You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by di...@apache.org on 2015/01/22 15:55:38 UTC
incubator-ranger git commit: RANGER-212: Ranger should support
computing user group memberships by searching for users and groups
Repository: incubator-ranger
Updated Branches:
refs/heads/master 765266e65 -> 78cc53a11
RANGER-212: Ranger should support computing user group memberships by searching for users and groups
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/78cc53a1
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/78cc53a1
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/78cc53a1
Branch: refs/heads/master
Commit: 78cc53a11a5c987e9c9533f0b421cdb68f4e52b9
Parents: 765266e
Author: Dilli Dorai Arumugam <da...@hortonworks.com>
Authored: Tue Jan 6 21:44:21 2015 +0530
Committer: Dilli Dorai Arumugam <da...@hortonworks.com>
Committed: Thu Jan 22 06:47:26 2015 -0800
----------------------------------------------------------------------
.../process/LdapUserGroupBuilder.java | 280 ++++++++++++++-----
.../config/UserGroupSyncConfig.java | 171 +++++++++--
2 files changed, 367 insertions(+), 84 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/78cc53a1/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
----------------------------------------------------------------------
diff --git a/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java b/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
index 8c1c760..f2fbf02 100644
--- a/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
+++ b/ugsync/src/main/java/org/apache/ranger/ldapusersync/process/LdapUserGroupBuilder.java
@@ -39,6 +39,7 @@ import javax.naming.ldap.LdapContext;
import javax.naming.ldap.PagedResultsControl;
import javax.naming.ldap.PagedResultsResponseControl;
+import com.sun.jndi.toolkit.dir.SearchFilter;
import org.apache.log4j.Logger;
import org.apache.ranger.unixusersync.config.UserGroupSyncConfig;
import org.apache.ranger.usergroupsync.UserGroupSink;
@@ -48,23 +49,49 @@ public class LdapUserGroupBuilder implements UserGroupSource {
private static final Logger LOG = Logger.getLogger(LdapUserGroupBuilder.class);
- private static final int PAGE_SIZE = 100;
+ private static final int PAGE_SIZE = 500;
private UserGroupSyncConfig config = UserGroupSyncConfig.getInstance();
-
- private String userSearchBase;
- private String extendedSearchFilter;
+
+ private String ldapUrl;
+ private String ldapBindDn;
+ private String ldapBindPassword;
+ private String ldapAuthenticationMechanism;
+
+ private String searchBase;
+
+ private String userSearchBase;
private String userNameAttribute;
-
+ private int userSearchScope;
+ private String userObjectClass;
+ private String userSearchFilter;
+ private String extendedUserSearchFilter;
+ private SearchControls userSearchControls;
+ private Set<String> userGroupNameAttributeSet;
+
+ private boolean pagedResultsEnabled = true;
+ private int pagedResultsSize = 500;
+
+ private boolean groupSearchEnabled = true;
+ private String groupSearchBase;
+ private int groupSearchScope;
+ private String groupObjectClass;
+ private String groupSearchFilter;
+ private String extendedGroupSearchFilter;
+ private String extendedAllGroupsSearchFilter;
+ private SearchControls groupSearchControls;
+ private String groupMemberAttributeName;
+ private String groupNameAttribute;
+
private LdapContext ldapContext;
- private SearchControls searchControls;
-
+
private boolean userNameCaseConversionFlag = false ;
private boolean groupNameCaseConversionFlag = false ;
private boolean userNameLowerCaseFlag = false ;
private boolean groupNameLowerCaseFlag = false ;
-
+ private boolean groupUserMapSyncEnabled = false;
+
public static void main(String[] args) throws Throwable {
LdapUserGroupBuilder ugBuilder = new LdapUserGroupBuilder();
ugBuilder.init();
@@ -102,11 +129,13 @@ public class LdapUserGroupBuilder implements UserGroupSource {
private void createLdapContext() throws Throwable {
LOG.info("LdapUserGroupBuilder initialization started");
- String ldapUrl = config.getLdapUrl();
- String ldapBindDn = config.getLdapBindDn();
- String ldapBindPassword = config.getLdapBindPassword();
- String ldapAuthenticationMechanism = config.getLdapAuthenticationMechanism();
-
+
+ ldapUrl = config.getLdapUrl();
+ ldapBindDn = config.getLdapBindDn();
+ ldapBindPassword = config.getLdapBindPassword();
+ //ldapBindPassword = "admin-password";
+ ldapAuthenticationMechanism = config.getLdapAuthenticationMechanism();
+
Properties env = new Properties();
env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
@@ -118,18 +147,20 @@ public class LdapUserGroupBuilder implements UserGroupSource {
env.put(Context.REFERRAL, "follow") ;
ldapContext = new InitialLdapContext(env, null);
-
+
+ searchBase = config.getSearchBase();
+
userSearchBase = config.getUserSearchBase();
- int userSearchScope = config.getUserSearchScope();
- String userObjectClass = config.getUserObjectClass();
- String userSearchFilter = config.getUserSearchFilter();
- extendedSearchFilter = "(objectclass=" + userObjectClass + ")";
+ userSearchScope = config.getUserSearchScope();
+ userObjectClass = config.getUserObjectClass();
+ userSearchFilter = config.getUserSearchFilter();
+ extendedUserSearchFilter = "(objectclass=" + userObjectClass + ")";
if (userSearchFilter != null && !userSearchFilter.trim().isEmpty()) {
String customFilter = userSearchFilter.trim();
if (!customFilter.startsWith("(")) {
customFilter = "(" + customFilter + ")";
}
- extendedSearchFilter = "(&" + extendedSearchFilter + customFilter + ")";
+ extendedUserSearchFilter = "(&" + extendedUserSearchFilter + customFilter + ")";
}
userNameAttribute = config.getUserNameAttribute();
@@ -137,31 +168,76 @@ public class LdapUserGroupBuilder implements UserGroupSource {
Set<String> userSearchAttributes = new HashSet<String>();
userSearchAttributes.add(userNameAttribute);
- Set<String> userGroupNameAttributeSet = config.getUserGroupNameAttributeSet();
+ userGroupNameAttributeSet = config.getUserGroupNameAttributeSet();
for (String useGroupNameAttribute : userGroupNameAttributeSet) {
userSearchAttributes.add(useGroupNameAttribute);
}
- searchControls = new SearchControls();
- searchControls.setSearchScope(userSearchScope);
- searchControls.setReturningAttributes(userSearchAttributes.toArray(
+ userSearchControls = new SearchControls();
+ userSearchControls.setSearchScope(userSearchScope);
+ userSearchControls.setReturningAttributes(userSearchAttributes.toArray(
new String[userSearchAttributes.size()]));
-
+ userGroupNameAttributeSet = config.getUserGroupNameAttributeSet();
+
+ pagedResultsEnabled = config.isPagedResultsEnabled();
+ pagedResultsSize = config.getPagedResultsSize();
+
+ groupSearchEnabled = config.isGroupSearchEnabled();
+ groupSearchBase = config.getGroupSearchBase();
+ groupSearchScope = config.getGroupSearchScope();
+ groupObjectClass = config.getGroupObjectClass();
+ groupSearchFilter = config.getGroupSearchFilter();
+ groupMemberAttributeName = config.getUserGroupMemberAttributeName();
+ groupNameAttribute = config.getGroupNameAttribute();
+
+ extendedGroupSearchFilter = "(objectclass=" + groupObjectClass + ")";
+ if (groupSearchFilter != null && !groupSearchFilter.trim().isEmpty()) {
+ String customFilter = groupSearchFilter.trim();
+ if (!customFilter.startsWith("(")) {
+ customFilter = "(" + customFilter + ")";
+ }
+ extendedGroupSearchFilter = extendedGroupSearchFilter + customFilter;
+ }
+ extendedAllGroupsSearchFilter = "(&" + extendedGroupSearchFilter + ")";
+ extendedGroupSearchFilter = "(&" + extendedGroupSearchFilter + "(" + groupMemberAttributeName + "={0})" + ")";
+
+ groupUserMapSyncEnabled = config.isGroupUserMapSyncEnabled();
+
+ groupSearchControls = new SearchControls();
+ groupSearchControls.setSearchScope(groupSearchScope);
+ String[] groupSearchAttributes = new String[]{groupNameAttribute};
+ groupSearchControls.setReturningAttributes(groupSearchAttributes);
+
if (LOG.isInfoEnabled()) {
LOG.info("LdapUserGroupBuilder initialization completed with -- "
+ "ldapUrl: " + ldapUrl
+ ", ldapBindDn: " + ldapBindDn
+ ", ldapBindPassword: ***** "
- + ", ldapAuthenticationMechanism: "
- + ldapAuthenticationMechanism + ", userSearchBase: "
- + userSearchBase + ", userSearchScope: " + userSearchScope
+ + ", ldapAuthenticationMechanism: " + ldapAuthenticationMechanism
+ + ", searchBase: " + searchBase
+ + ", userSearchBase: " + userSearchBase
+ + ", userSearchScope: " + userSearchScope
+ ", userObjectClass: " + userObjectClass
+ ", userSearchFilter: " + userSearchFilter
- + ", extendedSearchFilter: " + extendedSearchFilter
+ + ", extendedUserSearchFilter: " + extendedUserSearchFilter
+ ", userNameAttribute: " + userNameAttribute
- + ", userSearchAttributes: " + userSearchAttributes );
+ + ", userSearchAttributes: " + userSearchAttributes
+ + ", userGroupNameAttributeSet: " + userGroupNameAttributeSet
+ + ", pagedResultsEnabled: " + pagedResultsEnabled
+ + ", pagedResultsSize: " + pagedResultsSize
+ + ", groupSearchEnabled: " + groupSearchEnabled
+ + ", groupSearchBase: " + groupSearchBase
+ + ", groupSearchScope: " + groupSearchScope
+ + ", groupObjectClass: " + groupObjectClass
+ + ", groupSearchFilter: " + groupSearchFilter
+ + ", extendedGroupSearchFilter: " + extendedGroupSearchFilter
+ + ", extendedAllGroupsSearchFilter: " + extendedAllGroupsSearchFilter
+ + ", groupMemberAttributeName: " + groupMemberAttributeName
+ + ", groupNameAttribute: " + groupNameAttribute
+ + ", groupUserMapSyncEnabled: " + groupUserMapSyncEnabled
+ );
}
-
+
}
private void closeLdapContext() throws Throwable {
@@ -179,24 +255,26 @@ public class LdapUserGroupBuilder implements UserGroupSource {
@Override
public void updateSink(UserGroupSink sink) throws Throwable {
LOG.info("LDAPUserGroupBuilder updateSink started");
- NamingEnumeration<SearchResult> searchResultEnum = null;
+ NamingEnumeration<SearchResult> userSearchResultEnum = null;
+ NamingEnumeration<SearchResult> groupSearchResultEnum = null;
try {
createLdapContext();
-
- // Activate paged results
- byte[] cookie = null;
- ldapContext.setRequestControls(new Control[]{
- new PagedResultsControl(PAGE_SIZE, Control.NONCRITICAL) });
- int total;
-
+ int total;
+ // Activate paged results
+ byte[] cookie = null;
+ if (pagedResultsEnabled) {
+ ldapContext.setRequestControls(new Control[]{
+ new PagedResultsControl(pagedResultsSize, Control.NONCRITICAL) });
+ }
+
int counter = 0;
do {
- searchResultEnum = ldapContext
- .search(userSearchBase, extendedSearchFilter,
- searchControls);
- while (searchResultEnum.hasMore()) {
+ userSearchResultEnum = ldapContext
+ .search(userSearchBase, extendedUserSearchFilter,
+ userSearchControls);
+ while (userSearchResultEnum.hasMore()) {
// searchResults contains all the user entries
- final SearchResult userEntry = searchResultEnum.next();
+ final SearchResult userEntry = userSearchResultEnum.next();
String userName = (String) userEntry.getAttributes()
.get(userNameAttribute).get();
@@ -209,27 +287,53 @@ public class LdapUserGroupBuilder implements UserGroupSource {
userName = userName.toUpperCase() ;
}
}
-
- Set<String> groups = new HashSet<String>();
- Set<String> userGroupNameAttributeSet = config.getUserGroupNameAttributeSet();
- for (String useGroupNameAttribute : userGroupNameAttributeSet) {
- Attribute userGroupfAttribute = userEntry.getAttributes().get(useGroupNameAttribute);
- if(userGroupfAttribute != null) {
- NamingEnumeration<?> groupEnum = userGroupfAttribute.getAll();
- while (groupEnum.hasMore()) {
- String gName = getShortGroupName((String) groupEnum
- .next());
- if (groupNameCaseConversionFlag) {
- if (groupNameLowerCaseFlag) {
- gName = gName.toLowerCase();
- } else {
- gName = gName.toUpperCase();
- }
- }
- groups.add(gName);
- }
- }
- }
+
+ Set<String> groups = new HashSet<String>();
+
+ for (String useGroupNameAttribute : userGroupNameAttributeSet) {
+ Attribute userGroupfAttribute = userEntry.getAttributes().get(useGroupNameAttribute);
+ if (userGroupfAttribute != null) {
+ NamingEnumeration<?> groupEnum = userGroupfAttribute.getAll();
+ while (groupEnum.hasMore()) {
+ String gName = getShortGroupName((String) groupEnum
+ .next());
+ if (groupNameCaseConversionFlag) {
+ if (groupNameLowerCaseFlag) {
+ gName = gName.toLowerCase();
+ } else {
+ gName = gName.toUpperCase();
+ }
+ }
+ groups.add(gName);
+ }
+ }
+ }
+
+ if (groupSearchEnabled && groupUserMapSyncEnabled) {
+ LOG.info("groupSearch and groupUserMapSync are enabled, would search for groups and compute memberships");
+ groupSearchResultEnum = ldapContext
+ .search(groupSearchBase, extendedGroupSearchFilter,
+ new Object[]{userEntry.getNameInNamespace()},
+ groupSearchControls);
+ Set<String> computedGroups = new HashSet<String>();
+ while (groupSearchResultEnum.hasMore()) {
+ final SearchResult groupEntry = groupSearchResultEnum.next();
+ String gName = (String) groupEntry.getAttributes()
+ .get(groupNameAttribute).get();
+ if (groupNameCaseConversionFlag) {
+ if (groupNameLowerCaseFlag) {
+ gName = gName.toLowerCase();
+ } else {
+ gName = gName.toUpperCase();
+ }
+ }
+ computedGroups.add(gName);
+ }
+ if (LOG.isInfoEnabled()) {
+ LOG.info("computed groups for user: " + userName +", groups: " + computedGroups);
+ }
+ groups.addAll(computedGroups);
+ }
List<String> groupList = new ArrayList<String>(groups);
counter++;
@@ -275,14 +379,54 @@ public class LdapUserGroupBuilder implements UserGroupSource {
LOG.debug("No controls were sent from the server");
}
// Re-activate paged results
- ldapContext.setRequestControls(new Control[]{
- new PagedResultsControl(PAGE_SIZE, cookie, Control.CRITICAL) });
+ if (pagedResultsEnabled) {
+ ldapContext.setRequestControls(new Control[]{
+ new PagedResultsControl(PAGE_SIZE, cookie, Control.CRITICAL) });
+ }
} while (cookie != null);
LOG.info("LDAPUserGroupBuilder.updateSink() completed with user count: "
+ counter);
+
+ if (groupSearchEnabled && !groupUserMapSyncEnabled) {
+ if (LOG.isInfoEnabled()) {
+ LOG.info("groupSearch enabled and groupUserMapSync not enabled, "
+ + "would search for groups, would not compute memberships");
+ }
+ Set <String> groupNames = new HashSet<String>();
+ groupSearchResultEnum = ldapContext
+ .search(groupSearchBase, extendedAllGroupsSearchFilter,
+ groupSearchControls);
+
+ while (groupSearchResultEnum.hasMore()) {
+ final SearchResult groupEntry = groupSearchResultEnum.next();
+ String gName = (String) groupEntry.getAttributes()
+ .get(groupNameAttribute).get();
+ if (groupNameCaseConversionFlag) {
+ if (groupNameLowerCaseFlag) {
+ gName = gName.toLowerCase();
+ } else {
+ gName = gName.toUpperCase();
+ }
+ }
+ groupNames.add(gName);
+ }
+ if (LOG.isInfoEnabled()) {
+ LOG.info("found groups from ldap source: " + groupNames);
+ }
+
+ // TODO: push groupNames to ranger
+ // POST http://<IP>:6080/service/xusers/secure/groups create group
+ // PUT http://<IP>:6080/service/xusers/secure/groups/{id} update group
+ // sink.addOrUpdateUser(groupNames);
+
+ }
+
} finally {
- if (searchResultEnum != null) {
- searchResultEnum.close();
+ if (userSearchResultEnum != null) {
+ userSearchResultEnum.close();
+ }
+ if (groupSearchResultEnum != null) {
+ groupSearchResultEnum.close();
}
closeLdapContext();
}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/78cc53a1/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
----------------------------------------------------------------------
diff --git a/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java b/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
index 181b107..4dd8724 100644
--- a/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
+++ b/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java
@@ -85,37 +85,67 @@ public class UserGroupSyncConfig {
private static final String LGSYNC_LDAP_BIND_PASSWORD = "ldapGroupSync.ldapBindPassword";
private static final String LGSYNC_LDAP_AUTHENTICATION_MECHANISM = "ldapGroupSync.ldapAuthenticationMechanism";
-
- private static final String LGSYNC_USER_SEARCH_BASE = "ldapGroupSync.userSearchBase";
-
+ private static final String DEFAULT_AUTHENTICATION_MECHANISM = "simple";
+
+ private static final String LGSYNC_SEARCH_BASE = "ldapGroupSync.searchBase";
+
+ private static final String LGSYNC_USER_SEARCH_BASE = "ldapGroupSync.userSearchBase";
+
+ private static final String LGSYNC_USER_SEARCH_SCOPE = "ldapGroupSync.userSearchScope";
+
private static final String LGSYNC_USER_OBJECT_CLASS = "ldapGroupSync.userObjectClass";
+ private static final String DEFAULT_USER_OBJECT_CLASS = "person";
private static final String LGSYNC_USER_SEARCH_FILTER = "ldapGroupSync.userSearchFilter";
private static final String LGSYNC_USER_NAME_ATTRIBUTE = "ldapGroupSync.userNameAttribute";
+ private static final String DEFAULT_USER_NAME_ATTRIBUTE = "cn";
private static final String LGSYNC_USER_GROUP_NAME_ATTRIBUTE = "ldapGroupSync.userGroupNameAttribute";
-
- private static final String DEFAULT_AUTHENTICATION_MECHANISM = "simple";
-
- private static final String DEFAULT_USER_OBJECT_CLASS = "person";
-
- private static final String DEFAULT_USER_NAME_ATTRIBUTE = "cn";
+ private static final String DEFAULT_USER_GROUP_NAME_ATTRIBUTE = "memberof,ismemberof";
public static final String UGSYNC_NONE_CASE_CONVERSION_VALUE = "none" ;
public static final String UGSYNC_LOWER_CASE_CONVERSION_VALUE = "lower" ;
public static final String UGSYNC_UPPER_CASE_CONVERSION_VALUE = "upper" ;
private static final String UGSYNC_USERNAME_CASE_CONVERSION_PARAM = "ldapGroupSync.username.caseConversion" ;
+ private static final String DEFAULT_UGSYNC_USERNAME_CASE_CONVERSION_VALUE = UGSYNC_LOWER_CASE_CONVERSION_VALUE ;
+
private static final String UGSYNC_GROUPNAME_CASE_CONVERSION_PARAM = "ldapGroupSync.groupname.caseConversion" ;
-
- private static final String DEFAULT_UGSYNC_USERNAME_CASE_CONVERSION_VALUE = UGSYNC_LOWER_CASE_CONVERSION_VALUE ;
private static final String DEFAULT_UGSYNC_GROUPNAME_CASE_CONVERSION_VALUE = UGSYNC_LOWER_CASE_CONVERSION_VALUE ;
- private static final String DEFAULT_USER_GROUP_NAME_ATTRIBUTE = "memberof,ismemberof";
-
private static final String DEFAULT_USER_GROUP_TEXTFILE_DELIMITER = ",";
+ private static final String LGSYNC_PAGED_RESULTS_ENABLED = "ldapGroupSync.pagedResultsEnabled";
+ private static final boolean DEFAULT_LGSYNC_PAGED_RESULTS_ENABLED = true;
+
+ private static final String LGSYNC_PAGED_RESULTS_SIZE = "ldapGroupSync.pagedResultsSize";
+ private static final int DEFAULT_LGSYNC_PAGED_RESULTS_SIZE = 500;
+
+ // get groups only
+ private static final String LGSYNC_GROUP_SEARCH_ENABLED = "ldapGroupSync.groupSearchEnabled";
+ private static final boolean DEFAULT_LGSYNC_GROUP_SEARCH_ENABLED = false;
+
+ // get group -> user link, bosco
+ private static final String LGSYNC_GROUP_USER_MAP_SYNC_ENABLED = "ldapGroupSync.groupUserMapSyncEnabled";
+ private static final boolean DEFAULT_LGSYNC_GROUP_USER_MAP_SYNC_ENABLED = false;
+
+ // defaults to value of searchBase if searchBase is not null, else defaults to userSearchBase, bosco
+ private static final String LGSYNC_GROUP_SEARCH_BASE = "ldapGroupSync.groupSearchBase";
+
+ private static final String LGSYNC_GROUP_SEARCH_SCOPE = "ldapGroupSync.groupSearchScope";
+
+ private static final String LGSYNC_GROUP_OBJECT_CLASS = "ldapGroupSync.groupObjectClass";
+ private static final String DEFAULT_LGSYNC_GROUP_OBJECT_CLASS = "groupofnames";
+
+ private static final String LGSYNC_GROUP_SEARCH_FILTER = "ldapGroupSync.groupSearchFilter";
+
+ private static final String LGSYNC_GROUP_NAME_ATTRIBUTE = "ldapGroupSync.groupNameAttribute";
+ private static final String DEFAULT_LGSYNC_GROUP_NAME_ATTRIBUTE = "cn";
+
+ private static final String LGSYNC_GROUP_MEMBER_ATTRIBUTE_NAME = "ldapGroupSync.groupMemberAttributeName";
+ private static final String DEFAULT_LGSYNC_GROUP_MEMBER_ATTRIBUTE_NAME = "member";
+
private Properties prop = new Properties() ;
private static UserGroupSyncConfig me = null ;
@@ -333,6 +363,9 @@ public class UserGroupSyncConfig {
public String getUserSearchBase() throws Throwable {
String val = prop.getProperty(LGSYNC_USER_SEARCH_BASE);
+ if(val == null || val.trim().isEmpty()) {
+ val = getSearchBase();
+ }
if(val == null || val.trim().isEmpty()) {
throw new Exception(LGSYNC_USER_SEARCH_BASE + " for LdapGroupSync is not specified");
}
@@ -341,7 +374,7 @@ public class UserGroupSyncConfig {
public int getUserSearchScope() {
- String val = prop.getProperty(LGSYNC_USER_SEARCH_BASE);
+ String val = prop.getProperty(LGSYNC_USER_SEARCH_SCOPE);
if (val == null || val.trim().isEmpty()) {
return 2; //subtree scope
}
@@ -405,8 +438,114 @@ public class UserGroupSyncConfig {
String ret = prop.getProperty(UGSYNC_GROUPNAME_CASE_CONVERSION_PARAM, DEFAULT_UGSYNC_GROUPNAME_CASE_CONVERSION_VALUE) ;
return ret.trim().toLowerCase() ;
}
-
- public String getProperty(String aPropertyName) {
+
+ public String getSearchBase() {
+ return prop.getProperty(LGSYNC_SEARCH_BASE);
+ }
+
+ public boolean isPagedResultsEnabled() {
+ boolean pagedResultsEnabled;
+ String val = prop.getProperty(LGSYNC_PAGED_RESULTS_ENABLED);
+ if(val == null || val.trim().isEmpty()) {
+ pagedResultsEnabled = DEFAULT_LGSYNC_PAGED_RESULTS_ENABLED;
+ } else {
+ pagedResultsEnabled = Boolean.valueOf(val);
+ }
+ return pagedResultsEnabled;
+ }
+
+ public int getPagedResultsSize() {
+ int pagedResultsSize = DEFAULT_LGSYNC_PAGED_RESULTS_SIZE;
+ String val = prop.getProperty(LGSYNC_PAGED_RESULTS_SIZE);
+ if(val == null || val.trim().isEmpty()) {
+ pagedResultsSize = DEFAULT_LGSYNC_PAGED_RESULTS_SIZE;
+ } else {
+ pagedResultsSize = Integer.parseInt(val);
+ }
+ if (pagedResultsSize < 1) {
+ pagedResultsSize = DEFAULT_LGSYNC_PAGED_RESULTS_SIZE;
+ }
+ return pagedResultsSize;
+ }
+
+ public boolean isGroupSearchEnabled() {
+ boolean groupSearchEnabled;
+ String val = prop.getProperty(LGSYNC_GROUP_SEARCH_ENABLED);
+ if(val == null || val.trim().isEmpty()) {
+ groupSearchEnabled = DEFAULT_LGSYNC_GROUP_SEARCH_ENABLED;
+ } else {
+ groupSearchEnabled = Boolean.valueOf(val);
+ }
+ return groupSearchEnabled;
+ }
+
+ public boolean isGroupUserMapSyncEnabled() {
+ boolean groupUserMapSyncEnabled;
+ String val = prop.getProperty(LGSYNC_GROUP_USER_MAP_SYNC_ENABLED);
+ if(val == null || val.trim().isEmpty()) {
+ groupUserMapSyncEnabled = DEFAULT_LGSYNC_GROUP_USER_MAP_SYNC_ENABLED;
+ } else {
+ groupUserMapSyncEnabled = Boolean.valueOf(val);
+ }
+ return groupUserMapSyncEnabled;
+ }
+
+ public String getGroupSearchBase() throws Throwable {
+ String val = prop.getProperty(LGSYNC_GROUP_SEARCH_BASE);
+ if(val == null || val.trim().isEmpty()) {
+ val = getSearchBase();
+ }
+ if(val == null || val.trim().isEmpty()) {
+ val = getUserSearchBase();
+ }
+ return val;
+ }
+
+ public int getGroupSearchScope() {
+ String val = prop.getProperty(LGSYNC_GROUP_SEARCH_SCOPE);
+ if (val == null || val.trim().isEmpty()) {
+ return 2; //subtree scope
+ }
+
+ val = val.trim().toLowerCase();
+ if (val.equals("0") || val.startsWith("base")) {
+ return 0; // object scope
+ } else if (val.equals("1") || val.startsWith("one")) {
+ return 1; // one level scope
+ } else {
+ return 2; // subtree scope
+ }
+ }
+
+ public String getGroupObjectClass() {
+ String val = prop.getProperty(LGSYNC_GROUP_OBJECT_CLASS);
+ if (val == null || val.trim().isEmpty()) {
+ return DEFAULT_LGSYNC_GROUP_OBJECT_CLASS;
+ }
+ return val;
+ }
+
+ public String getGroupSearchFilter() {
+ return prop.getProperty(LGSYNC_GROUP_SEARCH_FILTER);
+ }
+
+ public String getUserGroupMemberAttributeName() {
+ String val = prop.getProperty(LGSYNC_GROUP_MEMBER_ATTRIBUTE_NAME);
+ if (val == null || val.trim().isEmpty()) {
+ return DEFAULT_LGSYNC_GROUP_MEMBER_ATTRIBUTE_NAME;
+ }
+ return val;
+ }
+
+ public String getGroupNameAttribute() {
+ String val = prop.getProperty(LGSYNC_GROUP_NAME_ATTRIBUTE);
+ if (val == null || val.trim().isEmpty()) {
+ return DEFAULT_LGSYNC_GROUP_NAME_ATTRIBUTE;
+ }
+ return val;
+ }
+
+ public String getProperty(String aPropertyName) {
return prop.getProperty(aPropertyName) ;
}