import java.util.ArrayList;
import java.util.Arrays;
-import java.util.Dictionary;
import java.util.HashMap;
import java.util.HashSet;
-import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import java.util.Set;
*/
public class AggregatingUserAdmin implements UserAdmin {
private final LdapName systemRolesBaseDn;
+ private final LdapName tokensBaseDn;
// DAOs
private AbstractUserDirectory systemRoles = null;
+ private AbstractUserDirectory tokens = null;
private Map<LdapName, AbstractUserDirectory> businessRoles = new HashMap<LdapName, AbstractUserDirectory>();
- public AggregatingUserAdmin(String systemRolesBaseDn) {
+ public AggregatingUserAdmin(String systemRolesBaseDn, String tokensBaseDn) {
try {
this.systemRolesBaseDn = new LdapName(systemRolesBaseDn);
+ if (tokensBaseDn != null)
+ this.tokensBaseDn = new LdapName(tokensBaseDn);
+ else
+ this.tokensBaseDn = null;
} catch (InvalidNameException e) {
throw new UserDirectoryException("Cannot initialize " + AggregatingUserAdmin.class, e);
}
Set<String> sysRoles = new HashSet<String>();
for (String role : rawAuthorization.getRoles()) {
Authorization auth = systemRoles.getAuthorization((User) userAdmin.getRole(role));
- sysRoles.addAll(Arrays.asList(auth.getRoles()));
+ systemRoles:for(String systemRole:auth.getRoles()) {
+ if(role.equals(systemRole))
+ continue systemRoles;
+ sysRoles.add(systemRole);
+ }
+// sysRoles.addAll(Arrays.asList(auth.getRoles()));
}
addAbstractSystemRoles(rawAuthorization, sysRoles);
Authorization authorization = new AggregatingAuthorization(usernameToUse, displayNameToUse, sysRoles,
if (isSystemRolesBaseDn(baseDn)) {
this.systemRoles = userDirectory;
systemRoles.setExternalRoles(this);
+ } else if (isTokensBaseDn(baseDn)) {
+ this.tokens = userDirectory;
+ tokens.setExternalRoles(this);
} else {
if (businessRoles.containsKey(baseDn))
throw new UserDirectoryException("There is already a user admin for " + baseDn);
private UserAdmin findUserAdmin(LdapName name) {
if (name.startsWith(systemRolesBaseDn))
return systemRoles;
+ if (tokensBaseDn != null && name.startsWith(tokensBaseDn))
+ return tokens;
List<UserAdmin> res = new ArrayList<UserAdmin>(1);
for (LdapName baseDn : businessRoles.keySet()) {
+ AbstractUserDirectory ud = businessRoles.get(baseDn);
if (name.startsWith(baseDn)) {
- AbstractUserDirectory ud = businessRoles.get(baseDn);
if (!ud.isDisabled())
res.add(ud);
}
+// Object principal = ud.getProperties().get(Context.SECURITY_PRINCIPAL);
+// if (principal != null) {
+// try {
+// LdapName principalLdapName = new LdapName(principal.toString());
+// if (principalLdapName.equals(name))
+// res.add(ud);
+// } catch (InvalidNameException e) {
+// // silent
+// }
+// }
}
if (res.size() == 0)
throw new UserDirectoryException("Cannot find user admin for " + name);
return baseDn.equals(systemRolesBaseDn);
}
- protected Dictionary<String, Object> currentState() {
- Dictionary<String, Object> res = new Hashtable<String, Object>();
- // res.put(NodeConstants.CN, NodeConstants.DEFAULT);
- for (LdapName name : businessRoles.keySet()) {
- AbstractUserDirectory userDirectory = businessRoles.get(name);
- String uri = UserAdminConf.propertiesAsUri(userDirectory.getProperties()).toString();
- res.put(uri, "");
- }
- return res;
+ protected boolean isTokensBaseDn(LdapName baseDn) {
+ return tokensBaseDn != null && baseDn.equals(tokensBaseDn);
}
+// protected Dictionary<String, Object> currentState() {
+// Dictionary<String, Object> res = new Hashtable<String, Object>();
+// // res.put(NodeConstants.CN, NodeConstants.DEFAULT);
+// for (LdapName name : businessRoles.keySet()) {
+// AbstractUserDirectory userDirectory = businessRoles.get(name);
+// String uri = UserAdminConf.propertiesAsUri(userDirectory.getProperties()).toString();
+// res.put(uri, "");
+// }
+// return res;
+// }
+
public void destroy() {
for (LdapName name : businessRoles.keySet()) {
AbstractUserDirectory userDirectory = businessRoles.get(name);