X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.enterprise%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FLdapUserAdmin.java;h=6dbf6c2d7f79819a3fda2db25ce3654bac55e3b1;hb=f9ee9620626e471a99f25e84175e27380d902957;hp=7486e3ecf25b38685d6fe8d996ba573f6325ff07;hpb=3714331f776988facff3632d86ad3f6d6352220c;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
index 7486e3ecf..6dbf6c2d7 100644
--- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
@@ -39,7 +39,7 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 	private InitialLdapContext initialLdapContext = null;
 
 	public LdapUserAdmin(Dictionary<String, ?> properties) {
-		super(properties);
+		super(null, properties);
 		try {
 			Hashtable<String, Object> connEnv = new Hashtable<String, Object>();
 			connEnv.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
@@ -82,16 +82,19 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 	@Override
 	protected AbstractUserDirectory scope(User user) {
 		Dictionary<String, Object> credentials = user.getCredentials();
-		// FIXME use arrays
 		String username = (String) credentials.get(SHARED_STATE_USERNAME);
 		if (username == null)
 			username = user.getName();
-		// byte[] pwd = (byte[]) credentials.get(SHARED_STATE_PASSWORD);
-		// char[] password = DigestUtils.bytesToChars(pwd);
 		Dictionary<String, Object> properties = cloneProperties();
 		properties.put(Context.SECURITY_PRINCIPAL, username.toString());
-		// properties.put(Context.SECURITY_CREDENTIALS, password);
-		properties.put(Context.SECURITY_AUTHENTICATION, "GSSAPI");
+		Object pwdCred = credentials.get(SHARED_STATE_PASSWORD);
+		byte[] pwd = (byte[]) pwdCred;
+		if (pwd != null) {
+			char[] password = DigestUtils.bytesToChars(pwd);
+			properties.put(Context.SECURITY_CREDENTIALS, new String(password));
+		} else {
+			properties.put(Context.SECURITY_AUTHENTICATION, "GSSAPI");
+		}
 		return new LdapUserAdmin(properties);
 	}
 
@@ -101,11 +104,15 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 
 	@Override
 	protected Boolean daoHasRole(LdapName dn) {
-		return daoGetRole(dn) != null;
+		try {
+			return daoGetRole(dn) != null;
+		} catch (NameNotFoundException e) {
+			return false;
+		}
 	}
 
 	@Override
-	protected DirectoryUser daoGetRole(LdapName name) {
+	protected DirectoryUser daoGetRole(LdapName name) throws NameNotFoundException {
 		try {
 			Attributes attrs = getLdapContext().getAttributes(name);
 			if (attrs.size() == 0)
@@ -119,8 +126,11 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 			else
 				throw new UserDirectoryException("Unsupported LDAP type for " + name);
 			return res;
+		} catch (NameNotFoundException e) {
+			throw e;
 		} catch (NamingException e) {
-			log.error("Cannot get role: " + name, e);
+			if (log.isTraceEnabled())
+				log.error("Cannot get role: " + name, e);
 			return null;
 		}
 	}