Change default LDAP structure

[lgpl/argeo-commons.git] / security / runtime / org.argeo.security.core / src / main / java / org / argeo / security / ldap / ArgeoSecurityDaoLdap.java

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java
index c5cda2ed4a15b81c38f52575fd277b232565e4ca..c9ba367c6ec58d450d5328bf719d81bf20cc9b88 100644 (file)
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java
@@ -37,11 +37,12 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean
 
        private UserDetailsManager userDetailsManager;
        private LdapAuthoritiesPopulator authoritiesPopulator;
-       private String userBase = "ou=users";
+       private String userBase = "ou=People";
        private String usernameAttributeName = "uid";
-       private String groupBase = "ou=groups";
+       private String groupBase = "ou=Roles";
+       private String[] groupClasses = { "top", "groupOfNames" };
        private String groupRoleAttributeName = "cn";
-       private String groupMemberAttributeName = "uniquemember";
+       private String groupMemberAttributeName = "member";
        private String defaultRole = "ROLE_USER";
        private String rolePrefix = "ROLE_";
 
@@ -105,6 +106,8 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean
                Authentication authentication = SecurityContextHolder.getContext()
                                .getAuthentication();
                ArgeoUser argeoUser = ArgeoUserDetails.asArgeoUser(authentication);
+               if (argeoUser == null)
+                       return null;
                if (argeoUser.getRoles().contains(defaultRole))
                        argeoUser.getRoles().remove(defaultRole);
                return argeoUser;
@@ -148,10 +151,6 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean
                userDetailsManager.deleteUser(username);
        }
 
-       public void updatePassword(String oldPassword, String newPassword) {
-               userDetailsManager.changePassword(oldPassword, newPassword);
-       }
-
        public Boolean userExists(String username) {
                return userDetailsManager.userExists(username);
        }
@@ -169,12 +168,12 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean
 
                Name groupDn = buildGroupDn(group);
                DirContextAdapter context = new DirContextAdapter();
-               context.setAttributeValues("objectClass", new String[] { "top",
-                               "groupOfUniqueNames" });
+               context.setAttributeValues("objectClass", groupClasses);
                context.setAttributeValue("cn", group);
 
                // Add superuser because cannot create empty group
-               context.setAttributeValue("uniqueMember", superuserDn.toString());
+               context.setAttributeValue(groupMemberAttributeName, superuserDn
+                               .toString());
 
                ldapTemplate.bind(groupDn, context, null);
        }
@@ -269,4 +268,8 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean
        public String getDefaultRole() {
                return defaultRole;
        }
+
+       public void setGroupClasses(String[] groupClasses) {
+               this.groupClasses = groupClasses;
+       }
 }