You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@manifoldcf.apache.org by kw...@apache.org on 2011/05/04 07:00:30 UTC
svn commit: r1099322 - in /incubator/lcf/trunk: ./ CHANGES.txt
connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryAuthority.java
Author: kwright
Date: Wed May 4 05:00:30 2011
New Revision: 1099322
URL: http://svn.apache.org/viewvc?rev=1099322&view=rev
Log:
Fix for CONNECTORS-195. Since every user has a SID, if no SIDs come back from our attempt to get them, the user must not exist.
Modified:
incubator/lcf/trunk/ (props changed)
incubator/lcf/trunk/CHANGES.txt
incubator/lcf/trunk/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryAuthority.java
Propchange: incubator/lcf/trunk/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed May 4 05:00:30 2011
@@ -1,3 +1,4 @@
/incubator/lcf/branches/CONNECTORS-151-branch:1063444-1071206
/incubator/lcf/branches/CONNECTORS-160-branch:1071241-1071534
+/incubator/lcf/branches/CONNECTORS-195:1098950-1099321
/incubator/lcf/branches/CONNECTORS-32:1092556-1094216
Modified: incubator/lcf/trunk/CHANGES.txt
URL: http://svn.apache.org/viewvc/incubator/lcf/trunk/CHANGES.txt?rev=1099322&r1=1099321&r2=1099322&view=diff
==============================================================================
--- incubator/lcf/trunk/CHANGES.txt (original)
+++ incubator/lcf/trunk/CHANGES.txt Wed May 4 05:00:30 2011
@@ -3,6 +3,10 @@ $Id$
======================= 0.3-dev =========================
+CONNECTORS-195: Active directory authority does not properly identify
+non-existing users on all versions of Java and all versions of AD.
+(Kadri Atalay, Karl Wright)
+
CONNECTORS-192: Specification processing would sometimes be called
without the specification data being posted.
(Karl Wright)
Modified: incubator/lcf/trunk/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryAuthority.java
URL: http://svn.apache.org/viewvc/incubator/lcf/trunk/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryAuthority.java?rev=1099322&r1=1099321&r2=1099322&view=diff
==============================================================================
--- incubator/lcf/trunk/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryAuthority.java (original)
+++ incubator/lcf/trunk/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryAuthority.java Wed May 4 05:00:30 2011
@@ -205,17 +205,17 @@ public class ActiveDirectoryAuthority ex
{
getSession();
- //Create the search controls
- SearchControls searchCtls = new SearchControls();
-
- //Specify the search scope, must be base level search for tokenGroups
- searchCtls.setSearchScope(SearchControls.OBJECT_SCOPE);
-
//specify the LDAP search filter
String searchFilter = "(objectClass=user)";
//Specify the Base for the search
String searchBase = parseUser(userName);
+
+ //Create the search controls for finding the access tokens
+ SearchControls searchCtls = new SearchControls();
+
+ //Specify the search scope, must be base level search for tokenGroups
+ searchCtls.setSearchScope(SearchControls.OBJECT_SCOPE);
//Specify the attributes to return
String returnedAtts[] = {"tokenGroups","objectSid"};
@@ -223,12 +223,10 @@ public class ActiveDirectoryAuthority ex
try
{
- //Search for objects using the filter
+ //Search for tokens. Since every user *must* have a SID, the no user detection should be safe.
NamingEnumeration answer = ctx.search(searchBase, searchFilter, searchCtls);
ArrayList theGroups = new ArrayList();
- // All users get certain well-known groups
- theGroups.add("S-1-1-0");
//Loop through the search results
while (answer.hasMoreElements())
@@ -259,7 +257,13 @@ public class ActiveDirectoryAuthority ex
}
}
+
+ if (theGroups.size() == 0)
+ return userNotFoundResponse;
+ // All users get certain well-known groups
+ theGroups.add("S-1-1-0");
+
String[] tokens = new String[theGroups.size()];
int k = 0;
while (k < tokens.length)