import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
+import javax.naming.directory.BasicAttributes;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
import org.argeo.util.directory.HierarchyUnit;
+import org.argeo.util.naming.LdapAttrs;
import org.argeo.util.naming.LdapObjs;
/** A user admin based on a LDAP server. */
@Override
public void init() {
- ldapConnection = new LdapConnection(getDirectory().getUri().toString(), getDirectory().getProperties());
+ ldapConnection = new LdapConnection(getDirectory().getUri().toString(), getDirectory().cloneConfigProperties());
}
public void destroy() {
// }
@Override
- public Boolean daoHasEntry(LdapName dn) {
+ public Boolean entryExists(LdapName dn) {
try {
- return daoGetEntry(dn) != null;
+ return ldapConnection.entryExists(dn);
} catch (NameNotFoundException e) {
return false;
+ } catch (NamingException e) {
+ throw new IllegalStateException("Cannot check " + dn, e);
}
}
@Override
- public LdapEntry daoGetEntry(LdapName name) throws NameNotFoundException {
+ public LdapEntry doGetEntry(LdapName name) throws NameNotFoundException {
+// if (!entryExists(name))
+// throw new NameNotFoundException(name + " was not found in " + getDirectory().getBaseDn());
try {
Attributes attrs = ldapConnection.getAttributes(name);
- if (attrs.size() == 0)
- return null;
-// int roleType = roleType(name);
+
LdapEntry res;
- if (isGroup(name))
+ Rdn technicalRdn = LdapNameUtils.getParentRdn(name);
+ if (getDirectory().getGroupBaseRdn().equals(technicalRdn)) {
+ if (attrs.size() == 0) {// exists but not accessible
+ attrs = new BasicAttributes();
+ attrs.put(LdapAttrs.objectClass.name(), LdapObjs.top.name());
+ attrs.put(LdapAttrs.objectClass.name(), getDirectory().getGroupObjectClass());
+ }
+ res = newGroup(name, attrs);
+ } else if (getDirectory().getSystemRoleBaseRdn().equals(technicalRdn)) {
+ if (attrs.size() == 0) {// exists but not accessible
+ attrs = new BasicAttributes();
+ attrs.put(LdapAttrs.objectClass.name(), LdapObjs.top.name());
+ attrs.put(LdapAttrs.objectClass.name(), getDirectory().getGroupObjectClass());
+ }
res = newGroup(name, attrs);
- else
+ } else if (getDirectory().getUserBaseRdn().equals(technicalRdn)) {
+ if (attrs.size() == 0) {// exists but not accessible
+ attrs = new BasicAttributes();
+ attrs.put(LdapAttrs.objectClass.name(), LdapObjs.top.name());
+ attrs.put(LdapAttrs.objectClass.name(), getDirectory().getUserObjectClass());
+ }
res = newUser(name, attrs);
-// else
-// throw new IllegalArgumentException("Unsupported LDAP type for " + name);
+ } else {
+ res = new DefaultLdapEntry(getDirectory(), name, attrs);
+ }
return res;
} catch (NameNotFoundException e) {
throw e;
} catch (NamingException e) {
- return null;
+ throw new IllegalStateException("Cannot retrieve entry " + name, e);
}
}
- protected boolean isGroup(LdapName dn) {
- Rdn technicalRdn = LdapNameUtils.getParentRdn(dn);
- if (getDirectory().getGroupBaseRdn().equals(technicalRdn)
- || getDirectory().getSystemRoleBaseRdn().equals(technicalRdn))
- return true;
- else if (getDirectory().getUserBaseRdn().equals(technicalRdn))
- return false;
- else
- throw new IllegalArgumentException(
- "Cannot dind role type, " + technicalRdn + " is not a technical RDN for " + dn);
+// protected boolean isGroup(LdapName dn) {
+// Rdn technicalRdn = LdapNameUtils.getParentRdn(dn);
+// if (getDirectory().getGroupBaseRdn().equals(technicalRdn)
+// || getDirectory().getSystemRoleBaseRdn().equals(technicalRdn))
+// return true;
+// else if (getDirectory().getUserBaseRdn().equals(technicalRdn))
+// return false;
+// else
+// throw new IllegalArgumentException(
+// "Cannot find role type, " + technicalRdn + " is not a technical RDN for " + dn);
+// }
+
+ @Override
+ public Attributes doGetAttributes(LdapName name) {
+ try {
+ Attributes attrs = ldapConnection.getAttributes(name);
+ return attrs;
+ } catch (NamingException e) {
+ throw new IllegalStateException("Cannot get attributes for " + name);
+ }
}
@Override
try {
String searchFilter = "(|(" + objectClass + "=" + LdapObjs.organizationalUnit.name() + ")(" + objectClass
+ "=" + LdapObjs.organization.name() + "))";
+// String searchFilter = "(|(" + objectClass + "=" + LdapObjs.organizationalUnit.name() + ")(" + objectClass
+// + "=" + LdapObjs.organization.name() + ")(cn=accounts)(cn=users)(cn=groups))";
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
@Override
public HierarchyUnit doGetHierarchyUnit(LdapName dn) {
try {
+ if (getDirectory().getBaseDn().equals(dn))
+ return getDirectory();
+ if (!dn.startsWith(getDirectory().getBaseDn()))
+ throw new IllegalArgumentException(dn + " does not start with base DN " + getDirectory().getBaseDn());
Attributes attrs = ldapConnection.getAttributes(dn);
return new LdapHierarchyUnit(getDirectory(), dn, attrs);
+ } catch (NameNotFoundException e) {
+ return null;
} catch (NamingException e) {
throw new IllegalStateException("Cannot get hierarchy unit " + dn, e);
}
projects / lgpl / argeo-commons.git / blobdiff