+package org.argeo.security.ldap;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Set;
+
+import javax.naming.NamingException;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.argeo.security.ArgeoUser;
+import org.argeo.security.BasicArgeoUser;
+import org.argeo.security.core.ArgeoUserDetails;
+import org.argeo.security.dao.UserDao;
+import org.springframework.ldap.core.ContextMapper;
+import org.springframework.ldap.core.ContextSource;
+import org.springframework.ldap.core.DirContextAdapter;
+import org.springframework.ldap.core.DistinguishedName;
+import org.springframework.ldap.core.LdapTemplate;
+import org.springframework.security.ldap.populator.DefaultLdapAuthoritiesPopulator;
+import org.springframework.security.userdetails.UserDetails;
+import org.springframework.security.userdetails.UserDetailsManager;
+
+public class UserDaoLdap implements UserDao {
+ private final static Log log = LogFactory.getLog(UserDaoLdap.class);
+
+ private UserDetailsManager userDetailsManager;
+ private DefaultLdapAuthoritiesPopulator authoritiesPopulator;
+ private String userBase = "ou=users";
+
+ private final LdapTemplate ldapTemplate;
+
+ public UserDaoLdap(ContextSource contextSource) {
+ ldapTemplate = new LdapTemplate(contextSource);
+ }
+
+ public void create(ArgeoUser user) {
+ userDetailsManager.createUser((UserDetails) user);
+ }
+
+ public ArgeoUser getUser(String uname) {
+ return (ArgeoUser) userDetailsManager.loadUserByUsername(uname);
+ }
+
+ @SuppressWarnings("unchecked")
+ public List<ArgeoUser> listUsers() {
+ List<String> usernames = (List<String>) ldapTemplate.listBindings(
+ new DistinguishedName(userBase), new UserContextMapper());
+ List<ArgeoUser> lst = new ArrayList<ArgeoUser>();
+ for (String username : usernames) {
+ UserDetails userDetails = userDetailsManager
+ .loadUserByUsername(username);
+ lst.add((ArgeoUser) userDetails);
+ }
+ return lst;
+ }
+
+ public void update(ArgeoUser user) {
+ userDetailsManager.updateUser(new ArgeoUserDetails(user));
+ }
+
+ public void delete(String username) {
+ userDetailsManager.deleteUser(username);
+ }
+
+ public void updatePassword(String oldPassword, String newPassword) {
+ userDetailsManager.changePassword(oldPassword, newPassword);
+ }
+
+ public Boolean userExists(String username) {
+ return userDetailsManager.userExists(username);
+ }
+
+ public void setUserDetailsManager(UserDetailsManager userDetailsManager) {
+ this.userDetailsManager = userDetailsManager;
+ }
+
+ public void setAuthoritiesPopulator(
+ DefaultLdapAuthoritiesPopulator authoritiesPopulator) {
+ this.authoritiesPopulator = authoritiesPopulator;
+ }
+
+ public void setUserBase(String userBase) {
+ this.userBase = userBase;
+ }
+
+ class UserContextMapper implements ContextMapper {
+ public Object mapFromContext(Object ctxArg) {
+ DirContextAdapter ctx = (DirContextAdapter) ctxArg;
+ // BasicArgeoUser user = new BasicArgeoUser();
+ return ctx.getStringAttribute("uid");
+
+ // log.debug("dn# " + ctx.getDn());
+ // log.debug("NameInNamespace# " + ctx.getNameInNamespace());
+ // log.debug("toString# " + ctx.toString());
+
+ // Set<String> roles = authoritiesPopulator.getGroupMembershipRoles(
+ // ctx.composeName(user.getUsername(), userBase), user
+ // .getUsername());
+ // user.setRoles(new ArrayList<String>(roles));
+ // GrantedAuthority[] auths = authoritiesPopulator
+ // .getGrantedAuthorities(ldapTemplate.,
+ // user.getUsername());
+ // for (GrantedAuthority auth : auths) {
+ // user.getRoles().add(auth.getAuthority());
+ // }
+ // return user;
+ }
+ }
+
+}