import org.argeo.ArgeoException;
import org.osgi.framework.InvalidSyntaxException;
import org.osgi.service.useradmin.Authorization;
+import org.osgi.service.useradmin.Group;
import org.osgi.service.useradmin.Role;
import org.osgi.service.useradmin.User;
-public class LdapUserAdmin extends AbstractLdapUserAdmin {
+public class LdapUserAdmin extends AbstractUserDirectory {
private final static Log log = LogFactory.getLog(LdapUserAdmin.class);
private String baseDn = "dc=example,dc=com";
log.debug(initialLdapContext.getAttributes(
"uid=root,ou=users,dc=example,dc=com").get("cn"));
} catch (Exception e) {
- throw new ArgeoUserAdminException("Cannot connect to LDAP", e);
+ throw new UserDirectoryException("Cannot connect to LDAP", e);
}
}
Attributes attrs = initialLdapContext.getAttributes(name);
LdifUser res;
if (attrs.get("objectClass").contains("groupOfNames"))
- res = new LdifGroup(new LdapName(name), attrs);
+ res = new LdifGroup(this, new LdapName(name), attrs);
else if (attrs.get("objectClass").contains("inetOrgPerson"))
- res = new LdifUser(new LdapName(name), attrs);
+ res = new LdifUser(this, new LdapName(name), attrs);
else
- throw new ArgeoUserAdminException("Unsupported LDAP type for "
+ throw new UserDirectoryException("Unsupported LDAP type for "
+ name);
return res;
} catch (NamingException e) {
- throw new ArgeoUserAdminException("Cannot get role for " + name, e);
+ throw new UserDirectoryException("Cannot get role for " + name, e);
}
}
public Role[] getRoles(String filter) throws InvalidSyntaxException {
try {
String searchFilter = filter;
+ if (searchFilter == null)
+ searchFilter = "(|(objectClass=inetOrgPerson)(objectClass=groupOfNames))";
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
while (results.hasMoreElements()) {
SearchResult searchResult = results.next();
Attributes attrs = searchResult.getAttributes();
- String name = searchResult.getName();
LdifUser role;
if (attrs.get("objectClass").contains("groupOfNames"))
- role = new LdifGroup(new LdapName(name), attrs);
+ role = new LdifGroup(this, toDn(searchBase, searchResult),
+ attrs);
else if (attrs.get("objectClass").contains("inetOrgPerson"))
- role = new LdifUser(new LdapName(name), attrs);
+ role = new LdifUser(this, toDn(searchBase, searchResult),
+ attrs);
else
- throw new ArgeoUserAdminException(
- "Unsupported LDAP type for " + name);
+ throw new UserDirectoryException(
+ "Unsupported LDAP type for "
+ + searchResult.getName());
res.add(role);
}
return res.toArray(new Role[res.size()]);
} catch (Exception e) {
- throw new ArgeoUserAdminException("Cannot get roles for filter "
+ throw new UserDirectoryException("Cannot get roles for filter "
+ filter, e);
}
}
}
if (searchResult == null)
return null;
- return new LdifUser(toDn(searchBase, searchResult),
+ return new LdifUser(this, toDn(searchBase, searchResult),
searchResult.getAttributes());
} catch (Exception e) {
- throw new ArgeoUserAdminException("Cannot get user with " + key
+ throw new UserDirectoryException("Cannot get user with " + key
+ "=" + value, e);
}
}
@Override
public Authorization getAuthorization(User user) {
LdifUser u = (LdifUser) user;
- populateDirectMemberOf(u);
- return new LdifAuthorization(u);
+ // populateDirectMemberOf(u);
+ return new LdifAuthorization(u, getAllRoles(u));
}
private LdapName toDn(String baseDn, Binding binding)
+ baseDn : binding.getName());
}
- void populateDirectMemberOf(LdifUser user) {
+ // void populateDirectMemberOf(LdifUser user) {
+ //
+ // try {
+ // String searchFilter = "(&(objectClass=groupOfNames)(member="
+ // + user.getName() + "))";
+ //
+ // SearchControls searchControls = new SearchControls();
+ // searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
+ //
+ // String searchBase = "ou=node";
+ // NamingEnumeration<SearchResult> results = initialLdapContext
+ // .search(searchBase, searchFilter, searchControls);
+ //
+ // // TODO synchro
+ // //user.directMemberOf.clear();
+ // while (results.hasMoreElements()) {
+ // SearchResult searchResult = (SearchResult) results
+ // .nextElement();
+ // LdifGroup group = new LdifGroup(toDn(searchBase, searchResult),
+ // searchResult.getAttributes());
+ // populateDirectMemberOf(group);
+ // //user.directMemberOf.add(group);
+ // }
+ // } catch (Exception e) {
+ // throw new ArgeoException("Cannot populate direct members of "
+ // + user, e);
+ // }
+ // }
+ @Override
+ protected List<? extends Group> getDirectGroups(User user) {
+ List<Group> directGroups = new ArrayList<Group>();
try {
String searchFilter = "(&(objectClass=groupOfNames)(member="
+ user.getName() + "))";
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
- String searchBase = "ou=node";
+ String searchBase = getGroupsSearchBase();
NamingEnumeration<SearchResult> results = initialLdapContext
.search(searchBase, searchFilter, searchControls);
- // TODO synchro
- user.directMemberOf.clear();
while (results.hasMoreElements()) {
SearchResult searchResult = (SearchResult) results
.nextElement();
- LdifGroup group = new LdifGroup(toDn(searchBase, searchResult),
- searchResult.getAttributes());
- populateDirectMemberOf(group);
- user.directMemberOf.add(group);
+ LdifGroup group = new LdifGroup(this, toDn(searchBase,
+ searchResult), searchResult.getAttributes());
+ directGroups.add(group);
}
+ return directGroups;
} catch (Exception e) {
throw new ArgeoException("Cannot populate direct members of "
+ user, e);
}
}
+ protected String getGroupsSearchBase() {
+ // TODO configure group search base
+ return baseDn;
+ }
}