From cf02d7afd63e6bbef9f7a88ee9674c27ff843d79 Mon Sep 17 00:00:00 2001 From: Mathieu Baudier Date: Wed, 26 Aug 2015 14:18:37 +0000 Subject: [PATCH] Can login with any uniquely indexed user property. git-svn-id: https://svn.argeo.org/commons/trunk@8347 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc --- .../internal/auth/UserAdminLoginModule.java | 3 +- .../argeo/osgi/useradmin/LdifUserAdmin.java | 61 ++++++++++++++++++- 2 files changed, 61 insertions(+), 3 deletions(-) diff --git a/org.argeo.cms/src/org/argeo/cms/internal/auth/UserAdminLoginModule.java b/org.argeo.cms/src/org/argeo/cms/internal/auth/UserAdminLoginModule.java index dea6048e6..63ca969b8 100644 --- a/org.argeo.cms/src/org/argeo/cms/internal/auth/UserAdminLoginModule.java +++ b/org.argeo.cms/src/org/argeo/cms/internal/auth/UserAdminLoginModule.java @@ -99,7 +99,8 @@ public class UserAdminLoginModule implements LoginModule { else throw new CredentialNotFoundException("No credentials provided"); - user = (User) userAdmin.getRole(username); + // user = (User) userAdmin.getRole(username); + user = userAdmin.getUser(null, username); if (user == null) return false; diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifUserAdmin.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifUserAdmin.java index e2cf903fc..33372e63f 100644 --- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifUserAdmin.java +++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifUserAdmin.java @@ -3,6 +3,12 @@ package org.argeo.osgi.useradmin; import java.io.InputStream; import java.net.URI; import java.net.URISyntaxException; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Dictionary; +import java.util.LinkedHashMap; +import java.util.List; +import java.util.Map; import java.util.SortedMap; import java.util.TreeMap; @@ -25,6 +31,10 @@ public class LdifUserAdmin implements UserAdmin { private final boolean isReadOnly; private final URI uri; + private List indexedUserProperties = Arrays.asList(new String[] { + "uid", "mail", "cn" }); + private Map> userIndexes = new LinkedHashMap>(); + public LdifUserAdmin(String uri) { this(uri, true); } @@ -75,8 +85,27 @@ public class LdifUserAdmin implements UserAdmin { } // optimise - for (LdifGroup group : groups.values()) { + for (LdifGroup group : groups.values()) group.loadMembers(this); + + // indexes + for (String attr : indexedUserProperties) + userIndexes.put(attr, new TreeMap()); + + for (LdifUser user : users.values()) { + Dictionary properties = user.getProperties(); + for (String attr : indexedUserProperties) { + Object value = properties.get(attr); + if (value != null) { + LdifUser otherUser = userIndexes.get(attr).put( + value.toString(), user); + if (otherUser != null) + throw new ArgeoUserAdminException("User " + user + + " and user " + otherUser + + " both habe property " + attr + + " set to " + value); + } + } } } catch (Exception e) { throw new ArgeoUserAdminException( @@ -131,7 +160,35 @@ public class LdifUserAdmin implements UserAdmin { @Override public User getUser(String key, String value) { - throw new UnsupportedOperationException(); + // TODO check value null or empty + if (key != null) { + if (!userIndexes.containsKey(key)) + return null; + return userIndexes.get(key).get(value); + } + + // Try all indexes + List collectedUsers = new ArrayList( + indexedUserProperties.size()); + // try dn + LdifUser user = null; + try { + user = (LdifUser) getRole(value); + if (user != null) + collectedUsers.add(user); + } catch (Exception e) { + // silent + } + for (String attr : userIndexes.keySet()) { + user = userIndexes.get(attr).get(value); + if (user != null) + collectedUsers.add(user); + } + + if (collectedUsers.size() == 1) + return collectedUsers.get(0); + return null; + // throw new UnsupportedOperationException(); } public boolean getIsReadOnly() { -- 2.39.2