disabled = false;
}
+ /*
+ * ABSTRACT METHODS
+ */
+
/** Returns the groups this user is a direct member of. */
protected abstract List<LdapName> getDirectGroups(LdapName dn);
protected abstract AbstractUserDirectory scope(User user);
+ protected abstract HierarchyUnit doGetHierarchyUnit(LdapName dn);
+
+ protected abstract Iterable<HierarchyUnit> doGetDirectHierarchyUnits(LdapName searchBase, boolean functionalOnly);
+
+ /*
+ * INITIALIZATION
+ */
+
public void init() {
}
/*
* HIERARCHY
*/
-// @Override
-// public int getHierarchyChildCount() {
-// return 0;
-// }
-//
-// @Override
-// public HierarchyUnit getHierarchyChild(int i) {
-// throw new IllegalArgumentException("No child hierarchy unit available");
-// }
-//
-// @Override
-// public HierarchyUnit getParent() {
-// return null;
-// }
-//
-// @Override
-// public int getHierarchyUnitType() {
-// return 0;
-// }
-//
-// @Override
-// public String getHierarchyUnitName() {
-// String name = LdapNameUtils.getLastRdnValue(baseDn);
-// // TODO check ou, o, etc.
-// return name;
-// }
-
@Override
public HierarchyUnit getHierarchyUnit(String path) {
- throw new UnsupportedOperationException();
+ LdapName dn = pathToName(path);
+ return doGetHierarchyUnit(dn);
}
@Override
public HierarchyUnit getHierarchyUnit(Role role) {
- throw new UnsupportedOperationException();
+ LdapName dn = LdapNameUtils.toLdapName(role.getName());
+ LdapName huDn = LdapNameUtils.getParent(dn);
+ HierarchyUnit hierarchyUnit = doGetHierarchyUnit(huDn);
+ if (hierarchyUnit == null)
+ throw new IllegalStateException("No hierarchy unit found for " + role);
+ return hierarchyUnit;
}
-// @Override
-// public List<? extends Role> getHierarchyUnitRoles(String filter, boolean deep) {
-// try {
-// return getRoles(getBaseDn(), filter, deep);
-// } catch (InvalidSyntaxException e) {
-// throw new IllegalArgumentException("Cannot filter " + filter + " " + getBaseDn(), e);
-// }
-// }
-
@Override
public Iterable<HierarchyUnit> getDirectHierarchyUnits(boolean functionalOnly) {
- throw new UnsupportedOperationException();
+ return doGetDirectHierarchyUnits(baseDn, functionalOnly);
}
/*
protected DirectoryGroup newGroup(LdapName name, Attributes attrs) {
if (LdapNameUtils.getParentRdn(name).equals(getSystemRoleBaseRdn()))
return new LdifGroup.LdifSystemPermissions(this, name, attrs);
-
+
if (hasObjectClass(attrs, LdapObjs.organization))
return new LdifGroup.LdifOrganization(this, name, attrs);
else
else
this.tokensBaseDn = null;
} catch (InvalidNameException e) {
- throw new UserDirectoryException("Cannot initialize " + AggregatingUserAdmin.class, e);
+ throw new IllegalStateException("Cannot initialize " + AggregatingUserAdmin.class, e);
}
}
} else {
LdapName baseDn = toLdapName(basePath);
if (businessRoles.containsKey(baseDn))
- throw new UserDirectoryException("There is already a user admin for " + baseDn);
+ throw new IllegalStateException("There is already a user admin for " + baseDn);
businessRoles.put(baseDn, userDirectory);
}
userDirectory.init();
try {
return findUserAdmin(new LdapName(name));
} catch (InvalidNameException e) {
- throw new UserDirectoryException("Badly formatted name " + name, e);
+ throw new IllegalArgumentException("Badly formatted name " + name, e);
}
}
}
}
if (res.size() == 0)
- throw new UserDirectoryException("Cannot find user admin for " + name);
+ throw new IllegalStateException("Cannot find user admin for " + name);
if (res.size() > 1)
- throw new UserDirectoryException("Multiple user admin found for " + name);
+ throw new IllegalStateException("Multiple user admin found for " + name);
return res.get(0);
}
protected void removeUserDirectory(String basePath) {
if (isSystemRolesBaseDn(basePath))
- throw new UserDirectoryException("System roles cannot be removed ");
+ throw new IllegalArgumentException("System roles cannot be removed ");
LdapName baseDn = toLdapName(basePath);
if (!businessRoles.containsKey(baseDn))
- throw new UserDirectoryException("No user directory registered for " + baseDn);
+ throw new IllegalStateException("No user directory registered for " + baseDn);
AbstractUserDirectory userDirectory = businessRoles.remove(baseDn);
destroy(userDirectory);
}
import java.nio.CharBuffer;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.util.Arrays;
digest.update(bytes);
byte[] checksum = digest.digest();
return checksum;
- } catch (Exception e) {
- throw new UserDirectoryException("Cannot SHA1 digest", e);
+ } catch (NoSuchAlgorithmException e) {
+ throw new IllegalStateException("Cannot SHA1 digest", e);
}
}
} else {
throw new UnsupportedOperationException("Unkown password scheme " + passwordScheme);
}
- } catch (Exception e) {
- throw new UserDirectoryException("Cannot digest", e);
+ } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
+ throw new IllegalStateException("Cannot digest", e);
}
}
String dnsZone = hostname.substring(hostname.indexOf('.') + 1);
kerberosDomain = dnsBrowser.getRecord("_kerberos." + dnsZone, "TXT");
return kerberosDomain;
- } catch (Exception e) {
- throw new UserDirectoryException("Cannot determine Kerberos domain from DNS", e);
+ } catch (NamingException | IOException e) {
+ throw new IllegalStateException("Cannot determine Kerberos domain from DNS", e);
}
}
}
if (kerberosRealm == null)
- throw new UserDirectoryException("No Kerberos domain available for " + uri);
+ throw new IllegalStateException("No Kerberos domain available for " + uri);
// TODO intergrate CA certificate in truststore
// String schemeToUse = SCHEME_LDAPS;
String schemeToUse = UserAdminConf.SCHEME_LDAP;
ldapHosts = dnsBrowser.getSrvRecordsAsHosts("_ldap._tcp." + kerberosRealm.toLowerCase(),
schemeToUse.equals(UserAdminConf.SCHEME_LDAP) ? true : false);
if (ldapHosts == null || ldapHosts.size() == 0) {
- throw new UserDirectoryException("Cannot configure LDAP for IPA " + uri);
+ throw new IllegalStateException("Cannot configure LDAP for IPA " + uri);
} else {
ldapHostsStr = ldapHosts.get(0);
}
} catch (NamingException | IOException e) {
- throw new UserDirectoryException("cannot convert IPA uri " + uri, e);
+ throw new IllegalStateException("Cannot convert IPA uri " + uri, e);
}
} else {
ldapHosts = new ArrayList<>();
uriStr.append(convertedUri).append(' ');
}
} catch (URISyntaxException e) {
- throw new UserDirectoryException("cannot convert IPA uri " + uri, e);
+ throw new IllegalStateException("Cannot convert IPA uri " + uri, e);
}
Hashtable<String, Object> res = new Hashtable<>();
initialLdapContext.addToEnvironment(Context.SECURITY_CREDENTIALS, creds.toString());
}
}
- } catch (Exception e) {
- throw new UserDirectoryException("Cannot connect to LDAP", e);
+ } catch (NamingException e) {
+ throw new IllegalStateException("Cannot connect to LDAP", e);
}
}
// delete
for (LdapName dn : wc.getDeletedUsers().keySet()) {
if (!entryExists(dn))
- throw new UserDirectoryException("User to delete no found " + dn);
+ throw new IllegalStateException("User to delete no found " + dn);
}
// add
for (LdapName dn : wc.getNewUsers().keySet()) {
if (entryExists(dn))
- throw new UserDirectoryException("User to create found " + dn);
+ throw new IllegalStateException("User to create found " + dn);
}
// modify
for (LdapName dn : wc.getModifiedUsers().keySet()) {
if (!wc.getNewUsers().containsKey(dn) && !entryExists(dn))
- throw new UserDirectoryException("User to modify not found " + dn);
+ throw new IllegalStateException("User to modify not found " + dn);
}
}
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
+import org.argeo.util.naming.LdapObjs;
import org.osgi.framework.Filter;
import org.osgi.service.useradmin.Role;
import org.osgi.service.useradmin.User;
int roleType = roleType(name);
DirectoryUser res;
if (roleType == Role.GROUP)
- res = newGroup( name, attrs);
+ res = newGroup(name, attrs);
else if (roleType == Role.USER)
- res = newUser( name, attrs);
+ res = newUser(name, attrs);
else
- throw new UserDirectoryException("Unsupported LDAP type for " + name);
+ throw new IllegalArgumentException("Unsupported LDAP type for " + name);
return res;
} catch (NameNotFoundException e) {
throw e;
DirectoryUser role;
if (objectClassAttr.contains(getGroupObjectClass())
|| objectClassAttr.contains(getGroupObjectClass().toLowerCase()))
- role = newGroup( dn, attrs);
+ role = newGroup(dn, attrs);
else if (objectClassAttr.contains(getUserObjectClass())
|| objectClassAttr.contains(getUserObjectClass().toLowerCase()))
- role = newUser( dn, attrs);
+ role = newUser(dn, attrs);
else {
// log.warn("Unsupported LDAP type for " + searchResult.getName());
continue results;
// ignore (typically an unsupported anonymous bind)
// TODO better logging
return res;
- } catch (Exception e) {
- e.printStackTrace();
- throw new UserDirectoryException("Cannot get roles for filter " + f, e);
+ } catch (NamingException e) {
+ throw new IllegalStateException("Cannot get roles for filter " + f, e);
}
}
directGroups.add(toDn(searchBase, searchResult));
}
return directGroups;
- } catch (Exception e) {
- throw new UserDirectoryException("Cannot populate direct members of " + dn, e);
+ } catch (NamingException e) {
+ throw new IllegalStateException("Cannot populate direct members of " + dn, e);
}
}
try {
ldapConnection.prepareChanges(wc);
} catch (NamingException e) {
- throw new UserDirectoryException("Cannot prepare LDAP", e);
+ throw new IllegalStateException("Cannot prepare LDAP", e);
}
}
try {
ldapConnection.commitChanges(wc);
} catch (NamingException e) {
- throw new UserDirectoryException("Cannot commit LDAP", e);
+ throw new IllegalStateException("Cannot commit LDAP", e);
}
}
// prepare not impacting
}
-// @Override
-// public HierarchyUnit getHierarchyUnit(String path) {
-// LdapName dn = LdapNameUtils.toLdapName(path);
-// Attributes attrs = ldapConnection.getAttributes(dn);
-//
-// }
+ /*
+ * HIERARCHY
+ */
+
+ @Override
+ protected Iterable<HierarchyUnit> doGetDirectHierarchyUnits(LdapName searchBase, boolean functionalOnly) {
+ List<HierarchyUnit> res = new ArrayList<>();
+ try {
+ String searchFilter = "(|(" + objectClass + "=" + LdapObjs.organizationalUnit.name() + ")(" + objectClass
+ + "=" + LdapObjs.organization.name() + "))";
+
+ SearchControls searchControls = new SearchControls();
+ searchControls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
+
+ NamingEnumeration<SearchResult> results = ldapConnection.search(searchBase, searchFilter, searchControls);
+
+ while (results.hasMoreElements()) {
+ SearchResult searchResult = (SearchResult) results.nextElement();
+ LdapName dn = toDn(searchBase, searchResult);
+ Attributes attrs = searchResult.getAttributes();
+ LdifHierarchyUnit hierarchyUnit = new LdifHierarchyUnit(this, dn, attrs);
+ if (hierarchyUnit.isFunctional())
+ res.add(hierarchyUnit);
+ }
+ return res;
+ } catch (NamingException e) {
+ throw new IllegalStateException("Cannot get direct hierarchy units ", e);
+ }
+ }
+
+ @Override
+ protected HierarchyUnit doGetHierarchyUnit(LdapName dn) {
+ try {
+ Attributes attrs = ldapConnection.getAttributes(dn);
+ return new LdifHierarchyUnit(this, dn, attrs);
+ } catch (NamingException e) {
+ throw new IllegalStateException("Cannot get hierarchy unit " + dn, e);
+ }
+ }
}
if (displayName == null)
displayName = user.getName();
if (displayName == null)
- throw new UserDirectoryException("Cannot set display name for " + user);
+ throw new IllegalStateException("Cannot set display name for " + user);
return displayName.toString();
}
}
import javax.naming.InvalidNameException;
import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.ldap.LdapName;
for (LdapName ldapName : getMemberNames()) {
Role role = findRole(ldapName);
if (role == null) {
- throw new UserDirectoryException("Role " + ldapName + " cannot be added.");
+ throw new IllegalStateException("Role " + ldapName + " not found.");
}
directMembers.add(role);
}
roles.add(dn);
}
return roles;
- } catch (Exception e) {
- throw new UserDirectoryException("Cannot get members", e);
+ } catch (NamingException e) {
+ throw new IllegalStateException("Cannot get members", e);
}
}
package org.argeo.osgi.useradmin;
-import java.util.ArrayList;
-import java.util.Collections;
import java.util.List;
import java.util.Objects;
private final boolean functional;
private final Attributes attributes;
- HierarchyUnit parent;
- List<HierarchyUnit> children = new ArrayList<>();
+// HierarchyUnit parent;
+// List<HierarchyUnit> children = new ArrayList<>();
LdifHierarchyUnit(AbstractUserDirectory directory, LdapName dn, Attributes attributes) {
Objects.requireNonNull(directory);
@Override
public HierarchyUnit getParent() {
- return parent;
+ return directory.doGetHierarchyUnit(LdapNameUtils.getParent(dn));
}
@Override
public Iterable<HierarchyUnit> getDirectHierachyUnits(boolean functionalOnly) {
- List<HierarchyUnit> res = new ArrayList<>();
- if (functionalOnly)
- for (HierarchyUnit hu : children) {
- if (hu.isFunctional())
- res.add(hu);
- }
- else
- res.addAll(children);
- return Collections.unmodifiableList(res);
+// List<HierarchyUnit> res = new ArrayList<>();
+// if (functionalOnly)
+// for (HierarchyUnit hu : children) {
+// if (hu.isFunctional())
+// res.add(hu);
+// }
+// else
+// res.addAll(children);
+// return Collections.unmodifiableList(res);
+ return directory.doGetDirectHierarchyUnits(dn, functionalOnly);
}
@Override
protected synchronized void startEditing() {
if (frozen)
- throw new UserDirectoryException("Cannot edit frozen view");
+ throw new IllegalStateException("Cannot edit frozen view");
if (getUserAdmin().isReadOnly())
- throw new UserDirectoryException("User directory is read-only");
+ throw new IllegalStateException("User directory is read-only");
assert getModifiedAttributes() == null;
getWc().startEditing(this);
// modifiedAttributes = (Attributes) publishedAttributes.clone();
effectiveKeys.add(id);
}
} catch (NamingException e) {
- throw new UserDirectoryException("Cannot initialise attribute dictionary", e);
+ throw new IllegalStateException("Cannot initialise attribute dictionary", e);
}
if (!credentials)
effectiveKeys.add(LdapAttrs.objectClasses.name());
else
return null;
} catch (NamingException e) {
- throw new UserDirectoryException("Cannot get value for attribute " + key, e);
+ throw new IllegalStateException("Cannot get value for attribute " + key, e);
}
}
else
return null;
} catch (NamingException e) {
- throw new UserDirectoryException("Cannot remove attribute " + key, e);
+ throw new IllegalStateException("Cannot remove attribute " + key, e);
}
}
}
import java.util.HashSet;
import java.util.Hashtable;
import java.util.List;
+import java.util.NavigableMap;
import java.util.Objects;
import java.util.Set;
import java.util.SortedMap;
import javax.naming.NameNotFoundException;
import javax.naming.NamingEnumeration;
+import javax.naming.NamingException;
import javax.naming.directory.Attributes;
import javax.naming.ldap.LdapName;
/** A user admin based on a LDIF files. */
public class LdifUserAdmin extends AbstractUserDirectory {
- private SortedMap<LdapName, DirectoryUser> users = new TreeMap<>();
- private SortedMap<LdapName, DirectoryGroup> groups = new TreeMap<>();
+ private NavigableMap<LdapName, DirectoryUser> users = new TreeMap<>();
+ private NavigableMap<LdapName, DirectoryGroup> groups = new TreeMap<>();
- private SortedMap<LdapName, LdifHierarchyUnit> hierarchy = new TreeMap<>();
- private List<HierarchyUnit> rootHierarchyUnits = new ArrayList<>();
+ private NavigableMap<LdapName, LdifHierarchyUnit> hierarchy = new TreeMap<>();
+// private List<HierarchyUnit> rootHierarchyUnits = new ArrayList<>();
public LdifUserAdmin(String uri, String baseDn) {
this(fromUri(uri, baseDn), false);
char[] password = DigestUtils.bytesToChars(pwd);
User directoryUser = (User) getRole(username);
if (!directoryUser.hasCredential(null, password))
- throw new UserDirectoryException("Invalid credentials");
+ throw new IllegalStateException("Invalid credentials");
} else {
- throw new UserDirectoryException("Password is required");
+ throw new IllegalStateException("Password is required");
}
Dictionary<String, Object> properties = cloneProperties();
properties.put(UserAdminConf.readOnly.name(), "true");
LdifUserAdmin scopedUserAdmin = new LdifUserAdmin(properties, true);
- scopedUserAdmin.groups = Collections.unmodifiableSortedMap(groups);
- scopedUserAdmin.users = Collections.unmodifiableSortedMap(users);
+ scopedUserAdmin.groups = Collections.unmodifiableNavigableMap(groups);
+ scopedUserAdmin.users = Collections.unmodifiableNavigableMap(users);
return scopedUserAdmin;
}
return;
}
load(u.toURL().openStream());
- } catch (Exception e) {
- throw new UserDirectoryException("Cannot open URL " + getUri(), e);
+ } catch (IOException | URISyntaxException e) {
+ throw new IllegalStateException("Cannot open URL " + getUri(), e);
}
}
public void save() {
if (getUri() == null)
- throw new UserDirectoryException("Cannot save LDIF user admin: no URI is set");
+ throw new IllegalStateException("Cannot save LDIF user admin: no URI is set");
if (isReadOnly())
- throw new UserDirectoryException("Cannot save LDIF user admin: " + getUri() + " is read-only");
+ throw new IllegalStateException("Cannot save LDIF user admin: " + getUri() + " is read-only");
try (FileOutputStream out = new FileOutputStream(new File(new URI(getUri())))) {
save(out);
} catch (IOException | URISyntaxException e) {
- throw new UserDirectoryException("Cannot save user admin to " + getUri(), e);
+ throw new IllegalStateException("Cannot save user admin to " + getUri(), e);
}
}
while (ids.hasMoreElements()) {
String id = ids.nextElement().toLowerCase();
if (lowerCase.contains(id))
- throw new UserDirectoryException(key + " has duplicate id " + id);
+ throw new IllegalStateException(key + " has duplicate id " + id);
lowerCase.add(id);
}
}
// link hierarchy
- hierachyUnits: for (LdapName dn : hierarchy.keySet()) {
- LdifHierarchyUnit unit = hierarchy.get(dn);
- LdapName parentDn = (LdapName) dn.getPrefix(dn.size() - 1);
- LdifHierarchyUnit parent = hierarchy.get(parentDn);
- if (parent == null) {
- rootHierarchyUnits.add(unit);
- unit.parent = null;
- continue hierachyUnits;
- }
- parent.children.add(unit);
- unit.parent = parent;
- }
- } catch (Exception e) {
- throw new UserDirectoryException("Cannot load user admin service from LDIF", e);
+// hierachyUnits: for (LdapName dn : hierarchy.keySet()) {
+// LdifHierarchyUnit unit = hierarchy.get(dn);
+// LdapName parentDn = (LdapName) dn.getPrefix(dn.size() - 1);
+// LdifHierarchyUnit parent = hierarchy.get(parentDn);
+// if (parent == null) {
+// rootHierarchyUnits.add(unit);
+// unit.parent = null;
+// continue hierachyUnits;
+// }
+// parent.children.add(unit);
+// unit.parent = parent;
+// }
+ } catch (NamingException | IOException e) {
+ throw new IllegalStateException("Cannot load user admin service from LDIF", e);
}
}
public void destroy() {
if (users == null || groups == null)
- throw new UserDirectoryException("User directory " + getBaseDn() + " is already destroyed");
+ throw new IllegalStateException("User directory " + getBaseDn() + " is already destroyed");
users = null;
groups = null;
}
else if (groups.containsKey(dn))
groups.remove(dn);
else
- throw new UserDirectoryException("User to delete not found " + dn);
+ throw new IllegalStateException("User to delete not found " + dn);
}
// add
for (LdapName dn : wc.getNewUsers().keySet()) {
DirectoryUser user = wc.getNewUsers().get(dn);
if (users.containsKey(dn) || groups.containsKey(dn))
- throw new UserDirectoryException("User to create found " + dn);
+ throw new IllegalStateException("User to create found " + dn);
else if (Role.USER == user.getType())
users.put(dn, user);
else if (Role.GROUP == user.getType())
groups.put(dn, (DirectoryGroup) user);
else
- throw new UserDirectoryException("Unsupported role type " + user.getType() + " for new user " + dn);
+ throw new IllegalStateException("Unsupported role type " + user.getType() + " for new user " + dn);
}
// modify
for (LdapName dn : wc.getModifiedUsers().keySet()) {
else if (groups.containsKey(dn))
user = groups.get(dn);
else
- throw new UserDirectoryException("User to modify no found " + dn);
+ throw new IllegalStateException("User to modify no found " + dn);
user.publishAttributes(modifiedAttrs);
}
}
// public HierarchyUnit getHierarchyChild(int i) {
// return rootHierarchyUnits.get(i);
// }
-
@Override
- public HierarchyUnit getHierarchyUnit(String path) {
- LdapName dn = pathToName(path);
+ protected HierarchyUnit doGetHierarchyUnit(LdapName dn) {
return hierarchy.get(dn);
}
@Override
- public Iterable<HierarchyUnit> getDirectHierarchyUnits(boolean functionalOnly) {
- if (functionalOnly) {
- List<HierarchyUnit> res = new ArrayList<>();
- for (HierarchyUnit hu : rootHierarchyUnits) {
- if (hu.isFunctional())
- res.add(hu);
+ protected Iterable<HierarchyUnit> doGetDirectHierarchyUnits(LdapName searchBase, boolean functionalOnly) {
+ List<HierarchyUnit> res = new ArrayList<>();
+ for (LdapName n : hierarchy.keySet()) {
+ if (n.size() == searchBase.size() + 1) {
+ if (n.startsWith(searchBase)) {
+ HierarchyUnit hu = hierarchy.get(n);
+ if (functionalOnly) {
+ if (hu.isFunctional())
+ res.add(hu);
+ } else {
+ res.add(hu);
+ }
+ }
}
- return res;
-
- } else {
- return rootHierarchyUnits;
}
+ return res;
}
- @Override
- public HierarchyUnit getHierarchyUnit(Role role) {
- LdapName dn = LdapNameUtils.toLdapName(role.getName());
- LdapName huDn = LdapNameUtils.getParent(dn);
- HierarchyUnit hierarchyUnit = hierarchy.get(huDn);
- if (hierarchyUnit == null)
- throw new IllegalStateException("No hierarchy unit found for " + role);
- return hierarchyUnit;
- }
+// @Override
+// public Iterable<HierarchyUnit> getDirectHierarchyUnits(boolean functionalOnly) {
+// if (functionalOnly) {
+// List<HierarchyUnit> res = new ArrayList<>();
+// for (HierarchyUnit hu : rootHierarchyUnits) {
+// if (hu.isFunctional())
+// res.add(hu);
+// }
+// return res;
+//
+// } else {
+// return rootHierarchyUnits;
+// }
+// }
}
import org.osgi.framework.Filter;
import org.osgi.service.useradmin.User;
+/** Pseudo user directory to be used when logging in as OS user. */
public class OsUserDirectory extends AbstractUserDirectory {
private final String osUsername = System.getProperty("user.name");
private final LdapName osUserDn;
public OsUserDirectory(URI uriArg, Dictionary<String, ?> props) {
super(uriArg, props, false);
try {
- osUserDn = new LdapName(LdapAttrs.uid.name() + "=" + osUsername + "," + getUserBaseRdn() + "," + getBaseDn());
+ osUserDn = new LdapName(
+ LdapAttrs.uid.name() + "=" + osUsername + "," + getUserBaseRdn() + "," + getBaseDn());
Attributes attributes = new BasicAttributes();
attributes.put(LdapAttrs.uid.name(), osUsername);
osUser = newUser(osUserDn, attributes);
} catch (NamingException e) {
- throw new UserDirectoryException("Cannot create system user", e);
+ throw new IllegalStateException("Cannot create system user", e);
}
}
throw new UnsupportedOperationException();
}
+ @Override
+ protected HierarchyUnit doGetHierarchyUnit(LdapName dn) {
+ return null;
+ }
+
+ @Override
+ protected Iterable<HierarchyUnit> doGetDirectHierarchyUnits(LdapName searchBase, boolean functionalOnly) {
+ return new ArrayList<>();
+ }
+
}
String token = ldapName.getRdn(ldapName.size()).getValue().toString();
res.add(token);
} catch (InvalidNameException e) {
- throw new UserDirectoryException("Invalid principal " + principal, e);
+ throw new IllegalArgumentException("Invalid principal " + principal, e);
}
}
}
import java.util.Map;
import javax.naming.Context;
+import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import org.argeo.util.naming.NamingUtils;
return new URI(null, null, bDn != null ? '/' + bDn : null, query.length() != 0 ? query.toString() : null,
null);
} catch (URISyntaxException e) {
- throw new UserDirectoryException("Cannot create URI from properties", e);
+ throw new IllegalArgumentException("Cannot create URI from properties", e);
}
}
} else if (scheme.equals(SCHEME_IPA)) {
} else if (scheme.equals(SCHEME_OS)) {
} else
- throw new UserDirectoryException("Unsupported scheme " + scheme);
+ throw new IllegalArgumentException("Unsupported scheme " + scheme);
Map<String, List<String>> query = NamingUtils.queryToMap(u);
for (String key : query.keySet()) {
UserAdminConf ldapProp = UserAdminConf.valueOf(key);
if (values.size() == 1) {
res.put(ldapProp.name(), values.get(0));
} else {
- throw new UserDirectoryException("Only single values are supported");
+ throw new IllegalArgumentException("Only single values are supported");
}
}
res.put(baseDn.name(), bDn);
}
}
return res;
- } catch (Exception e) {
- throw new UserDirectoryException("Cannot convert " + uri + " to properties", e);
+ } catch (URISyntaxException | InvalidNameException e) {
+ throw new IllegalArgumentException("Cannot convert " + uri + " to properties", e);
}
}
public static String baseDnHash(Dictionary<String, Object> properties) {
String bDn = (String) properties.get(baseDn.name());
if (bDn == null)
- throw new UserDirectoryException("No baseDn in " + properties);
+ throw new IllegalStateException("No baseDn in " + properties);
return DigestUtils.sha1str(bDn);
}
}
+++ /dev/null
-package org.argeo.osgi.useradmin;
-
-import org.osgi.service.useradmin.UserAdmin;
-
-/**
- * Exceptions related to Argeo's implementation of OSGi {@link UserAdmin}
- * service.
- */
-@Deprecated
-public class UserDirectoryException extends RuntimeException {
- private static final long serialVersionUID = 1419352360062048603L;
-
- public UserDirectoryException(String message) {
- super(message);
- }
-
- public UserDirectoryException(String message, Throwable e) {
- super(message, e);
- }
-}
}
public boolean noModifications() {
- return newUsers.size() == 0 && modifiedUsers.size() == 0
- && deletedUsers.size() == 0;
+ return newUsers.size() == 0 && modifiedUsers.size() == 0 && deletedUsers.size() == 0;
}
public Attributes getAttributes(LdapName dn) {
public void startEditing(DirectoryUser user) {
LdapName dn = user.getDn();
if (modifiedUsers.containsKey(dn))
- throw new UserDirectoryException("Already editing " + dn);
+ throw new IllegalStateException("Already editing " + dn);
modifiedUsers.put(dn, (Attributes) user.getAttributes().clone());
}
@Override
public synchronized void start(Xid xid, int flags) throws XAException {
if (editingXid != null)
- throw new UserDirectoryException("Already editing " + editingXid);
+ throw new IllegalStateException("Already editing " + editingXid);
UserDirectoryWorkingCopy wc = workingCopies.put(xid, new UserDirectoryWorkingCopy());
if (wc != null)
- throw new UserDirectoryException("There is already a working copy for " + xid);
+ throw new IllegalStateException("There is already a working copy for " + xid);
this.editingXid = xid;
}
return null;
UserDirectoryWorkingCopy wc = workingCopies.get(editingXid);
if (wc == null)
- throw new UserDirectoryException("No working copy found for " + editingXid);
+ throw new IllegalStateException("No working copy found for " + editingXid);
return wc;
}
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
-import org.argeo.osgi.useradmin.UserDirectoryException;
-
/** LDAP authPassword field according to RFC 3112 */
public class AuthPassword implements CallbackHandler {
private final String authScheme;
}
return null;
} catch (NamingException e) {
- throw new UserDirectoryException("Cannot check attribute", e);
+ throw new IllegalStateException("Cannot check attribute", e);
}
}
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
-import org.argeo.osgi.useradmin.UserDirectoryException;
-
/** Basic LDIF parser. */
public class LdifParser {
private final static Charset DEFAULT_CHARSET = StandardCharsets.UTF_8;
if (nameAttr == null)
currentAttributes.put(nameRdn.getType(), nameRdn.getValue());
else if (!nameAttr.get().equals(nameRdn.getValue()))
- throw new UserDirectoryException(
+ throw new IllegalStateException(
"Attribute " + nameAttr.getID() + "=" + nameAttr.get() + " not consistent with DN " + currentDn
+ " (shortly before line " + lineNumber + " in LDIF file)");
Attributes previous = res.put(currentDn, currentAttributes);
return previous;
} catch (NamingException e) {
- throw new UserDirectoryException("Cannot add " + currentDn, e);
+ throw new IllegalStateException("Cannot add " + currentDn, e);
}
}
import javax.naming.ldap.LdapName;
import javax.naming.ldap.Rdn;
-import org.argeo.osgi.useradmin.UserDirectoryException;
-
/** Basic LDIF writer */
public class LdifWriter {
private final static Charset DEFAULT_CHARSET = StandardCharsets.UTF_8;
Rdn nameRdn = name.getRdn(name.size() - 1);
Attribute nameAttr = attributes.get(nameRdn.getType());
if (!nameAttr.get().equals(nameRdn.getValue()))
- throw new UserDirectoryException(
+ throw new IllegalArgumentException(
"Attribute " + nameAttr.getID() + "=" + nameAttr.get() + " not consistent with DN " + name);
writer.append(DN + ": ").append(name.toString()).append('\n');
writer.append('\n');
writer.flush();
} catch (NamingException e) {
- throw new UserDirectoryException("Cannot write LDIF", e);
+ throw new IllegalStateException("Cannot write LDIF", e);
}
}