X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.security.core%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FLdapUserAdmin.java;h=22d9a54227b383d629f13e6be760731bd01b972d;hb=0b8aa4c76cb7a1d19abf93a4c1ae0c973abdab5b;hp=838486b6de609324e27dd81691aef65987605021;hpb=25e98954db6faeec4ba9950f651e81fbea595b0c;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdapUserAdmin.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
index 838486b6d..22d9a5422 100644
--- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
+++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
@@ -10,8 +10,10 @@ import java.util.List;
 import javax.naming.Binding;
 import javax.naming.Context;
 import javax.naming.InvalidNameException;
+import javax.naming.NameNotFoundException;
 import javax.naming.NamingEnumeration;
 import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
 import javax.naming.directory.DirContext;
 import javax.naming.directory.SearchControls;
@@ -105,7 +107,7 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 						+ name);
 			return res;
 		} catch (NamingException e) {
-			throw new UserDirectoryException("Cannot get role for " + name, e);
+			return null;
 		}
 	}
 
@@ -123,21 +125,21 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 					searchBase, searchFilter, searchControls);
 
 			ArrayList<DirectoryUser> res = new ArrayList<DirectoryUser>();
-			while (results.hasMoreElements()) {
+			results: while (results.hasMoreElements()) {
 				SearchResult searchResult = results.next();
 				Attributes attrs = searchResult.getAttributes();
+				Attribute objectClassAttr = attrs.get(objectClass.name());
 				LdapName dn = toDn(searchBase, searchResult);
 				LdifUser role;
-				if (attrs.get(objectClass.name()).contains(
-						getGroupObjectClass()))
+				if (objectClassAttr.contains(getGroupObjectClass()))
 					role = new LdifGroup(this, dn, attrs);
-				else if (attrs.get(objectClass.name()).contains(
-						getUserObjectClass()))
+				else if (objectClassAttr.contains(getUserObjectClass()))
 					role = new LdifUser(this, dn, attrs);
-				else
-					throw new UserDirectoryException(
-							"Unsupported LDAP type for "
-									+ searchResult.getName());
+				else {
+					log.warn("Unsupported LDAP type for "
+							+ searchResult.getName());
+					continue results;
+				}
 				res.add(role);
 			}
 			return res;
@@ -192,14 +194,14 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 			}
 			// add
 			for (LdapName dn : wc.getNewUsers().keySet()) {
-				if (!entryExists(dn))
+				if (entryExists(dn))
 					throw new UserDirectoryException("User to create found "
 							+ dn);
 			}
 			// modify
 			for (LdapName dn : wc.getModifiedUsers().keySet()) {
 				if (!entryExists(dn))
-					throw new UserDirectoryException("User to modify no found "
+					throw new UserDirectoryException("User to modify not found "
 							+ dn);
 			}
 		} catch (NamingException e) {
@@ -208,7 +210,11 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 	}
 
 	private boolean entryExists(LdapName dn) throws NamingException {
-		return getLdapContext().getAttributes(dn).size() != 0;
+		try {
+			return getLdapContext().getAttributes(dn).size() != 0;
+		} catch (NameNotFoundException e) {
+			return false;
+		}
 	}
 
 	@Override