You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@manifoldcf.apache.org by kw...@apache.org on 2011/05/09 14:30:19 UTC
svn commit: r1100987 - in /incubator/lcf/trunk: ./
connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/
Author: kwright
Date: Mon May 9 12:30:18 2011
New Revision: 1100987
URL: http://svn.apache.org/viewvc?rev=1100987&view=rev
Log:
Fix for CONNECTORS-197.
Modified:
incubator/lcf/trunk/CHANGES.txt
incubator/lcf/trunk/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryAuthority.java
incubator/lcf/trunk/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryConfig.java
Modified: incubator/lcf/trunk/CHANGES.txt
URL: http://svn.apache.org/viewvc/incubator/lcf/trunk/CHANGES.txt?rev=1100987&r1=1100986&r2=1100987&view=diff
==============================================================================
--- incubator/lcf/trunk/CHANGES.txt (original)
+++ incubator/lcf/trunk/CHANGES.txt Mon May 9 12:30:18 2011
@@ -3,6 +3,10 @@ $Id$
======================= 0.3-dev =========================
+CONNECTORS-197: Add a switch that allows user to select which AD
+attribute to use for login name.
+(Shinichiro Abe, Karl Wright)
+
CONNECTORS-198: Update rat-sources ant target to exclude
test-output-postgresql folders.
(Karl Wright)
Modified: incubator/lcf/trunk/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryAuthority.java
URL: http://svn.apache.org/viewvc/incubator/lcf/trunk/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryAuthority.java?rev=1100987&r1=1100986&r2=1100987&view=diff
==============================================================================
--- incubator/lcf/trunk/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryAuthority.java (original)
+++ incubator/lcf/trunk/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryAuthority.java Mon May 9 12:30:18 2011
@@ -45,6 +45,7 @@ public class ActiveDirectoryAuthority ex
private String userName = null;
private String password = null;
private String authentication = null;
+ private String userACLsUsername = null;
/** Cache manager. */
private ICacheManager cacheManager = null;
@@ -64,7 +65,7 @@ public class ActiveDirectoryAuthority ex
AuthorizationResponse.RESPONSE_UNREACHABLE);
private static final AuthorizationResponse userNotFoundResponse = new AuthorizationResponse(new String[]{globalDenyToken},
AuthorizationResponse.RESPONSE_USERNOTFOUND);
-
+
/** Constructor.
*/
public ActiveDirectoryAuthority()
@@ -100,6 +101,9 @@ public class ActiveDirectoryAuthority ex
userName = configParams.getParameter(ActiveDirectoryConfig.PARAM_USERNAME);
password = configParams.getObfuscatedParameter(ActiveDirectoryConfig.PARAM_PASSWORD);
authentication = configParams.getParameter(ActiveDirectoryConfig.PARAM_AUTHENTICATION);
+ userACLsUsername = configParams.getParameter(ActiveDirectoryConfig.PARAM_USERACLsUSERNAME);
+ if (userACLsUsername == null)
+ userACLsUsername = "sAMAccountName";
}
// All methods below this line will ONLY be called if a connect() call succeeded
@@ -152,6 +156,7 @@ public class ActiveDirectoryAuthority ex
userName = null;
password = null;
authentication = null;
+ userACLsUsername = null;
super.disconnect();
}
@@ -378,6 +383,9 @@ public class ActiveDirectoryAuthority ex
String authentication = parameters.getParameter(org.apache.manifoldcf.authorities.authorities.activedirectory.ActiveDirectoryConfig.PARAM_AUTHENTICATION);
if (authentication == null)
authentication = "DIGEST-MD5 GSSAPI";
+ String userACLsUsername = parameters.getParameter(org.apache.manifoldcf.authorities.authorities.activedirectory.ActiveDirectoryConfig.PARAM_USERACLsUSERNAME);
+ if (userACLsUsername == null)
+ userACLsUsername = "sAMAccountName";
// The "Domain Controller" tab
if (tabName.equals("Domain Controller"))
@@ -401,6 +409,15 @@ public class ActiveDirectoryAuthority ex
" <td class=\"description\"><nobr>Authentication:</nobr></td>\n"+
" <td class=\"value\"><input type=\"text\" size=\"32\" name=\"authentication\" value=\""+org.apache.manifoldcf.ui.util.Encoder.attributeEscape(authentication)+"\"/></td>\n"+
" </tr>\n"+
+" <tr>\n"+
+" <td class=\"description\"><nobr>Login name AD attribute:</nobr></td>\n"+
+" <td class=\"value\">\n"+
+" <select name=\"userACLsUsername\">\n"+
+" <option value=\"sAMAccountName\""+(userACLsUsername.equals("sAMAccountName")?" selected=\"true\"":"")+">sAMAccountName</option>\n"+
+" <option value=\"userPrincipalName\""+(userACLsUsername.equals("userPrincipalName")?" selected=\"true\"":"")+">userPrincipalName</option>\n"+
+" </select>\n"+
+" </td>\n"+
+" </tr>\n"+
"</table>\n"
);
}
@@ -440,6 +457,9 @@ public class ActiveDirectoryAuthority ex
String authentication = variableContext.getParameter("authentication");
if (authentication != null)
parameters.setParameter(org.apache.manifoldcf.authorities.authorities.activedirectory.ActiveDirectoryConfig.PARAM_AUTHENTICATION,authentication);
+ String userACLsUsername = variableContext.getParameter("userACLsUsername");
+ if (userACLsUsername != null)
+ parameters.setParameter(org.apache.manifoldcf.authorities.authorities.activedirectory.ActiveDirectoryConfig.PARAM_USERACLsUSERNAME,userACLsUsername);
return null;
}
@@ -569,7 +589,10 @@ public class ActiveDirectoryAuthority ex
throw new ManifoldCFException("Username is in unexpected form (no @): '"+userName+"'");
String userPart = userName.substring(0,index);
String domainPart = userName.substring(index+1);
-
+ if (userACLsUsername.equals("userPrincipalName")){
+ userPart = userName;
+ }
+
//Build the DN searchBase from domain part
StringBuffer domainsb = new StringBuffer();
int j = 0;
@@ -605,7 +628,7 @@ public class ActiveDirectoryAuthority ex
{
getSession();
String returnedAtts[] = {"distinguishedName"};
- String searchFilter = "(&(objectClass=user)(sAMAccountName=" + userName + "))";
+ String searchFilter = "(&(objectClass=user)(" + userACLsUsername + "=" + userName + "))";
SearchControls searchCtls = new SearchControls();
searchCtls.setReturningAttributes(returnedAtts);
//Specify the search scope
Modified: incubator/lcf/trunk/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryConfig.java
URL: http://svn.apache.org/viewvc/incubator/lcf/trunk/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryConfig.java?rev=1100987&r1=1100986&r2=1100987&view=diff
==============================================================================
--- incubator/lcf/trunk/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryConfig.java (original)
+++ incubator/lcf/trunk/connectors/activedirectory/connector/src/main/java/org/apache/manifoldcf/authorities/authorities/activedirectory/ActiveDirectoryConfig.java Mon May 9 12:30:18 2011
@@ -35,6 +35,7 @@ public class ActiveDirectoryConfig
public static final String PARAM_PASSWORD = "Password";
/** Authentication */
public static final String PARAM_AUTHENTICATION = "Authentication";
-
+ /** UserACLs username attribute */
+ public static final String PARAM_USERACLsUSERNAME = "UserACLs username attribute";
}