projects
/
lgpl
/
argeo-commons.git
/ commitdiff
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
3152a0f
)
Make LDAP support more robust
author
Mathieu Baudier <mbaudier@argeo.org>
Tue, 7 Nov 2017 11:16:41 +0000
(12:16 +0100)
committer
Mathieu Baudier <mbaudier@argeo.org>
Tue, 7 Nov 2017 11:16:41 +0000
(12:16 +0100)
org.argeo.enterprise/src/org/argeo/naming/LdifParser.java
patch
|
blob
|
history
org.argeo.enterprise/src/org/argeo/naming/LdifWriter.java
patch
|
blob
|
history
org.argeo.enterprise/src/org/argeo/osgi/useradmin/AbstractUserDirectory.java
patch
|
blob
|
history
org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
patch
|
blob
|
history
org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUserAdmin.java
patch
|
blob
|
history
diff --git
a/org.argeo.enterprise/src/org/argeo/naming/LdifParser.java
b/org.argeo.enterprise/src/org/argeo/naming/LdifParser.java
index 9595b57f0b0d030e866b44856131ea3a6cfe5105..86392b345174cb9392a1cb5360fe439470e777b4 100644
(file)
--- a/
org.argeo.enterprise/src/org/argeo/naming/LdifParser.java
+++ b/
org.argeo.enterprise/src/org/argeo/naming/LdifParser.java
@@
-114,6
+114,7
@@
public class LdifParser {
}
String attributeId = attrId.toString();
}
String attributeId = attrId.toString();
+ // TODO should we really trim the end of the string as well?
String cleanValueStr = currentEntry.toString().trim();
Object attributeValue = isBase64 ? Base64.getDecoder().decode(cleanValueStr) : cleanValueStr;
String cleanValueStr = currentEntry.toString().trim();
Object attributeValue = isBase64 ? Base64.getDecoder().decode(cleanValueStr) : cleanValueStr;
diff --git
a/org.argeo.enterprise/src/org/argeo/naming/LdifWriter.java
b/org.argeo.enterprise/src/org/argeo/naming/LdifWriter.java
index 892fa885d8f46611de39d0d173bda5edc944482d..6a3fea12f29fa8b438700ddc72d6cc225a59a880 100644
(file)
--- a/
org.argeo.enterprise/src/org/argeo/naming/LdifWriter.java
+++ b/
org.argeo.enterprise/src/org/argeo/naming/LdifWriter.java
@@
-42,7
+42,7
@@
public class LdifWriter {
throw new UserDirectoryException(
"Attribute " + nameAttr.getID() + "=" + nameAttr.get() + " not consistent with DN " + name);
throw new UserDirectoryException(
"Attribute " + nameAttr.getID() + "=" + nameAttr.get() + " not consistent with DN " + name);
- writer.append(LdapAttrs.DN + ":").append(name.toString()).append('\n');
+ writer.append(LdapAttrs.DN + ":
").append(name.toString()).append('\n');
Attribute objectClassAttr = attributes.get("objectClass");
if (objectClassAttr != null)
writeAttribute(objectClassAttr);
Attribute objectClassAttr = attributes.get("objectClass");
if (objectClassAttr != null)
writeAttribute(objectClassAttr);
@@
-69,9
+69,9
@@
public class LdifWriter {
Object value = attrValues.next();
if (value instanceof byte[]) {
String encoded = Base64.getEncoder().encodeToString((byte[]) value);
Object value = attrValues.next();
if (value instanceof byte[]) {
String encoded = Base64.getEncoder().encodeToString((byte[]) value);
- writer.append(attribute.getID()).append("::").append(encoded).append('\n');
+ writer.append(attribute.getID()).append("::
").append(encoded).append('\n');
} else {
} else {
- writer.append(attribute.getID()).append(
':'
).append(value.toString()).append('\n');
+ writer.append(attribute.getID()).append(
": "
).append(value.toString()).append('\n');
}
}
}
}
}
}
diff --git
a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AbstractUserDirectory.java
b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/AbstractUserDirectory.java
index e4b25ae81caceab5b2ff07b40364bc59bba67c86..66b6e91e27eac392fc4af28fb7791a3efb454a40 100644
(file)
--- a/
org.argeo.enterprise/src/org/argeo/osgi/useradmin/AbstractUserDirectory.java
+++ b/
org.argeo.enterprise/src/org/argeo/osgi/useradmin/AbstractUserDirectory.java
@@
-1,6
+1,7
@@
package org.argeo.osgi.useradmin;
import static org.argeo.naming.LdapAttrs.objectClass;
package org.argeo.osgi.useradmin;
import static org.argeo.naming.LdapAttrs.objectClass;
+import static org.argeo.naming.LdapObjs.extensibleObject;
import static org.argeo.naming.LdapObjs.inetOrgPerson;
import static org.argeo.naming.LdapObjs.organizationalPerson;
import static org.argeo.naming.LdapObjs.person;
import static org.argeo.naming.LdapObjs.inetOrgPerson;
import static org.argeo.naming.LdapObjs.organizationalPerson;
import static org.argeo.naming.LdapObjs.person;
@@
-18,6
+19,7
@@
import java.util.Iterator;
import java.util.List;
import javax.naming.InvalidNameException;
import java.util.List;
import javax.naming.InvalidNameException;
+import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.NamingEnumeration;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
@@
-32,6
+34,7
@@
import javax.transaction.TransactionManager;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.argeo.naming.LdapAttrs;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.argeo.naming.LdapAttrs;
+import org.argeo.naming.LdapObjs;
import org.osgi.framework.Filter;
import org.osgi.framework.FrameworkUtil;
import org.osgi.framework.InvalidSyntaxException;
import org.osgi.framework.Filter;
import org.osgi.framework.FrameworkUtil;
import org.osgi.framework.InvalidSyntaxException;
@@
-113,7
+116,7
@@
public abstract class AbstractUserDirectory implements UserAdmin, UserDirectory
protected abstract Boolean daoHasRole(LdapName dn);
protected abstract Boolean daoHasRole(LdapName dn);
- protected abstract DirectoryUser daoGetRole(LdapName key);
+ protected abstract DirectoryUser daoGetRole(LdapName key)
throws NameNotFoundException
;
protected abstract List<DirectoryUser> doGetRoles(Filter f);
protected abstract List<DirectoryUser> doGetRoles(Filter f);
@@
-209,7
+212,12
@@
public abstract class AbstractUserDirectory implements UserAdmin, UserDirectory
protected DirectoryUser doGetRole(LdapName dn) {
UserDirectoryWorkingCopy wc = getWorkingCopy();
protected DirectoryUser doGetRole(LdapName dn) {
UserDirectoryWorkingCopy wc = getWorkingCopy();
- DirectoryUser user = daoGetRole(dn);
+ DirectoryUser user;
+ try {
+ user = daoGetRole(dn);
+ } catch (NameNotFoundException e) {
+ user = null;
+ }
if (wc != null) {
if (user == null && wc.getNewUsers().containsKey(dn))
user = wc.getNewUsers().get(dn);
if (wc != null) {
if (user == null && wc.getNewUsers().containsKey(dn))
user = wc.getNewUsers().get(dn);
@@
-313,12
+321,13
@@
public abstract class AbstractUserDirectory implements UserAdmin, UserDirectory
if (wc.getDeletedUsers().containsKey(dn)) {
wc.getDeletedUsers().remove(dn);
wc.getModifiedUsers().put(dn, attrs);
if (wc.getDeletedUsers().containsKey(dn)) {
wc.getDeletedUsers().remove(dn);
wc.getModifiedUsers().put(dn, attrs);
+ return getRole(name);
} else {
wc.getModifiedUsers().put(dn, attrs);
DirectoryUser newRole = newRole(dn, type, attrs);
wc.getNewUsers().put(dn, newRole);
} else {
wc.getModifiedUsers().put(dn, attrs);
DirectoryUser newRole = newRole(dn, type, attrs);
wc.getNewUsers().put(dn, newRole);
+ return newRole;
}
}
- return getRole(name);
}
protected DirectoryUser newRole(LdapName dn, int type, Attributes attrs) {
}
protected DirectoryUser newRole(LdapName dn, int type, Attributes attrs) {
@@
-334,6
+343,7
@@
public abstract class AbstractUserDirectory implements UserAdmin, UserDirectory
objClass.add(person.name());
}
objClass.add(top.name());
objClass.add(person.name());
}
objClass.add(top.name());
+ objClass.add(extensibleObject.name());
attrs.put(objClass);
newRole = new LdifUser(this, dn, attrs);
} else if (type == Role.GROUP) {
attrs.put(objClass);
newRole = new LdifUser(this, dn, attrs);
} else if (type == Role.GROUP) {
diff --git
a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
index 494d9c2dfaf0c0b78981f0615daf1719a93cb496..cf97ebea393e5cbe06a9de38180ec14615d858da 100644
(file)
--- a/
org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
+++ b/
org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdapUserAdmin.java
@@
-101,11
+101,15
@@
public class LdapUserAdmin extends AbstractUserDirectory {
@Override
protected Boolean daoHasRole(LdapName dn) {
@Override
protected Boolean daoHasRole(LdapName dn) {
- return daoGetRole(dn) != null;
+ try {
+ return daoGetRole(dn) != null;
+ } catch (NameNotFoundException e) {
+ return false;
+ }
}
@Override
}
@Override
- protected DirectoryUser daoGetRole(LdapName name) {
+ protected DirectoryUser daoGetRole(LdapName name)
throws NameNotFoundException
{
try {
Attributes attrs = getLdapContext().getAttributes(name);
if (attrs.size() == 0)
try {
Attributes attrs = getLdapContext().getAttributes(name);
if (attrs.size() == 0)
@@
-119,6
+123,8
@@
public class LdapUserAdmin extends AbstractUserDirectory {
else
throw new UserDirectoryException("Unsupported LDAP type for " + name);
return res;
else
throw new UserDirectoryException("Unsupported LDAP type for " + name);
return res;
+ } catch (NameNotFoundException e) {
+ throw e;
} catch (NamingException e) {
log.error("Cannot get role: " + name, e);
return null;
} catch (NamingException e) {
log.error("Cannot get role: " + name, e);
return null;
diff --git
a/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUserAdmin.java
b/org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUserAdmin.java
index 3e683b6116fbc2b435ff53e9871f3319d63f676f..aab96dd7ad4cf7c319e34da4fe1c15a9517c003e 100644
(file)
--- a/
org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUserAdmin.java
+++ b/
org.argeo.enterprise/src/org/argeo/osgi/useradmin/LdifUserAdmin.java
@@
-18,6
+18,7
@@
import java.util.Set;
import java.util.SortedMap;
import java.util.TreeMap;
import java.util.SortedMap;
import java.util.TreeMap;
+import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
import javax.naming.directory.Attributes;
import javax.naming.ldap.LdapName;
import javax.naming.NamingEnumeration;
import javax.naming.directory.Attributes;
import javax.naming.ldap.LdapName;
@@
-154,14
+155,16
@@
public class LdifUserAdmin extends AbstractUserDirectory {
groups = null;
}
groups = null;
}
- protected DirectoryUser daoGetRole(LdapName key) {
+ @Override
+ protected DirectoryUser daoGetRole(LdapName key) throws NameNotFoundException {
if (groups.containsKey(key))
return groups.get(key);
if (users.containsKey(key))
return users.get(key);
if (groups.containsKey(key))
return groups.get(key);
if (users.containsKey(key))
return users.get(key);
-
return null
;
+
throw new NameNotFoundException(key + " not persisted")
;
}
}
+ @Override
protected Boolean daoHasRole(LdapName dn) {
return users.containsKey(dn) || groups.containsKey(dn);
}
protected Boolean daoHasRole(LdapName dn) {
return users.containsKey(dn) || groups.containsKey(dn);
}