- for (LdapName groupDn : getDirectGroups(user.getDn())) {
- // TODO check for loops
- DirectoryUser group = doGetRole(groupDn);
- allRoles.add(group);
- collectRoles(group, allRoles);
+ Attributes attrs = user.getAttributes();
+ // TODO centralize attribute name
+ Attribute memberOf = attrs.get(LdapAttrs.memberOf.name());
+ if (memberOf != null) {
+ try {
+ NamingEnumeration<?> values = memberOf.getAll();
+ while (values.hasMore()) {
+ Object value = values.next();
+ LdapName groupDn = new LdapName(value.toString());
+ DirectoryUser group = doGetRole(groupDn);
+ allRoles.add(group);
+ }
+ } catch (Exception e) {
+ throw new UserDirectoryException("Cannot get memberOf groups for " + user, e);
+ }
+ } else {
+ for (LdapName groupDn : getDirectGroups(user.getDn())) {
+ // TODO check for loops
+ DirectoryUser group = doGetRole(groupDn);
+ allRoles.add(group);
+ collectRoles(group, allRoles);
+ }