X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=org.argeo.util%2Fsrc%2Forg%2Fargeo%2Futil%2Fdirectory%2Fldap%2FAbstractLdapDirectory.java;h=5cd4ac1a57e30da57efb844e1358a15b8efd79d8;hb=3c1cdc594d954520b14646102b366290bdad58c7;hp=74dd15edec4c658ca9df5af3a3446e7b0cb1cf4e;hpb=250053a6fe7a84a4f37293f61d9a6dc636a4117a;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.util/src/org/argeo/util/directory/ldap/AbstractLdapDirectory.java b/org.argeo.util/src/org/argeo/util/directory/ldap/AbstractLdapDirectory.java
index 74dd15ede..5cd4ac1a5 100644
--- a/org.argeo.util/src/org/argeo/util/directory/ldap/AbstractLdapDirectory.java
+++ b/org.argeo.util/src/org/argeo/util/directory/ldap/AbstractLdapDirectory.java
@@ -14,6 +14,7 @@ import java.util.Locale;
 import java.util.Optional;
 import java.util.StringJoiner;
 
+import javax.naming.Context;
 import javax.naming.InvalidNameException;
 import javax.naming.NameNotFoundException;
 import javax.naming.NamingEnumeration;
@@ -62,6 +63,9 @@ public abstract class AbstractLdapDirectory implements Directory, XAResourceProv
 
 	private LdapDirectoryDao directoryDao;
 
+	/** Whether the the directory has is authenticated via a service user. */
+	private boolean authenticated = false;
+
 	public AbstractLdapDirectory(URI uriArg, Dictionary<String, ?> props, boolean scoped) {
 		this.configProperties = new Hashtable<String, Object>();
 		for (Enumeration<String> keys = props.keys(); keys.hasMoreElements();) {
@@ -130,10 +134,13 @@ public abstract class AbstractLdapDirectory implements Directory, XAResourceProv
 				if (DirectoryConf.SCHEME_LDAP.equals(u.getScheme())
 						|| DirectoryConf.SCHEME_LDAPS.equals(u.getScheme())) {
 					directoryDao = new LdapDao(this);
+					authenticated = configProperties.get(Context.SECURITY_PRINCIPAL) != null;
 				} else if (DirectoryConf.SCHEME_FILE.equals(u.getScheme())) {
 					directoryDao = new LdifDao(this);
+					authenticated = true;
 				} else if (DirectoryConf.SCHEME_OS.equals(u.getScheme())) {
 					directoryDao = new OsUserDirectory(this);
+					authenticated = true;
 					// singleUser = true;
 				} else {
 					throw new IllegalArgumentException("Unsupported scheme " + u.getScheme());
@@ -378,7 +385,8 @@ public abstract class AbstractLdapDirectory implements Directory, XAResourceProv
 			for (int i = 0; i < segments.length; i++) {
 				String segment = segments[i];
 				// TODO make attr names configurable ?
-				String attr = path.startsWith("accounts/")/* IPA */ ? LdapAttrs.cn.name() : LdapAttrs.ou.name();
+				String attr = getDirectory().getRealm().isPresent()/* IPA */ ? LdapAttrs.cn.name()
+						: LdapAttrs.ou.name();
 				if (parentRdn != null) {
 					if (getUserBaseRdn().equals(parentRdn))
 						attr = LdapAttrs.uid.name();
@@ -490,6 +498,10 @@ public abstract class AbstractLdapDirectory implements Directory, XAResourceProv
 		return disabled;
 	}
 
+	public boolean isAuthenticated() {
+		return authenticated;
+	}
+
 	public Rdn getUserBaseRdn() {
 		return userBaseRdn;
 	}