You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-dev@portals.apache.org by ta...@apache.org on 2007/08/18 01:15:42 UTC
svn commit: r567169 - in
/portals/jetspeed-2/trunk/components/jetspeed-security/src:
main/java/org/apache/jetspeed/security/spi/impl/ldap/ test/resources/
Author: taylor
Date: Fri Aug 17 16:15:41 2007
New Revision: 567169
URL: http://svn.apache.org/viewvc?view=rev&rev=567169
Log:
https://issues.apache.org/jira/browse/JS2-750
fix ldap to work with ApacheDS
contribution from Lincoln Peters
Modified:
portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java
portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapGroupDaoImpl.java
portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapMemberShipDaoImpl.java
portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapPrincipalDaoImpl.java
portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapRoleDaoImpl.java
portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserCredentialDaoImpl.java
portals/jetspeed-2/trunk/components/jetspeed-security/src/test/resources/security-spi-ldap.xml
Modified: portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java?view=diff&rev=567169&r1=567168&r2=567169
==============================================================================
--- portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java (original)
+++ portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/AbstractLdapDao.java Fri Aug 17 16:15:41 2007
@@ -207,6 +207,8 @@
{
SearchResult searchResult = (SearchResult) searchResults.next();
userDn = searchResult.getName();
+ // FIXME: Does this work?
+ userDn += "," + StringUtils.replace(getSearchDomain(), "," + getRootContext(), "");
}
return userDn;
}
Modified: portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapGroupDaoImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapGroupDaoImpl.java?view=diff&rev=567169&r1=567168&r2=567169
==============================================================================
--- portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapGroupDaoImpl.java (original)
+++ portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapGroupDaoImpl.java Fri Aug 17 16:15:41 2007
@@ -80,7 +80,11 @@
attrs.put(classes);
attrs.put(getEntryPrefix(), principalUid);
if(!StringUtils.isEmpty(getGroupObjectRequiredAttributeClasses()))
- attrs.put(getGroupObjectRequiredAttributeClasses(), "");
+ {
+ String[] required = getGroupObjectRequiredAttributeClasses().split(",");
+ for (int i=0; i<required.length; i++)
+ attrs.put(required[i], "");
+ }
for (int i=0;i<getAttributes().length;i++)
attrs.put(parseAttr(getAttributes()[i],principalUid)[0], parseAttr(getAttributes()[i],principalUid)[1]);
Modified: portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapMemberShipDaoImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapMemberShipDaoImpl.java?view=diff&rev=567169&r1=567168&r2=567169
==============================================================================
--- portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapMemberShipDaoImpl.java (original)
+++ portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapMemberShipDaoImpl.java Fri Aug 17 16:15:41 2007
@@ -57,7 +57,7 @@
*/
public String[] searchGroupMemberShipByGroup(final String userPrincipalUid, SearchControls cons) throws NamingException {
- String query = "(&(" + getGroupMembershipAttribute() + "=" + getUserDN(userPrincipalUid) + ")" + getGroupFilter() + ")";
+ String query = "(&(" + getGroupMembershipAttribute() + "=" + userPrincipalUid + ")" + getGroupFilter() + ")";
if (logger.isDebugEnabled())
{
@@ -97,7 +97,7 @@
Iterator it = attrs.iterator();
while(it.hasNext()) {
String cnfull = (String)it.next();
- if(cnfull.toLowerCase().indexOf(getRoleFilterBase().toLowerCase())!=-1) {
+ if(cnfull.toLowerCase().indexOf(getGroupFilterBase().toLowerCase())!=-1) {
String cn = extractLdapAttr(cnfull,getRoleUidAttribute());
groupUids.add(cn);
}
@@ -153,6 +153,10 @@
if(cnfull.toLowerCase().indexOf(getRoleFilterBase().toLowerCase())!=-1) {
String cn = extractLdapAttr(cnfull,getRoleUidAttribute());
newAttrs.add(cn);
+ }else{
+ // No conversion required (I think!)
+ String cn = cnfull;
+ newAttrs.add(cn);
}
}
return (String[]) newAttrs.toArray(new String[newAttrs.size()]);
@@ -340,7 +344,7 @@
throws NamingException
{
- String query = "(&(" + getUserRoleMembershipAttribute() + "=" + getRoleDN(rolePrincipalUid) + ")" + getUserFilter() + ")";
+ String query = "(&(" + getUserRoleMembershipAttribute() + "=" + rolePrincipalUid + ")" + getUserFilter() + ")";
if (logger.isDebugEnabled())
{
logger.debug("query[" + query + "]");
Modified: portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapPrincipalDaoImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapPrincipalDaoImpl.java?view=diff&rev=567169&r1=567168&r2=567169
==============================================================================
--- portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapPrincipalDaoImpl.java (original)
+++ portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapPrincipalDaoImpl.java Fri Aug 17 16:15:41 2007
@@ -156,8 +156,8 @@
try
{
rdn = getSubcontextName(dn);
- if(!StringUtils.isEmpty(getSearchDomain()))
- rdn+="," + getSearchDomain();
+ //if(!StringUtils.isEmpty(getSearchDomain()))
+ // rdn+="," + getSearchDomain();
ctx.destroySubcontext(rdn);
}
catch (NamingException e)
Modified: portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapRoleDaoImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapRoleDaoImpl.java?view=diff&rev=567169&r1=567168&r2=567169
==============================================================================
--- portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapRoleDaoImpl.java (original)
+++ portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapRoleDaoImpl.java Fri Aug 17 16:15:41 2007
@@ -79,7 +79,19 @@
attrs.put(classes);
attrs.put(getEntryPrefix(), principalUid);
if(!StringUtils.isEmpty(getRoleObjectRequiredAttributeClasses()))
- attrs.put(getRoleObjectRequiredAttributeClasses(), "");
+ {
+ String key = getRoleObjectRequiredAttributeClasses();
+ if ( key.indexOf(',') >= 0 )
+ {
+ String[] allKeys = key.split(",");
+ for (int i=0; i<allKeys.length; i++)
+ attrs.put( allKeys[i], "" );
+ }
+ else
+ {
+ attrs.put(getRoleObjectRequiredAttributeClasses(), "");
+ }
+ }
for (int i=0;i<getAttributes().length;i++)
attrs.put(parseAttr(getAttributes()[i],principalUid)[0], parseAttr(getAttributes()[i],principalUid)[1]);
return attrs;
Modified: portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserCredentialDaoImpl.java
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserCredentialDaoImpl.java?view=diff&rev=567169&r1=567168&r2=567169
==============================================================================
--- portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserCredentialDaoImpl.java (original)
+++ portals/jetspeed-2/trunk/components/jetspeed-security/src/main/java/org/apache/jetspeed/security/spi/impl/ldap/LdapUserCredentialDaoImpl.java Fri Aug 17 16:15:41 2007
@@ -177,8 +177,8 @@
{
logger.debug("setPassword userDn = " + userDn);
String rdn = getSubcontextName(userDn);
- if (!StringUtils.isEmpty(getUserFilterBase()))
- rdn+="," + getUserFilterBase();
+ //if (!StringUtils.isEmpty(getUserFilterBase()))
+ // rdn+="," + getUserFilterBase();
logger.debug("setPassword rdn = " + rdn);
Attributes attrs = new BasicAttributes(false);
Modified: portals/jetspeed-2/trunk/components/jetspeed-security/src/test/resources/security-spi-ldap.xml
URL: http://svn.apache.org/viewvc/portals/jetspeed-2/trunk/components/jetspeed-security/src/test/resources/security-spi-ldap.xml?view=diff&rev=567169&r1=567168&r2=567169
==============================================================================
--- portals/jetspeed-2/trunk/components/jetspeed-security/src/test/resources/security-spi-ldap.xml (original)
+++ portals/jetspeed-2/trunk/components/jetspeed-security/src/test/resources/security-spi-ldap.xml Fri Aug 17 16:15:41 2007
@@ -36,37 +36,37 @@
<!-- The LDAP server root password. -->
<constructor-arg index="5"><value>secret</value></constructor-arg>
<!-- The roles filter. -->
- <constructor-arg index="6"><value>(objectclass=groupOfNames)</value></constructor-arg>
+ <constructor-arg index="6"><value>(objectclass=jetspeed-2-role)</value></constructor-arg>
<!-- The groups filter. -->
- <constructor-arg index="7"><value>(objectclass=groupOfUniqueNames)</value></constructor-arg>
+ <constructor-arg index="7"><value>(objectclass=jetspeed-2-group)</value></constructor-arg>
<!-- The user filter. -->
- <constructor-arg index="8"><value>(objectclass=inetorgperson)(objectclass=organizationalPerson)</value></constructor-arg>
+ <constructor-arg index="8"><value>(objectclass=jetspeed-2-user)</value></constructor-arg>
<!-- The roleMembershipAttributes. -->
- <constructor-arg index="9"><value>member</value></constructor-arg>
+ <constructor-arg index="9"><value>j2-role</value></constructor-arg>
<!-- The userRoleMembershipAttributes. -->
- <constructor-arg index="10"><value></value></constructor-arg>
+ <constructor-arg index="10"><value>j2-role</value></constructor-arg>
<!-- The groupMembershipAttributes. -->
<constructor-arg index="11"><value>uniqueMember</value></constructor-arg>
<!-- The userGroupMembershipAttributes. -->
- <constructor-arg index="12"><value></value></constructor-arg>
+ <constructor-arg index="12"><value>j2-group</value></constructor-arg>
<!-- The groupMembershipForRoleAttributes. -->
<constructor-arg index="13"><value>uniqueMember</value></constructor-arg>
<!-- The roleGroupMembershipForRoleAttributes. -->
<constructor-arg index="14"><value></value></constructor-arg>
<!-- The defaultSearchBase. -->
- <constructor-arg index="15"><value></value></constructor-arg>
+ <constructor-arg index="15"><value>o=sevenSeas</value></constructor-arg>
<!-- The roleFilterBase. -->
- <constructor-arg index="16"><value></value></constructor-arg>
+ <constructor-arg index="16"><value>ou=Roles,ou=OrgUnit1</value></constructor-arg>
<!-- The groupFilterBase. -->
- <constructor-arg index="17"><value></value></constructor-arg>
+ <constructor-arg index="17"><value>ou=Groups,ou=OrgUnit1</value></constructor-arg>
<!-- The userFilterBase. -->
- <constructor-arg index="18"><value></value></constructor-arg>
+ <constructor-arg index="18"><value>ou=People,ou=OrgUnit1</value></constructor-arg>
<!-- The roleObjectClasses. -->
- <constructor-arg index="19"><value>top,groupOfNames</value></constructor-arg>
+ <constructor-arg index="19"><value>top,groupOfUniqueNames,jetspeed-2-role</value></constructor-arg>
<!-- The groupObjectClasses. -->
- <constructor-arg index="20"><value>top,groupOfUniqueNames</value></constructor-arg>
+ <constructor-arg index="20"><value>top,groupOfUniqueNames,jetspeed-2-group</value></constructor-arg>
<!-- The userObjectClasses. -->
- <constructor-arg index="21"><value>top,person,organizationalPerson,inetorgperson</value></constructor-arg>
+ <constructor-arg index="21"><value>top,person,organizationalPerson,inetorgperson,jetspeed-2-user</value></constructor-arg>
<!-- The roleIdAttribute. -->
<constructor-arg index="22"><value>cn</value></constructor-arg>
<!-- The groupIdAttribute. -->
@@ -84,9 +84,9 @@
<!-- The userUidAttribute. -->
<constructor-arg index="29"><value>uid</value></constructor-arg>
<!-- The roleObjectRequiredAttributeClasses. -->
- <constructor-arg index="30"><value>member</value></constructor-arg>
+ <constructor-arg index="30"><value>cn,j2-classname,uid,uniquemember</value></constructor-arg>
<!-- The groupObjectRequiredAttributeClasses. -->
- <constructor-arg index="31"><value>uniqueMember</value></constructor-arg>
+ <constructor-arg index="31"><value>cn,j2-classname,uid,uniqueMember</value></constructor-arg>
<!-- The userAttributes. -->
<constructor-arg index="32"><value>sn={u},cn={u},uid={u}</value></constructor-arg>
<!-- The roleAttributes. -->
@@ -96,7 +96,7 @@
<!-- The userPasswordAttribute. -->
<constructor-arg index="35"><value>userPassword</value></constructor-arg>
<!-- The knownAttributes. -->
- <constructor-arg index="36"><value>cn,sn,o,uid,ou,objectClass,userPassword,member,uniqueMember,memberOf</value></constructor-arg>
+ <constructor-arg index="36"><value>cn,sn,o,uid,ou,objectClass,userPassword,member,uniqueMember,memberOf,j2-role,j2-group</value></constructor-arg>
</bean>
</beans>
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org