You are viewing a plain text version of this content. The canonical link for it is here.
Posted to slide-dev@jakarta.apache.org by ma...@apache.org on 2004/10/27 07:12:39 UTC
cvs commit: jakarta-slide/src/stores/org/apache/slide/store/txjndi JNDIPrincipalStore.java
masonjm 2004/10/26 22:12:39
Modified: src/stores/org/apache/slide/store/txjndi
JNDIPrincipalStore.java
Log:
Fix for bug #31700 provided by Stefan Fromm. Allows an attribute other than the rdn attribute to be used as the username in Slide.
Revision Changes Path
1.9 +45 -11 jakarta-slide/src/stores/org/apache/slide/store/txjndi/JNDIPrincipalStore.java
Index: JNDIPrincipalStore.java
===================================================================
RCS file: /home/cvs/jakarta-slide/src/stores/org/apache/slide/store/txjndi/JNDIPrincipalStore.java,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- JNDIPrincipalStore.java 29 Sep 2004 15:39:08 -0000 1.8
+++ JNDIPrincipalStore.java 27 Oct 2004 05:12:39 -0000 1.9
@@ -25,8 +25,10 @@
import java.util.ArrayList;
import java.util.Enumeration;
+import java.util.HashMap;
import java.util.Hashtable;
import java.util.Iterator;
+import java.util.Map;
import java.util.NoSuchElementException;
import java.util.StringTokenizer;
import java.util.TreeSet;
@@ -140,6 +142,12 @@
* The attribute used to uniquely identify the objects you're fetching. Usually uid or cn.
* </dd>
*
+ * <dt>jndi.attributes.userprincipalname</dt>
+ * <dd>
+ * The attribute used to provide a user/role name which is mapped into Slide instead of the
+ * path name. This attribute is optional.
+ * </dd>
+ *
* <dt>jndi.search.filter</dt>
* <dd>
* The filter string to use for the search. Example: <em>(objectClass=inetOrgPerson)</em>.
@@ -247,9 +255,10 @@
public static final String PARAM_JNDI_RDN_ATTRIBUTE = "jndi.attributes.rdn";
public static final String PARAM_JNDI_SEARCH_ATTRIBUTES = "jndi.search.attributes";
public static final String PARAM_JNDI_SEARCH_SCOPE = "jndi.search.scope";
+ public static final String PARAM_JNDI_USERPRINCIPALNAME = "jndi.attributes.userprincipalname";
public static final String PARAM_LOG_VALIDATION_ERRORS = "log.validationerrors";
-
+
// Default values
public static final int DEFAULT_CACHE_SIZE = 200;
public static final boolean DEFAULT_CACHE_OVERFLOW_TO_DISK = true;
@@ -285,9 +294,12 @@
protected String groupMemberSet;
protected String rdnAttribute;
protected int searchScope;
+ protected String principalNameAttribute;
private String name;
private String usersPath;
+ private Map objectNameMap; // Uri-String -> LDAP lookup name
+
public JNDIPrincipalStore() {
ctxParameters = new Hashtable();
@@ -295,6 +307,7 @@
name = "";
refreshList = new TreeSet();
refresher = new RefreshThread();
+ objectNameMap = new HashMap();
}
// ----------------------------------------------------------- Service Methods --------
@@ -411,6 +424,9 @@
if ( "true".equalsIgnoreCase( temp ) ) {
logValidationErrors = true;
}
+
+ //Set attribute which contains the user principal name for authentication
+ principalNameAttribute = (String)parameters.get(PARAM_JNDI_USERPRINCIPALNAME);
}
public boolean cacheResults() {
@@ -729,7 +745,12 @@
if ( !validatePathName( name ) ) {
continue;
}
- String value = parseLdapName( name );
+ String value = parseLdapName(name);
+ if (principalNameAttribute != null) {
+ String uriValue = ((String)result.getAttributes().get(principalNameAttribute).get()).toLowerCase();
+ objectNameMap.put(uriValue, value);
+ value = uriValue;
+ }
getLogger().log(
name + ": Creating child binding \"" + value + "\" for \"" +
@@ -750,10 +771,12 @@
// of the "+ something" in LDAP.
try {
+ if (principalNameAttribute != null && objectNameMap.get(objectName) == null)
+ retrieveObject(parentUri);
NamingEnumeration results = ctx.search(
container,
- rdnAttribute + "=" + objectName,
- controls );
+ rdnAttribute + "=" + (principalNameAttribute != null ? (String)objectNameMap.get(objectName) : objectName),
+ controls);
if ( !results.hasMore() ) {
if (ctx != null) {
@@ -823,12 +846,12 @@
new NodeProperty( "resourcetype", resourceType, "DAV:", "", false ) );
props.put(
"DAV:displayname",
- new NodeProperty( "displayname", objectName, "DAV:", "", false ) );
+ new NodeProperty( "displayname", (!uri.isStoreRoot() && principalNameAttribute != null?(String)objectNameMap.get(objectName):objectName), "DAV:", "", false ) );
// The storeRoot isn't a real object so it doesn't have any parameters to look up
if ( !uri.isStoreRoot() ) {
- String localFilter = rdnAttribute + "=" + objectName;
+ String localFilter = rdnAttribute + "=" + (principalNameAttribute != null?(String)objectNameMap.get(objectName):objectName);
SearchControls controls = new SearchControls();
controls.setSearchScope( searchScope );
@@ -881,7 +904,18 @@
if ( isGms ) {
valueString.append( "<D:href xmlns:D='DAV:'>" );
valueString.append( usersPath ).append( "/" );
- valueString.append( parseLdapName( value.toString() ) );
+ String name = parseLdapName(value.toString());
+ if (principalNameAttribute != null) {
+ // lookup LDAP user entry
+ controls.setReturningAttributes(new String[] { principalNameAttribute });
+ NamingEnumeration roleResults =
+ ctx.search(container, rdnAttribute + "=" + name, controls);
+ if (roleResults.hasMore()) {
+ SearchResult userObject = (SearchResult)roleResults.next();
+ name = ((String)userObject.getAttributes().get(principalNameAttribute).get()).toLowerCase();
+ }
+ }
+ valueString.append(name);
valueString.append( "</D:href>" );
} else {
if ( isMva ) {
@@ -1023,7 +1057,7 @@
if (name.equals("")) return name;
- int firstEqual = name.indexOf( "=" );
+ int firstEqual = name.indexOf("=");
if ( firstEqual < 0 ) {
firstEqual = 0;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-dev-help@jakarta.apache.org