Make LDAP support more robust

diff --git a/org.argeo.enterprise/src/org/argeo/naming/LdifParser.java b/org.argeo.enterprise/src/org/argeo/naming/LdifParser.java
index 9595b57f0b0d030e866b44856131ea3a6cfe5105..86392b345174cb9392a1cb5360fe439470e777b4 100644 (file)
--- a/org.argeo.enterprise/src/org/argeo/naming/LdifParser.java
+++ b/org.argeo.enterprise/src/org/argeo/naming/LdifParser.java
@@ -114,6 +114,7 @@ public class LdifParser {
                                        }
 
                                        String attributeId = attrId.toString();
+                                       // TODO should we really trim the end of the string as well?
                                        String cleanValueStr = currentEntry.toString().trim();
                                        Object attributeValue = isBase64 ? Base64.getDecoder().decode(cleanValueStr) : cleanValueStr;
 

diff --git a/org.argeo.enterprise/src/org/argeo/naming/LdifWriter.java b/org.argeo.enterprise/src/org/argeo/naming/LdifWriter.java
index 892fa885d8f46611de39d0d173bda5edc944482d..6a3fea12f29fa8b438700ddc72d6cc225a59a880 100644 (file)
--- a/org.argeo.enterprise/src/org/argeo/naming/LdifWriter.java
+++ b/org.argeo.enterprise/src/org/argeo/naming/LdifWriter.java
@@ -42,7 +42,7 @@ public class LdifWriter {
                                throw new UserDirectoryException(
                                                "Attribute " + nameAttr.getID() + "=" + nameAttr.get() + " not consistent with DN " + name);
 
-                       writer.append(LdapAttrs.DN + ":").append(name.toString()).append('\n');
+                       writer.append(LdapAttrs.DN + ": ").append(name.toString()).append('\n');
                        Attribute objectClassAttr = attributes.get("objectClass");
                        if (objectClassAttr != null)
                                writeAttribute(objectClassAttr);
@@ -69,9 +69,9 @@ public class LdifWriter {
                        Object value = attrValues.next();
                        if (value instanceof byte[]) {
                                String encoded = Base64.getEncoder().encodeToString((byte[]) value);
-                               writer.append(attribute.getID()).append("::").append(encoded).append('\n');
+                               writer.append(attribute.getID()).append(":: ").append(encoded).append('\n');
                        } else {
-                               writer.append(attribute.getID()).append(':').append(value.toString()).append('\n');
+                               writer.append(attribute.getID()).append(": ").append(value.toString()).append('\n');
                        }
                }
        }

diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AbstractUserDirectory.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AbstractUserDirectory.java
index e4b25ae81caceab5b2ff07b40364bc59bba67c86..66b6e91e27eac392fc4af28fb7791a3efb454a40 100644 (file)
--- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AbstractUserDirectory.java
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AbstractUserDirectory.java
@@ -1,6 +1,7 @@
 package org.argeo.osgi.useradmin;
 
 import static org.argeo.naming.LdapAttrs.objectClass;
+import static org.argeo.naming.LdapObjs.extensibleObject;
 import static org.argeo.naming.LdapObjs.inetOrgPerson;
 import static org.argeo.naming.LdapObjs.organizationalPerson;
 import static org.argeo.naming.LdapObjs.person;
@@ -18,6 +19,7 @@ import java.util.Iterator;
 import java.util.List;
 
 import javax.naming.InvalidNameException;
+import javax.naming.NameNotFoundException;
 import javax.naming.NamingEnumeration;
 import javax.naming.directory.Attribute;
 import javax.naming.directory.Attributes;
@@ -32,6 +34,7 @@ import javax.transaction.TransactionManager;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.argeo.naming.LdapAttrs;
+import org.argeo.naming.LdapObjs;
 import org.osgi.framework.Filter;
 import org.osgi.framework.FrameworkUtil;
 import org.osgi.framework.InvalidSyntaxException;
@@ -113,7 +116,7 @@ public abstract class AbstractUserDirectory implements UserAdmin, UserDirectory
 
        protected abstract Boolean daoHasRole(LdapName dn);
 
-       protected abstract DirectoryUser daoGetRole(LdapName key);
+       protected abstract DirectoryUser daoGetRole(LdapName key) throws NameNotFoundException;
 
        protected abstract List<DirectoryUser> doGetRoles(Filter f);
 
@@ -209,7 +212,12 @@ public abstract class AbstractUserDirectory implements UserAdmin, UserDirectory
 
        protected DirectoryUser doGetRole(LdapName dn) {
                UserDirectoryWorkingCopy wc = getWorkingCopy();
-               DirectoryUser user = daoGetRole(dn);
+               DirectoryUser user;
+               try {
+                       user = daoGetRole(dn);
+               } catch (NameNotFoundException e) {
+                       user = null;
+               }
                if (wc != null) {
                        if (user == null && wc.getNewUsers().containsKey(dn))
                                user = wc.getNewUsers().get(dn);
@@ -313,12 +321,13 @@ public abstract class AbstractUserDirectory implements UserAdmin, UserDirectory
                if (wc.getDeletedUsers().containsKey(dn)) {
                        wc.getDeletedUsers().remove(dn);
                        wc.getModifiedUsers().put(dn, attrs);
+                       return getRole(name);
                } else {
                        wc.getModifiedUsers().put(dn, attrs);
                        DirectoryUser newRole = newRole(dn, type, attrs);
                        wc.getNewUsers().put(dn, newRole);
+                       return newRole;
                }
-               return getRole(name);
        }
 
        protected DirectoryUser newRole(LdapName dn, int type, Attributes attrs) {
@@ -334,6 +343,7 @@ public abstract class AbstractUserDirectory implements UserAdmin, UserDirectory
                                objClass.add(person.name());
                        }
                        objClass.add(top.name());
+                       objClass.add(extensibleObject.name());
                        attrs.put(objClass);
                        newRole = new LdifUser(this, dn, attrs);
                } else if (type == Role.GROUP) {

diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
index 494d9c2dfaf0c0b78981f0615daf1719a93cb496..cf97ebea393e5cbe06a9de38180ec14615d858da 100644 (file)
--- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
@@ -101,11 +101,15 @@ public class LdapUserAdmin extends AbstractUserDirectory {
 
        @Override
        protected Boolean daoHasRole(LdapName dn) {
-               return daoGetRole(dn) != null;
+               try {
+                       return daoGetRole(dn) != null;
+               } catch (NameNotFoundException e) {
+                       return false;
+               }
        }
 
        @Override
-       protected DirectoryUser daoGetRole(LdapName name) {
+       protected DirectoryUser daoGetRole(LdapName name) throws NameNotFoundException {
                try {
                        Attributes attrs = getLdapContext().getAttributes(name);
                        if (attrs.size() == 0)
@@ -119,6 +123,8 @@ public class LdapUserAdmin extends AbstractUserDirectory {
                        else
                                throw new UserDirectoryException("Unsupported LDAP type for " + name);
                        return res;
+               } catch (NameNotFoundException e) {
+                       throw e;
                } catch (NamingException e) {
                        log.error("Cannot get role: " + name, e);
                        return null;

diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUserAdmin.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUserAdmin.java
index 3e683b6116fbc2b435ff53e9871f3319d63f676f..aab96dd7ad4cf7c319e34da4fe1c15a9517c003e 100644 (file)
--- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUserAdmin.java
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUserAdmin.java
@@ -18,6 +18,7 @@ import java.util.Set;
 import java.util.SortedMap;
 import java.util.TreeMap;
 
+import javax.naming.NameNotFoundException;
 import javax.naming.NamingEnumeration;
 import javax.naming.directory.Attributes;
 import javax.naming.ldap.LdapName;
@@ -154,14 +155,16 @@ public class LdifUserAdmin extends AbstractUserDirectory {
                groups = null;
        }
 
-       protected DirectoryUser daoGetRole(LdapName key) {
+       @Override
+       protected DirectoryUser daoGetRole(LdapName key) throws NameNotFoundException {
                if (groups.containsKey(key))
                        return groups.get(key);
                if (users.containsKey(key))
                        return users.get(key);
-               return null;
+               throw new NameNotFoundException(key + " not persisted");
        }
 
+       @Override
        protected Boolean daoHasRole(LdapName dn) {
                return users.containsKey(dn) || groups.containsKey(dn);
        }