]>
git.argeo.org Git - lgpl/argeo-commons.git/blob - org.argeo.util/src/org/argeo/osgi/useradmin/UserAdminConf.java
1 package org
.argeo
.osgi
.useradmin
;
3 import java
.net
.InetAddress
;
5 import java
.net
.URISyntaxException
;
6 import java
.net
.UnknownHostException
;
7 import java
.util
.Dictionary
;
8 import java
.util
.Hashtable
;
12 import javax
.naming
.Context
;
13 import javax
.naming
.ldap
.LdapName
;
15 import org
.argeo
.util
.naming
.NamingUtils
;
17 /** Properties used to configure user admins. */
18 public enum UserAdminConf
{
19 /** Base DN (cannot be configured externally) */
20 baseDn("dc=example,dc=com"),
22 /** URI of the underlying resource (cannot be configured externally) */
23 uri("ldap://localhost:10389"),
25 /** User objectClass */
26 userObjectClass("inetOrgPerson"),
28 /** Relative base DN for users */
29 userBase("ou=People"),
31 /** Groups objectClass */
32 groupObjectClass("groupOfNames"),
34 /** Relative base DN for users */
35 groupBase("ou=Groups"),
37 /** Relative base DN for users */
38 systemRoleBase("ou=Roles"),
40 /** Read-only source */
43 /** Disabled source */
46 /** Authentication realm */
49 /** Override all passwords with this value (typically for testing purposes) */
52 public final static String FACTORY_PID
= "org.argeo.osgi.useradmin.config";
54 public final static String SCHEME_LDAP
= "ldap";
55 public final static String SCHEME_LDAPS
= "ldaps";
56 public final static String SCHEME_FILE
= "file";
57 public final static String SCHEME_OS
= "os";
58 public final static String SCHEME_IPA
= "ipa";
60 /** The default value. */
63 UserAdminConf(Object def
) {
67 public Object
getDefault() {
72 * For use as Java property.
74 * @deprecated use {@link #name()} instead
77 public String
property() {
81 public String
getValue(Dictionary
<String
, ?
> properties
) {
82 Object res
= getRawValue(properties
);
85 return res
.toString();
88 @SuppressWarnings("unchecked")
89 public <T
> T
getRawValue(Dictionary
<String
, ?
> properties
) {
90 Object res
= properties
.get(name());
96 /** @deprecated use {@link #valueOf(String)} instead */
98 public static UserAdminConf
local(String property
) {
99 return UserAdminConf
.valueOf(property
);
102 /** Hides host and credentials. */
103 public static URI
propertiesAsUri(Dictionary
<String
, ?
> properties
) {
104 StringBuilder query
= new StringBuilder();
106 boolean first
= true;
107 // for (Enumeration<String> keys = properties.keys(); keys.hasMoreElements();) {
108 // String key = keys.nextElement();
109 // // TODO clarify which keys are relevant (list only the enum?)
110 // if (!key.equals("service.factoryPid") && !key.equals("cn") && !key.equals("dn")
111 // && !key.equals(Constants.SERVICE_PID) && !key.startsWith("java") && !key.equals(baseDn.name())
112 // && !key.equals(uri.name()) && !key.equals(Constants.OBJECTCLASS)
113 // && !key.equals(Constants.SERVICE_ID) && !key.equals("bundle.id")) {
117 // query.append('&');
118 // query.append(valueOf(key).name());
119 // query.append('=').append(properties.get(key).toString());
123 keys
: for (UserAdminConf key
: UserAdminConf
.values()) {
124 if (key
.equals(baseDn
) || key
.equals(uri
))
126 Object value
= properties
.get(key
.name());
133 query
.append(key
.name());
134 query
.append('=').append(value
.toString());
138 Object bDnObj
= properties
.get(baseDn
.name());
139 String bDn
= bDnObj
!= null ? bDnObj
.toString() : null;
141 return new URI(null, null, bDn
!= null ?
'/' + bDn
: null, query
.length() != 0 ? query
.toString() : null,
143 } catch (URISyntaxException e
) {
144 throw new UserDirectoryException("Cannot create URI from properties", e
);
148 public static Dictionary
<String
, Object
> uriAsProperties(String uriStr
) {
150 Hashtable
<String
, Object
> res
= new Hashtable
<String
, Object
>();
151 URI u
= new URI(uriStr
);
152 String scheme
= u
.getScheme();
153 if (scheme
!= null && scheme
.equals(SCHEME_IPA
)) {
154 return IpaUtils
.convertIpaUri(u
);
155 // scheme = u.getScheme();
157 String path
= u
.getPath();
159 String bDn
= path
.substring(path
.lastIndexOf('/') + 1, path
.length());
160 if (bDn
.equals("") && SCHEME_OS
.equals(scheme
)) {
161 bDn
= getBaseDnFromHostname();
164 if (bDn
.endsWith(".ldif"))
165 bDn
= bDn
.substring(0, bDn
.length() - ".ldif".length());
167 // Normalize base DN as LDAP name
168 bDn
= new LdapName(bDn
).toString();
170 String principal
= null;
171 String credentials
= null;
173 if (scheme
.equals(SCHEME_LDAP
) || scheme
.equals(SCHEME_LDAPS
)) {
174 // TODO additional checks
175 if (u
.getUserInfo() != null) {
176 String
[] userInfo
= u
.getUserInfo().split(":");
177 principal
= userInfo
.length
> 0 ? userInfo
[0] : null;
178 credentials
= userInfo
.length
> 1 ? userInfo
[1] : null;
180 } else if (scheme
.equals(SCHEME_FILE
)) {
181 } else if (scheme
.equals(SCHEME_IPA
)) {
182 } else if (scheme
.equals(SCHEME_OS
)) {
184 throw new UserDirectoryException("Unsupported scheme " + scheme
);
185 Map
<String
, List
<String
>> query
= NamingUtils
.queryToMap(u
);
186 for (String key
: query
.keySet()) {
187 UserAdminConf ldapProp
= UserAdminConf
.valueOf(key
);
188 List
<String
> values
= query
.get(key
);
189 if (values
.size() == 1) {
190 res
.put(ldapProp
.name(), values
.get(0));
192 throw new UserDirectoryException("Only single values are supported");
195 res
.put(baseDn
.name(), bDn
);
196 if (SCHEME_OS
.equals(scheme
))
197 res
.put(readOnly
.name(), "true");
198 if (principal
!= null)
199 res
.put(Context
.SECURITY_PRINCIPAL
, principal
);
200 if (credentials
!= null)
201 res
.put(Context
.SECURITY_CREDENTIALS
, credentials
);
202 if (scheme
!= null) {// relative URIs are dealt with externally
203 if (SCHEME_OS
.equals(scheme
)) {
204 res
.put(uri
.name(), SCHEME_OS
+ ":///");
206 URI bareUri
= new URI(scheme
, null, u
.getHost(), u
.getPort(),
207 scheme
.equals(SCHEME_FILE
) ? u
.getPath() : null, null, null);
208 res
.put(uri
.name(), bareUri
.toString());
212 } catch (Exception e
) {
213 throw new UserDirectoryException("Cannot convert " + uri
+ " to properties", e
);
217 private static String
getBaseDnFromHostname() {
220 hostname
= InetAddress
.getLocalHost().getHostName();
221 } catch (UnknownHostException e
) {
222 hostname
= "localhost.localdomain";
224 int dotIdx
= hostname
.indexOf('.');
226 String domain
= hostname
.substring(dotIdx
+ 1, hostname
.length());
227 String bDn
= ("." + domain
).replaceAll("\\.", ",dc=");
228 bDn
= bDn
.substring(1, bDn
.length());
231 return "dc=" + hostname
;
236 * Hash the base DN in order to have a deterministic string to be used as a cn
237 * for the underlying user directory.
239 public static String
baseDnHash(Dictionary
<String
, Object
> properties
) {
240 String bDn
= (String
) properties
.get(baseDn
.name());
242 throw new UserDirectoryException("No baseDn in " + properties
);
243 return DigestUtils
.sha1str(bDn
);