You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by no...@apache.org on 2010/06/19 17:56:47 UTC
svn commit: r956244 -
/james/server/trunk/user-function/src/main/java/org/apache/james/userrepository/ReadOnlyUsersLDAPRepository.java
Author: norman
Date: Sat Jun 19 15:56:47 2010
New Revision: 956244
URL: http://svn.apache.org/viewvc?rev=956244&view=rev
Log:
Use SearchCriteria when searching in ldap tree. This prevent a NPE in Active Directory (JAMES-1020). Thanks to Jeff Huff for this patch!
Modified:
james/server/trunk/user-function/src/main/java/org/apache/james/userrepository/ReadOnlyUsersLDAPRepository.java
Modified: james/server/trunk/user-function/src/main/java/org/apache/james/userrepository/ReadOnlyUsersLDAPRepository.java
URL: http://svn.apache.org/viewvc/james/server/trunk/user-function/src/main/java/org/apache/james/userrepository/ReadOnlyUsersLDAPRepository.java?rev=956244&r1=956243&r2=956244&view=diff
==============================================================================
--- james/server/trunk/user-function/src/main/java/org/apache/james/userrepository/ReadOnlyUsersLDAPRepository.java (original)
+++ james/server/trunk/user-function/src/main/java/org/apache/james/userrepository/ReadOnlyUsersLDAPRepository.java Sat Jun 19 15:56:47 2010
@@ -33,6 +33,8 @@ import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
+import javax.naming.directory.SearchControls;
+import javax.naming.directory.SearchResult;
import org.apache.commons.configuration.ConfigurationException;
import org.apache.commons.configuration.HierarchicalConfiguration;
@@ -74,6 +76,7 @@ import org.apache.james.lifecycle.LogEna
* credentials="password"
* userBase="ou=People,o=myorg.com,ou=system"
* userIdAttribute="uid"/>
+ * userObjectClass="inetOrgPerson"/>
* </users-store>
* </pre>
*
@@ -94,6 +97,11 @@ import org.apache.james.lifecycle.LogEna
* <b>userIdAttribute:</b>The name of the LDAP attribute which holds user ids.
* For example "uid" for Apache DS, or "sAMAccountName" for
* Microsoft Active Directory.</li>
+ * <li>
+ * <b>userObjectClass:</b>The objectClass value for user nodes below the userBase.
+ * For example "inetOrgPerson" for Apache DS, or "user" for
+ * Microsoft Active Directory.
+ * </li>
* </ul>
* </p>
*
@@ -150,6 +158,15 @@ public class ReadOnlyUsersLDAPRepository
* </p>
*/
private String userIdAttribute;
+
+ /**
+ * <p>
+ * The value of this field is taken from the configuration attribute
+ * "userObjectClass". This is the LDAP object class to use
+ * in the search filter for user nodes under the userBase value.
+ * </p>
+ */
+ private String userObjectClass;
/**
* <p>
@@ -215,6 +232,7 @@ public class ReadOnlyUsersLDAPRepository
credentials = configuration.getString("[@credentials]");
userBase = configuration.getString("[@userBase]");
userIdAttribute = configuration.getString("[@userIdAttribute]");
+ userObjectClass = configuration.getString("[@userObjectClass]");
restriction = new ReadOnlyLDAPGroupRestriction(configuration.configurationAt("restriction"));
@@ -295,12 +313,15 @@ public class ReadOnlyUsersLDAPRepository
*/
private Set<String> getAllUsersFromLDAP() throws NamingException {
Set<String> result = new HashSet<String>();
- NamingEnumeration<?> boundNames = ldapConnection.getLdapContext().list(userBase);
- NameClassPair elementInfo;
- while (boundNames.hasMore()) {
- elementInfo = (NameClassPair) boundNames.next();
- result.add(elementInfo.getNameInNamespace());
+ SearchControls sc = new SearchControls ();
+ sc.setSearchScope (SearchControls.SUBTREE_SCOPE);
+ sc.setReturningAttributes (new String[] { "distinguishedName" });
+ NamingEnumeration <SearchResult> sr = ldapConnection.getLdapContext ().search (userBase, "(objectClass=" + userObjectClass + ")", sc);
+ while(sr.hasMore ())
+ {
+ SearchResult r = sr.next ();
+ result.add (r.getNameInNamespace ());
}
return result;
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org