You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@karaf.apache.org by jb...@apache.org on 2018/02/07 10:07:09 UTC
[karaf] branch karaf-4.1.x updated: [KARAF-4496] Add
lookupUser(username) method in JAAS backing engines
This is an automated email from the ASF dual-hosted git repository.
jbonofre pushed a commit to branch karaf-4.1.x
in repository https://gitbox.apache.org/repos/asf/karaf.git
The following commit(s) were added to refs/heads/karaf-4.1.x by this push:
new 1681c35 [KARAF-4496] Add lookupUser(username) method in JAAS backing engines
1681c35 is described below
commit 1681c35e5286388bd0dd92de657abc2617857a5d
Author: Jean-Baptiste Onofré <jb...@apache.org>
AuthorDate: Wed Feb 7 09:43:24 2018 +0100
[KARAF-4496] Add lookupUser(username) method in JAAS backing engines
---
.../apache/karaf/jaas/modules/BackingEngine.java | 8 +++++
.../karaf/jaas/modules/jdbc/JDBCBackingEngine.java | 16 +++++++++
.../karaf/jaas/modules/ldap/LDAPBackingEngine.java | 31 +++++++++++++++++
.../properties/PropertiesBackingEngine.java | 10 ++++++
.../modules/publickey/PublickeyBackingEngine.java | 10 ++++++
.../jaas/modules/syncope/SyncopeBackingEngine.java | 39 ++++++++++++++++++++++
.../jaas/modules/jdbc/JdbcLoginModuleTest.java | 4 +++
7 files changed, 118 insertions(+)
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/BackingEngine.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/BackingEngine.java
index f0aa084..2ec1f46 100644
--- a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/BackingEngine.java
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/BackingEngine.java
@@ -49,6 +49,14 @@ public interface BackingEngine {
List<UserPrincipal> listUsers();
/**
+ * Retrieve the {@link UserPrincipal} corresponding to an username, or {@code null} if user doesn't exist.
+ *
+ * @param username The username.
+ * @return The {@link UserPrincipal} or {@code null}.
+ */
+ UserPrincipal lookupUser(String username);
+
+ /**
* List groups that a user is member of.
*
* @param user the {@link UserPrincipal}.
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/jdbc/JDBCBackingEngine.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/jdbc/JDBCBackingEngine.java
index db0a8e8..f2011f1 100644
--- a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/jdbc/JDBCBackingEngine.java
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/jdbc/JDBCBackingEngine.java
@@ -49,6 +49,7 @@ public class JDBCBackingEngine implements BackingEngine {
private String deleteAllUserRolesStatement = "DELETE FROM ROLES WHERE USERNAME=?";
private String deleteUserStatement = "DELETE FROM USERS WHERE USERNAME=?";
private String selectUsersQuery = "SELECT USERNAME FROM USERS";
+ private String selectUserQuery = "SELECT USERNAME FROM USERS WHERE USERNAME=?";
private String selectRolesQuery = "SELECT ROLE FROM ROLES WHERE USERNAME=?";
public JDBCBackingEngine(DataSource dataSource) {
@@ -129,6 +130,21 @@ public class JDBCBackingEngine implements BackingEngine {
}
}
+ @Override
+ public UserPrincipal lookupUser(String username) {
+ try {
+ try (Connection connection = dataSource.getConnection()) {
+ List<String> names = rawSelect(connection, selectUserQuery, username);
+ if (names.size() == 0) {
+ return null;
+ }
+ return new UserPrincipal(username);
+ }
+ } catch (SQLException e) {
+ throw new RuntimeException("Error getting user", e);
+ }
+ }
+
/**
* List the roles of the <code>principal</code>.
*
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPBackingEngine.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPBackingEngine.java
index 5bd3072..8f82839 100644
--- a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPBackingEngine.java
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/ldap/LDAPBackingEngine.java
@@ -64,6 +64,37 @@ public class LDAPBackingEngine implements BackingEngine {
}
@Override
+ public UserPrincipal lookupUser(String username) {
+ DirContext context = null;
+ try {
+ context = cache.open();
+
+ SearchControls controls = new SearchControls();
+ if (options.getUserSearchSubtree()) {
+ controls.setSearchScope(SearchControls.SUBTREE_SCOPE);
+ } else {
+ controls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
+ }
+
+ String filter = options.getUserFilter();
+ filter = filter.replaceAll(Pattern.quote("%u"), username);
+ filter = filter.replace("\\", "\\\\");
+
+ LOGGER.debug("Looking for user {} in LDAP with", username);
+ LOGGER.debug(" base DN: {}", options.getUserBaseDn());
+ LOGGER.debug(" filter: {}", filter);
+
+ NamingEnumeration<SearchResult> namingEnumeration = context.search(options.getUserBaseDn(), filter, controls);
+ if (namingEnumeration.hasMore()) {
+ return new UserPrincipal(username);
+ }
+ } catch (NamingException e) {
+ throw new RuntimeException(e);
+ }
+ return null;
+ }
+
+ @Override
public List<UserPrincipal> listUsers() {
DirContext context = null;
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesBackingEngine.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesBackingEngine.java
index 77e9e2e..43c6730 100644
--- a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesBackingEngine.java
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/properties/PropertiesBackingEngine.java
@@ -127,6 +127,16 @@ public class PropertiesBackingEngine implements BackingEngine {
}
@Override
+ public UserPrincipal lookupUser(String username) {
+ for (UserPrincipal userPrincipal : listUsers()) {
+ if (userPrincipal.getName().equals(username)) {
+ return userPrincipal;
+ }
+ }
+ return null;
+ }
+
+ @Override
public List<RolePrincipal> listRoles(Principal principal) {
String userName = principal.getName();
if (principal instanceof GroupPrincipal) {
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyBackingEngine.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyBackingEngine.java
index cc5c079..afb3493 100644
--- a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyBackingEngine.java
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/publickey/PublickeyBackingEngine.java
@@ -110,6 +110,16 @@ public class PublickeyBackingEngine implements BackingEngine {
}
@Override
+ public UserPrincipal lookupUser(String username) {
+ for (UserPrincipal userPrincipal : listUsers()) {
+ if (userPrincipal.getName().equals(username)) {
+ return userPrincipal;
+ }
+ }
+ return null;
+ }
+
+ @Override
public List<RolePrincipal> listRoles(Principal principal) {
String userName = principal.getName();
if (principal instanceof GroupPrincipal) {
diff --git a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/syncope/SyncopeBackingEngine.java b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/syncope/SyncopeBackingEngine.java
index 2da4acd..af508c8 100644
--- a/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/syncope/SyncopeBackingEngine.java
+++ b/jaas/modules/src/main/java/org/apache/karaf/jaas/modules/syncope/SyncopeBackingEngine.java
@@ -187,6 +187,45 @@ public class SyncopeBackingEngine implements BackingEngine {
return users;
}
+ @Override
+ public UserPrincipal lookupUser(String username) {
+ if (version2) {
+ return lookupUserSyncope2(username);
+ } else {
+ return lookupUserSyncope1(username);
+ }
+ }
+
+ private UserPrincipal lookupUserSyncope1(String username) {
+ HttpGet request = new HttpGet(address + "/users?username=" + username);
+ request.setHeader("Content-Type", "application/xml");
+ try {
+ HttpResponse response = client.execute(request);
+ String responseTO = EntityUtils.toString(response.getEntity());
+ if (responseTO != null && !responseTO.isEmpty()) {
+ return new UserPrincipal(username);
+ }
+ } catch (Exception e) {
+ throw new RuntimeException("Error getting user", e);
+ }
+ return null;
+ }
+
+ private UserPrincipal lookupUserSyncope2(String username) {
+ HttpGet request = new HttpGet(address + "/users/" + username);
+ request.setHeader("Content-Type", "application/json");
+ try {
+ HttpResponse httpResponse = client.execute(request);
+ String response = EntityUtils.toString(httpResponse.getEntity());
+ if (response != null && !response.isEmpty()) {
+ return new UserPrincipal(username);
+ }
+ } catch (Exception e) {
+ throw new RuntimeException("Error getting user", e);
+ }
+ return null;
+ }
+
public List<RolePrincipal> listRoles(Principal principal) {
if (version2) {
return listRolesSyncope2(principal);
diff --git a/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/jdbc/JdbcLoginModuleTest.java b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/jdbc/JdbcLoginModuleTest.java
index 7fe9a7f..37d1c2f 100644
--- a/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/jdbc/JdbcLoginModuleTest.java
+++ b/jaas/modules/src/test/java/org/apache/karaf/jaas/modules/jdbc/JdbcLoginModuleTest.java
@@ -43,6 +43,7 @@ import org.osgi.framework.ServiceReference;
import static org.easymock.EasyMock.expect;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
public class JdbcLoginModuleTest {
@@ -161,6 +162,9 @@ public class JdbcLoginModuleTest {
assertTrue(engine.listRoles(new GroupPrincipal("group1")).isEmpty());
assertTrue(engine.listGroups(new UserPrincipal("abc")).isEmpty());
+ assertNotNull(engine.lookupUser("abc"));
+ assertEquals("abc", engine.lookupUser("abc").getName());
+
engine.addRole("abc", "role1");
assertTrue(engine.listUsers().contains(new UserPrincipal("abc")));
--
To stop receiving notification emails like this one, please contact
jbonofre@apache.org.