X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.security.core%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FLdapUserAdmin.java;h=73dc510eccae80b2a1702564f518aecee8a5242c;hb=2dfbd96ae2f0d51cf10f9ddd2fc0e73dee13848b;hp=ef212fa27a0160629a592af1c578630699941fbc;hpb=268e023a9de5db2549431a4415e584ac68a4f98b;p=lgpl%2Fargeo-commons.git diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdapUserAdmin.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdapUserAdmin.java index ef212fa27..73dc510ec 100644 --- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdapUserAdmin.java +++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdapUserAdmin.java @@ -12,6 +12,7 @@ import javax.naming.Context; import javax.naming.InvalidNameException; import javax.naming.NamingEnumeration; import javax.naming.NamingException; +import javax.naming.directory.Attribute; import javax.naming.directory.Attributes; import javax.naming.directory.DirContext; import javax.naming.directory.SearchControls; @@ -42,7 +43,7 @@ public class LdapUserAdmin extends AbstractUserDirectory { "com.sun.jndi.ldap.LdapCtxFactory"); connEnv.put(Context.PROVIDER_URL, getUri().toString()); connEnv.put("java.naming.ldap.attributes.binary", - LdifName.userpassword.name()); + LdifName.userPassword.name()); initialLdapContext = new InitialLdapContext(connEnv, null); // StartTlsResponse tls = (StartTlsResponse) ctx @@ -111,7 +112,6 @@ public class LdapUserAdmin extends AbstractUserDirectory { @Override protected List doGetRoles(Filter f) { - // TODO Auto-generated method stub try { String searchFilter = f != null ? f.toString() : "(|(" + objectClass + "=" + getUserObjectClass() + ")(" @@ -124,22 +124,21 @@ public class LdapUserAdmin extends AbstractUserDirectory { searchBase, searchFilter, searchControls); ArrayList res = new ArrayList(); - while (results.hasMoreElements()) { + results: while (results.hasMoreElements()) { SearchResult searchResult = results.next(); Attributes attrs = searchResult.getAttributes(); + Attribute objectClassAttr = attrs.get(objectClass.name()); + LdapName dn = toDn(searchBase, searchResult); LdifUser role; - if (attrs.get(objectClass.name()).contains( - getGroupObjectClass())) - role = new LdifGroup(this, toDn(searchBase, searchResult), - attrs); - else if (attrs.get(objectClass.name()).contains( - getUserObjectClass())) - role = new LdifUser(this, toDn(searchBase, searchResult), - attrs); - else - throw new UserDirectoryException( - "Unsupported LDAP type for " - + searchResult.getName()); + if (objectClassAttr.contains(getGroupObjectClass())) + role = new LdifGroup(this, dn, attrs); + else if (objectClassAttr.contains(getUserObjectClass())) + role = new LdifUser(this, dn, attrs); + else { + log.warn("Unsupported LDAP type for " + + searchResult.getName()); + continue results; + } res.add(role); } return res; @@ -183,7 +182,7 @@ public class LdapUserAdmin extends AbstractUserDirectory { } @Override - protected void prepare(WorkingCopy wc) { + protected void prepare(UserDirectoryWorkingCopy wc) { try { getLdapContext().reconnect(getLdapContext().getConnectControls()); // delete @@ -214,7 +213,7 @@ public class LdapUserAdmin extends AbstractUserDirectory { } @Override - protected void commit(WorkingCopy wc) { + protected void commit(UserDirectoryWorkingCopy wc) { try { // delete for (LdapName dn : wc.getDeletedUsers().keySet()) { @@ -237,7 +236,7 @@ public class LdapUserAdmin extends AbstractUserDirectory { } @Override - protected void rollback(WorkingCopy wc) { + protected void rollback(UserDirectoryWorkingCopy wc) { // prepare not impacting }