Improve logging

[lgpl/argeo-commons.git] / org.argeo.enterprise / src / org / argeo / osgi / useradmin / LdapUserAdmin.java
diff --git a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java

index 978b9a6692b24de651bd02c16a59391b4356a86d..6dbf6c2d7f79819a3fda2db25ce3654bac55e3b1 100644 (file)
--- a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
+++ b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
@@ -39,7 +39,7 @@ public class LdapUserAdmin extends AbstractUserDirectory {
         private InitialLdapContext initialLdapContext = null;
  
         public LdapUserAdmin(Dictionary<String, ?> properties) {
-               super(properties);
+               super(null, properties);
                 try {
                         Hashtable<String, Object> connEnv = new Hashtable<String, Object>();
                         connEnv.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
@@ -82,16 +82,19 @@ public class LdapUserAdmin extends AbstractUserDirectory {
         @Override
         protected AbstractUserDirectory scope(User user) {
                 Dictionary<String, Object> credentials = user.getCredentials();
-               // FIXME use arrays
                 String username = (String) credentials.get(SHARED_STATE_USERNAME);
                 if (username == null)
                         username = user.getName();
-               // byte[] pwd = (byte[]) credentials.get(SHARED_STATE_PASSWORD);
-               // char[] password = DigestUtils.bytesToChars(pwd);
                 Dictionary<String, Object> properties = cloneProperties();
                 properties.put(Context.SECURITY_PRINCIPAL, username.toString());
-               // properties.put(Context.SECURITY_CREDENTIALS, password);
-               properties.put(Context.SECURITY_AUTHENTICATION, "GSSAPI");
+               Object pwdCred = credentials.get(SHARED_STATE_PASSWORD);
+               byte[] pwd = (byte[]) pwdCred;
+               if (pwd != null) {
+                       char[] password = DigestUtils.bytesToChars(pwd);
+                       properties.put(Context.SECURITY_CREDENTIALS, new String(password));
+               } else {
+                       properties.put(Context.SECURITY_AUTHENTICATION, "GSSAPI");
+               }
                 return new LdapUserAdmin(properties);
         }
  
@@ -101,11 +104,15 @@ public class LdapUserAdmin extends AbstractUserDirectory {
  
         @Override
         protected Boolean daoHasRole(LdapName dn) {
-               return daoGetRole(dn) != null;
+               try {
+                       return daoGetRole(dn) != null;
+               } catch (NameNotFoundException e) {
+                       return false;
+               }
         }
  
         @Override
-       protected DirectoryUser daoGetRole(LdapName name) {
+       protected DirectoryUser daoGetRole(LdapName name) throws NameNotFoundException {
                 try {
                         Attributes attrs = getLdapContext().getAttributes(name);
                         if (attrs.size() == 0)
@@ -119,8 +126,11 @@ public class LdapUserAdmin extends AbstractUserDirectory {
                         else
                                 throw new UserDirectoryException("Unsupported LDAP type for " + name);
                         return res;
+               } catch (NameNotFoundException e) {
+                       throw e;
                 } catch (NamingException e) {
-                       log.error("Cannot get role: " + e.getMessage());
+                       if (log.isTraceEnabled())
+                               log.error("Cannot get role: " + name, e);
                         return null;
                 }
         }