X-Git-Url: http://git.argeo.org/?a=blobdiff_plain;f=org.argeo.security.core%2Fsrc%2Forg%2Fargeo%2Fosgi%2Fuseradmin%2FLdifWriter.java;h=ba393cad13ba1992bde1dba35a35c682ded31563;hb=0b8aa4c76cb7a1d19abf93a4c1ae0c973abdab5b;hp=25793c923e97bc3c9199cb6a3ed0c41263d0a839;hpb=a93bccc486bc6334586d9afaabdc5ddfc9211647;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifWriter.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifWriter.java
index 25793c923..ba393cad1 100644
--- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifWriter.java
+++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifWriter.java
@@ -1,5 +1,7 @@
 package org.argeo.osgi.useradmin;
 
+import static org.argeo.osgi.useradmin.LdifName.dn;
+
 import java.io.IOException;
 import java.io.OutputStream;
 import java.io.OutputStreamWriter;
@@ -10,28 +12,36 @@ import javax.naming.NamingException;
 import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
 import javax.naming.ldap.LdapName;
+import javax.naming.ldap.Rdn;
 
 import org.apache.commons.codec.binary.Base64;
 
 /** Basic LDIF writer */
-public class LdifWriter {
+class LdifWriter {
 	private final Writer writer;
 
-	public LdifWriter(OutputStream out) {
+	LdifWriter(OutputStream out) {
 		this.writer = new OutputStreamWriter(out);
 	}
 
 	void writeEntry(LdapName name, Attributes attributes) throws IOException {
 		try {
-			// TODO check consistency of DN with attributes
-			writer.append("dn:").append(name.toString()).append('\n');
+			// check consistency
+			Rdn nameRdn = name.getRdn(name.size() - 1);
+			Attribute nameAttr = attributes.get(nameRdn.getType());
+			if (!nameAttr.get().equals(nameRdn.getValue()))
+				throw new UserDirectoryException("Attribute "
+						+ nameAttr.getID() + "=" + nameAttr.get()
+						+ " not consistent with DN " + name);
+
+			writer.append(dn.name() + ":").append(name.toString()).append('\n');
 			Attribute objectClassAttr = attributes.get("objectClass");
 			if (objectClassAttr != null)
 				writeAttribute(objectClassAttr);
 			for (NamingEnumeration<? extends Attribute> attrs = attributes
 					.getAll(); attrs.hasMore();) {
 				Attribute attribute = attrs.next();
-				if (attribute.getID().equals("dn")
+				if (attribute.getID().equals(dn.name())
 						|| attribute.getID().equals("objectClass"))
 					continue;// skip DN attribute
 				writeAttribute(attribute);
@@ -39,7 +49,7 @@ public class LdifWriter {
 			writer.append('\n');
 			writer.flush();
 		} catch (NamingException e) {
-			throw new ArgeoUserAdminException("Cannot write LDIF", e);
+			throw new UserDirectoryException("Cannot write LDIF", e);
 		}
 	}