From d49ef557ceaa438399743027dcfd2c1b2e257126 Mon Sep 17 00:00:00 2001 From: Mathieu Baudier Date: Mon, 12 Oct 2015 08:04:22 +0000 Subject: [PATCH] Improve user directory checks and logging git-svn-id: https://svn.argeo.org/commons/trunk@8472 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc --- .../osgi/useradmin/AbstractUserDirectory.java | 8 ++++++ .../org/argeo/osgi/useradmin/LdifParser.java | 27 +++++++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/AbstractUserDirectory.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/AbstractUserDirectory.java index e79800f10..58eb41ca3 100644 --- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/AbstractUserDirectory.java +++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/AbstractUserDirectory.java @@ -28,6 +28,8 @@ import javax.transaction.Transaction; import javax.transaction.TransactionManager; import javax.transaction.xa.Xid; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; import org.osgi.framework.Filter; import org.osgi.framework.FrameworkUtil; import org.osgi.framework.InvalidSyntaxException; @@ -38,6 +40,9 @@ import org.osgi.service.useradmin.UserAdmin; /** Base class for a {@link UserDirectory}. */ abstract class AbstractUserDirectory implements UserAdmin, UserDirectory { + private final static Log log = LogFactory + .getLog(AbstractUserDirectory.class); + private final Hashtable properties; private final String baseDn; private final String userObjectClass; @@ -240,6 +245,9 @@ abstract class AbstractUserDirectory implements UserAdmin, UserDirectory { } if (collectedUsers.size() == 1) return collectedUsers.get(0); + else if (collectedUsers.size() > 1) + log.warn(collectedUsers.size() + " users for " + + (key != null ? key + "=" : "") + value); return null; } diff --git a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifParser.java b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifParser.java index 56bdb54e3..b59cc36e1 100644 --- a/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifParser.java +++ b/org.argeo.security.core/src/org/argeo/osgi/useradmin/LdifParser.java @@ -7,11 +7,13 @@ import java.util.SortedMap; import java.util.TreeMap; import javax.naming.InvalidNameException; +import javax.naming.NamingException; import javax.naming.directory.Attribute; import javax.naming.directory.Attributes; import javax.naming.directory.BasicAttribute; import javax.naming.directory.BasicAttributes; import javax.naming.ldap.LdapName; +import javax.naming.ldap.Rdn; import org.apache.commons.codec.binary.Base64; import org.apache.commons.io.IOUtils; @@ -70,6 +72,31 @@ class LdifParser { // manage DN attributes if (attributeId.equals("dn") || isLastLine) { if (currentDn != null) { + // + // ADD + // + Rdn nameRdn = currentDn + .getRdn(currentDn.size() - 1); + Attribute nameAttr = currentAttributes.get(nameRdn + .getType()); + if (nameAttr == null) + currentAttributes.put(nameRdn.getType(), + nameRdn.getValue()); + else + try { + if (!nameAttr.get().equals( + nameRdn.getValue())) + throw new UserDirectoryException( + "Attribute " + + nameAttr.getID() + + "=" + + nameAttr.get() + + " not consistent with DN " + + currentDn); + } catch (NamingException e) { + throw new UserDirectoryException( + "Cannot get attribute value", e); + } Attributes previous = res.put(currentDn, currentAttributes); if (log.isTraceEnabled()) -- 2.30.2