X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.ldap%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fldap%2Fjcr%2FJcrUserDetailsContextMapper.java;fp=security%2Fruntime%2Forg.argeo.security.ldap%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fldap%2Fjcr%2FJcrUserDetailsContextMapper.java;h=fe212ccf89d489cc61b0d50ff8574fa0c1914687;hb=d51f86803bfbf9594c659a03360abf5771796477;hp=8cac6a7097a7f699ae3d585c7cbba87c2b9d586d;hpb=5b33fd436b33a2441b2fc03a5dfe26e75720c885;p=lgpl%2Fargeo-commons.git diff --git a/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/jcr/JcrUserDetailsContextMapper.java b/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/jcr/JcrUserDetailsContextMapper.java index 8cac6a709..fe212ccf8 100644 --- a/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/jcr/JcrUserDetailsContextMapper.java +++ b/security/runtime/org.argeo.security.ldap/src/main/java/org/argeo/security/ldap/jcr/JcrUserDetailsContextMapper.java @@ -3,6 +3,7 @@ package org.argeo.security.ldap.jcr; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; import java.util.Arrays; +import java.util.Calendar; import java.util.HashMap; import java.util.Map; import java.util.Random; @@ -51,6 +52,9 @@ public class JcrUserDetailsContextMapper implements UserDetailsContextMapper, private PasswordEncoder passwordEncoder; private final Random random; + /** 0 is always sync */ + private Long syncLatency = 10 * 60 * 1000l; + public JcrUserDetailsContextMapper() { random = createRandom(); } @@ -108,13 +112,14 @@ public class JcrUserDetailsContextMapper implements UserDetailsContextMapper, } /** @return path to the user home node */ - protected synchronized String mapLdapToJcr(String username, DirContextOperations ctx) { + protected synchronized String mapLdapToJcr(String username, + DirContextOperations ctx) { String usernameLdap = ctx.getStringAttribute(usernameAttribute); // log.debug("username=" + username + ", usernameLdap=" + usernameLdap); if (!username.equals(usernameLdap)) { String msg = "Provided username '" + username + "' is different from username stored in LDAP '" - + usernameLdap+"'"; + + usernameLdap + "'"; // we log it because the exception may not be displayed log.error(msg); throw new BadCredentialsException(msg); @@ -130,6 +135,14 @@ public class JcrUserDetailsContextMapper implements UserDetailsContextMapper, Node userProfile; // = userHome.getNode(ARGEO_PROFILE); if (userHome.hasNode(ARGEO_PROFILE)) { userProfile = userHome.getNode(ARGEO_PROFILE); + if (syncLatency != 0) { + Calendar lastModified = userProfile.getProperty( + Property.JCR_LAST_MODIFIED).getDate(); + long timeSinceLastUpdate = System.currentTimeMillis() + - lastModified.getTimeInMillis(); + if (timeSinceLastUpdate < syncLatency)// skip sync + return userHomePath; + } } else { throw new ArgeoException("We should never reach this point"); // userProfile = userHome.addNode(ARGEO_PROFILE); @@ -149,7 +162,7 @@ public class JcrUserDetailsContextMapper implements UserDetailsContextMapper, .getProperty(ARGEO_FIRST_NAME).getString() + " " + userProfile.getProperty(ARGEO_LAST_NAME).getString()); - + JcrUtils.updateLastModified(userProfile); session.save(); if (log.isTraceEnabled()) log.trace("Mapped " + ctx.getDn() + " to " + userProfile); @@ -282,4 +295,11 @@ public class JcrUserDetailsContextMapper implements UserDetailsContextMapper, this.session = session; } + /** + * Time in ms during which the LDAP server is not checked. 0 is always sync. + */ + public void setSyncLatency(Long syncLatency) { + this.syncLatency = syncLatency; + } + }