X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.security.core%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FLdapUserAdmin.java;h=22d9a54227b383d629f13e6be760731bd01b972d;hb=0b8aa4c76cb7a1d19abf93a4c1ae0c973abdab5b;hp=ef212fa27a0160629a592af1c578630699941fbc;hpb=268e023a9de5db2549431a4415e584ac68a4f98b;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdapUserAdmin.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
index ef212fa27..22d9a5422 100644
--- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
+++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
@@ -10,8 +10,10 @@ import java.util.List;
 import javax.naming.Binding;
 import javax.naming.Context;
 import javax.naming.InvalidNameException;
+import javax.naming.NameNotFoundException;
 import javax.naming.NamingEnumeration;
 import javax.naming.NamingException;
+import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
 import javax.naming.directory.DirContext;
 import javax.naming.directory.SearchControls;
@@ -42,7 +44,7 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 					"com.sun.jndi.ldap.LdapCtxFactory");
 			connEnv.put(Context.PROVIDER_URL, getUri().toString());
 			connEnv.put("java.naming.ldap.attributes.binary",
-					LdifName.userpassword.name());
+					LdifName.userPassword.name());
 
 			initialLdapContext = new InitialLdapContext(connEnv, null);
 			// StartTlsResponse tls = (StartTlsResponse) ctx
@@ -105,13 +107,12 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 						+ name);
 			return res;
 		} catch (NamingException e) {
-			throw new UserDirectoryException("Cannot get role for " + name, e);
+			return null;
 		}
 	}
 
 	@Override
 	protected List<DirectoryUser> doGetRoles(Filter f) {
-		// TODO Auto-generated method stub
 		try {
 			String searchFilter = f != null ? f.toString() : "(|("
 					+ objectClass + "=" + getUserObjectClass() + ")("
@@ -124,22 +125,21 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 					searchBase, searchFilter, searchControls);
 
 			ArrayList<DirectoryUser> res = new ArrayList<DirectoryUser>();
-			while (results.hasMoreElements()) {
+			results: while (results.hasMoreElements()) {
 				SearchResult searchResult = results.next();
 				Attributes attrs = searchResult.getAttributes();
+				Attribute objectClassAttr = attrs.get(objectClass.name());
+				LdapName dn = toDn(searchBase, searchResult);
 				LdifUser role;
-				if (attrs.get(objectClass.name()).contains(
-						getGroupObjectClass()))
-					role = new LdifGroup(this, toDn(searchBase, searchResult),
-							attrs);
-				else if (attrs.get(objectClass.name()).contains(
-						getUserObjectClass()))
-					role = new LdifUser(this, toDn(searchBase, searchResult),
-							attrs);
-				else
-					throw new UserDirectoryException(
-							"Unsupported LDAP type for "
-									+ searchResult.getName());
+				if (objectClassAttr.contains(getGroupObjectClass()))
+					role = new LdifGroup(this, dn, attrs);
+				else if (objectClassAttr.contains(getUserObjectClass()))
+					role = new LdifUser(this, dn, attrs);
+				else {
+					log.warn("Unsupported LDAP type for "
+							+ searchResult.getName());
+					continue results;
+				}
 				res.add(role);
 			}
 			return res;
@@ -183,7 +183,7 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 	}
 
 	@Override
-	protected void prepare(WorkingCopy wc) {
+	protected void prepare(UserDirectoryWorkingCopy wc) {
 		try {
 			getLdapContext().reconnect(getLdapContext().getConnectControls());
 			// delete
@@ -194,14 +194,14 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 			}
 			// add
 			for (LdapName dn : wc.getNewUsers().keySet()) {
-				if (!entryExists(dn))
+				if (entryExists(dn))
 					throw new UserDirectoryException("User to create found "
 							+ dn);
 			}
 			// modify
 			for (LdapName dn : wc.getModifiedUsers().keySet()) {
 				if (!entryExists(dn))
-					throw new UserDirectoryException("User to modify no found "
+					throw new UserDirectoryException("User to modify not found "
 							+ dn);
 			}
 		} catch (NamingException e) {
@@ -210,11 +210,15 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 	}
 
 	private boolean entryExists(LdapName dn) throws NamingException {
-		return getLdapContext().getAttributes(dn).size() != 0;
+		try {
+			return getLdapContext().getAttributes(dn).size() != 0;
+		} catch (NameNotFoundException e) {
+			return false;
+		}
 	}
 
 	@Override
-	protected void commit(WorkingCopy wc) {
+	protected void commit(UserDirectoryWorkingCopy wc) {
 		try {
 			// delete
 			for (LdapName dn : wc.getDeletedUsers().keySet()) {
@@ -237,7 +241,7 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 	}
 
 	@Override
-	protected void rollback(WorkingCopy wc) {
+	protected void rollback(UserDirectoryWorkingCopy wc) {
 		// prepare not impacting
 	}