X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.core%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fldap%2FArgeoSecurityDaoLdap.java;h=c9ba367c6ec58d450d5328bf719d81bf20cc9b88;hb=9f2aa390f921ccb05e0b6fbf1f2f25f0902d9705;hp=763539ce25afb8d0b39d98bb94fb40a59756ec03;hpb=e80be147bdb65aa2a0c34e848ca78851b781508d;p=lgpl%2Fargeo-commons.git diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java index 763539ce2..c9ba367c6 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ldap/ArgeoSecurityDaoLdap.java @@ -1,6 +1,6 @@ package org.argeo.security.ldap; -import static org.argeo.security.core.ArgeoUserDetails.createBasicArgeoUser; +import static org.argeo.security.core.ArgeoUserDetails.createSimpleArgeoUser; import java.util.ArrayList; import java.util.List; @@ -11,6 +11,7 @@ import javax.naming.directory.DirContext; import org.argeo.security.ArgeoSecurityDao; import org.argeo.security.ArgeoUser; +import org.argeo.security.SimpleArgeoUser; import org.argeo.security.core.ArgeoUserDetails; import org.springframework.beans.factory.InitializingBean; import org.springframework.ldap.core.ContextExecutor; @@ -36,11 +37,12 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean private UserDetailsManager userDetailsManager; private LdapAuthoritiesPopulator authoritiesPopulator; - private String userBase = "ou=users"; + private String userBase = "ou=People"; private String usernameAttributeName = "uid"; - private String groupBase = "ou=groups"; + private String groupBase = "ou=Roles"; + private String[] groupClasses = { "top", "groupOfNames" }; private String groupRoleAttributeName = "cn"; - private String groupMemberAttributeName = "uniquemember"; + private String groupMemberAttributeName = "member"; private String defaultRole = "ROLE_USER"; private String rolePrefix = "ROLE_"; @@ -91,13 +93,21 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean } public ArgeoUser getUser(String uname) { - return createBasicArgeoUser(getDetails(uname)); + SimpleArgeoUser user = createSimpleArgeoUser(getDetails(uname)); + user.setPassword(null); + return user; + } + + public ArgeoUser getUserWithPassword(String uname) { + return createSimpleArgeoUser(getDetails(uname)); } public ArgeoUser getCurrentUser() { Authentication authentication = SecurityContextHolder.getContext() .getAuthentication(); ArgeoUser argeoUser = ArgeoUserDetails.asArgeoUser(authentication); + if (argeoUser == null) + return null; if (argeoUser.getRoles().contains(defaultRole)) argeoUser.getRoles().remove(defaultRole); return argeoUser; @@ -115,7 +125,7 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean List lst = new ArrayList(); for (String username : usernames) { - lst.add(createBasicArgeoUser(getDetails(username))); + lst.add(createSimpleArgeoUser(getDetails(username))); } return lst; } @@ -141,10 +151,6 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean userDetailsManager.deleteUser(username); } - public void updatePassword(String oldPassword, String newPassword) { - userDetailsManager.changePassword(oldPassword, newPassword); - } - public Boolean userExists(String username) { return userDetailsManager.userExists(username); } @@ -162,12 +168,12 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean Name groupDn = buildGroupDn(group); DirContextAdapter context = new DirContextAdapter(); - context.setAttributeValues("objectClass", new String[] { "top", - "groupOfUniqueNames" }); + context.setAttributeValues("objectClass", groupClasses); context.setAttributeValue("cn", group); // Add superuser because cannot create empty group - context.setAttributeValue("uniqueMember", superuserDn.toString()); + context.setAttributeValue(groupMemberAttributeName, superuserDn + .toString()); ldapTemplate.bind(groupDn, context, null); } @@ -262,4 +268,8 @@ public class ArgeoSecurityDaoLdap implements ArgeoSecurityDao, InitializingBean public String getDefaultRole() { return defaultRole; } + + public void setGroupClasses(String[] groupClasses) { + this.groupClasses = groupClasses; + } }