You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by jb...@apache.org on 2015/04/28 09:13:52 UTC
[1/2] cxf git commit: [CXF-6372] Distinct claim values (if no
delimiter is set)
Repository: cxf
Updated Branches:
refs/heads/master e00159949 -> af100a919
[CXF-6372] Distinct claim values (if no delimiter is set)
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/39ac2b4e
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/39ac2b4e
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/39ac2b4e
Branch: refs/heads/master
Commit: 39ac2b4eb848be0142d4f3e3da2bb6eb00ea55e5
Parents: e001599
Author: Jan Bernhardt <jb...@talend.com>
Authored: Tue Apr 28 06:49:37 2015 +0200
Committer: Jan Bernhardt <jb...@talend.com>
Committed: Tue Apr 28 08:58:55 2015 +0200
----------------------------------------------------------------------
.../apache/cxf/sts/claims/LdapClaimsHandler.java | 19 +++++++++++--------
1 file changed, 11 insertions(+), 8 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/39ac2b4e/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapClaimsHandler.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapClaimsHandler.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapClaimsHandler.java
index 9572edc..5c2c7fa 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapClaimsHandler.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapClaimsHandler.java
@@ -52,7 +52,7 @@ public class LdapClaimsHandler implements ClaimsHandler, RealmSupport {
private Map<String, String> claimMapping;
private String userBaseDn;
private List<String> userBaseDNs;
- private String delimiter = ";";
+ private String delimiter;
private boolean x500FilterEnabled = true;
private String objectClass = "person";
private String userNameAttribute = "cn";
@@ -240,7 +240,6 @@ public class LdapClaimsHandler implements ClaimsHandler, RealmSupport {
c.setClaimType(claimType);
c.setPrincipal(principal);
- StringBuilder claimValue = new StringBuilder();
try {
NamingEnumeration<?> list = (NamingEnumeration<?>)attr.getAll();
while (list.hasMore()) {
@@ -257,9 +256,16 @@ public class LdapClaimsHandler implements ClaimsHandler, RealmSupport {
//Ignore, not X500 compliant thus use the whole string as the value
}
}
- claimValue.append(itemValue);
- if (list.hasMore()) {
- claimValue.append(this.getDelimiter());
+ if (delimiter != null) {
+ StringBuilder claimValue = new StringBuilder();
+ claimValue.append(itemValue);
+ if (list.hasMore()) {
+ claimValue.append(this.getDelimiter());
+ } else if (claimValue.length() > 0) {
+ c.addValue(claimValue.toString());
+ }
+ } else {
+ c.addValue(itemValue);
}
} else if (obj instanceof byte[]) {
// Just store byte[]
@@ -274,9 +280,6 @@ public class LdapClaimsHandler implements ClaimsHandler, RealmSupport {
LOG.warning("Failed to read value of LDAP attribute '" + ldapAttribute + "'");
}
- if (claimValue.length() > 0) {
- c.addValue(claimValue.toString());
- }
// c.setIssuer(issuer);
// c.setOriginalIssuer(originalIssuer);
// c.setNamespace(namespace);
[2/2] cxf git commit: LdapClaimsHandler code refactoring
Posted by jb...@apache.org.
LdapClaimsHandler code refactoring
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/af100a91
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/af100a91
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/af100a91
Branch: refs/heads/master
Commit: af100a919178b0938fcc04d9c8d1dd1269e351b9
Parents: 39ac2b4
Author: Jan Bernhardt <jb...@talend.com>
Authored: Tue Apr 28 07:11:23 2015 +0200
Committer: Jan Bernhardt <jb...@talend.com>
Committed: Tue Apr 28 08:58:57 2015 +0200
----------------------------------------------------------------------
.../cxf/sts/claims/LdapClaimsHandler.java | 111 ++++++++++---------
1 file changed, 59 insertions(+), 52 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf/blob/af100a91/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapClaimsHandler.java
----------------------------------------------------------------------
diff --git a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapClaimsHandler.java b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapClaimsHandler.java
index 5c2c7fa..65593f8 100644
--- a/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapClaimsHandler.java
+++ b/services/sts/sts-core/src/main/java/org/apache/cxf/sts/claims/LdapClaimsHandler.java
@@ -228,58 +228,8 @@ public class LdapClaimsHandler implements ClaimsHandler, RealmSupport {
ProcessedClaimCollection claimsColl = new ProcessedClaimCollection();
for (Claim claim : claims) {
- URI claimType = claim.getClaimType();
- String ldapAttribute = getClaimsLdapAttributeMapping().get(claimType.toString());
- Attribute attr = ldapAttributes.get(ldapAttribute);
- if (attr == null) {
- if (LOG.isLoggable(Level.FINEST)) {
- LOG.finest("Claim '" + claim.getClaimType() + "' is null");
- }
- } else {
- ProcessedClaim c = new ProcessedClaim();
- c.setClaimType(claimType);
- c.setPrincipal(principal);
-
- try {
- NamingEnumeration<?> list = (NamingEnumeration<?>)attr.getAll();
- while (list.hasMore()) {
- Object obj = list.next();
- if (obj instanceof String) {
- String itemValue = (String)obj;
- if (this.isX500FilterEnabled()) {
- try {
- X500Principal x500p = new X500Principal(itemValue);
- itemValue = x500p.getName();
- int index = itemValue.indexOf('=');
- itemValue = itemValue.substring(index + 1, itemValue.indexOf(',', index));
- } catch (Throwable ex) {
- //Ignore, not X500 compliant thus use the whole string as the value
- }
- }
- if (delimiter != null) {
- StringBuilder claimValue = new StringBuilder();
- claimValue.append(itemValue);
- if (list.hasMore()) {
- claimValue.append(this.getDelimiter());
- } else if (claimValue.length() > 0) {
- c.addValue(claimValue.toString());
- }
- } else {
- c.addValue(itemValue);
- }
- } else if (obj instanceof byte[]) {
- // Just store byte[]
- c.addValue(obj);
- } else {
- LOG.warning("LDAP attribute '" + ldapAttribute
- + "' has got an unsupported value type");
- break;
- }
- }
- } catch (NamingException ex) {
- LOG.warning("Failed to read value of LDAP attribute '" + ldapAttribute + "'");
- }
-
+ ProcessedClaim c = processClaim(claim, ldapAttributes, principal);
+ if (c != null) {
// c.setIssuer(issuer);
// c.setOriginalIssuer(originalIssuer);
// c.setNamespace(namespace);
@@ -290,6 +240,63 @@ public class LdapClaimsHandler implements ClaimsHandler, RealmSupport {
return claimsColl;
}
+ protected ProcessedClaim processClaim(Claim claim, Map<String, Attribute> ldapAttributes, Principal principal) {
+ URI claimType = claim.getClaimType();
+ String ldapAttribute = getClaimsLdapAttributeMapping().get(claimType.toString());
+ Attribute attr = ldapAttributes.get(ldapAttribute);
+ if (attr == null) {
+ if (LOG.isLoggable(Level.FINEST)) {
+ LOG.finest("Claim '" + claim.getClaimType() + "' is null");
+ }
+ return null;
+ }
+
+ ProcessedClaim c = new ProcessedClaim();
+ c.setClaimType(claimType);
+ c.setPrincipal(principal);
+
+ try {
+ NamingEnumeration<?> list = (NamingEnumeration<?>)attr.getAll();
+ while (list.hasMore()) {
+ Object obj = list.next();
+ if (obj instanceof String) {
+ String itemValue = (String)obj;
+ if (this.isX500FilterEnabled()) {
+ try {
+ X500Principal x500p = new X500Principal(itemValue);
+ itemValue = x500p.getName();
+ int index = itemValue.indexOf('=');
+ itemValue = itemValue.substring(index + 1, itemValue.indexOf(',', index));
+ } catch (Throwable ex) {
+ //Ignore, not X500 compliant thus use the whole string as the value
+ }
+ }
+ if (delimiter != null) {
+ StringBuilder claimValue = new StringBuilder();
+ claimValue.append(itemValue);
+ if (list.hasMore()) {
+ claimValue.append(this.getDelimiter());
+ } else if (claimValue.length() > 0) {
+ c.addValue(claimValue.toString());
+ }
+ } else {
+ c.addValue(itemValue);
+ }
+ } else if (obj instanceof byte[]) {
+ // Just store byte[]
+ c.addValue(obj);
+ } else {
+ LOG.warning("LDAP attribute '" + ldapAttribute
+ + "' has got an unsupported value type");
+ break;
+ }
+ }
+ } catch (NamingException ex) {
+ LOG.warning("Failed to read value of LDAP attribute '" + ldapAttribute + "'");
+ }
+ return c;
+ }
+
@Override
public List<String> getSupportedRealms() {
return supportedRealms;