, "GSSAPI");
+		}
 		return new LdapUserAdmin(properties);
 	}
 
@@ -126,7 +124,6 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 		} catch (NameNotFoundException e) {
 			throw e;
 		} catch (NamingException e) {
-			log.error("Cannot get role: " + name, e);
 			return null;
 		}
 	}
@@ -157,7 +154,7 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 						|| objectClassAttr.contains(getUserObjectClass().toLowerCase()))
 					role = new LdifUser(this, dn, attrs);
 				else {
-					log.warn("Unsupported LDAP type for " + searchResult.getName());
+//					log.warn("Unsupported LDAP type for " + searchResult.getName());
 					continue results;
 				}
 				res.add(role);