You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Mark Teegarden <MX...@akc.org> on 2002/03/26 15:46:21 UTC

JNDI Realm getRoles by group Membership attribute

Okay, I'm doing this a little backwards, but I think this should work. I'm trying to figure out what roles a user has by querying the attribute list for groupMembership for the authenticated user. I know that the demonstrated method is to query the names of all the groups that a user is a member. But due to various limitations with that scheme I have to query the groups from a user entry in our directory instead.

So my filter looks like this:
(&(objectClass=person)(mail={1}@akc.org))


This could work great, but I have to make a change to getRoles in JNDIRealm to get it there. getRoles is coded to return only the first attribute, so currently I only get the first role in the list and not the 14 or 15 roles that folks belong to. Is there any reason we can't change it to walk the whole list of attributes (roles in this case) when there is more than one?

so instead of this while loop, it would use the following proposed code.
/**** Current code ****/
        while (results.hasMore()) {
            SearchResult result = (SearchResult) results.next();
            Attributes attrs = result.getAttributes();
            if (attrs == null)
                continue;
            Attribute attr = attrs.get(roleName[0]);
            if (attr != null) {
                String role = (String) attr.get();
                if (debug >= 3)
                    log("  Found role '" + role + "'");
                list.add(role);
            }
        }

/**** Proposed Code ***/
        while (results.hasMore()) {
            SearchResult result = (SearchResult) results.next();
            Attributes attrs = result.getAttributes();
            if (attrs == null)
                continue;
            Attribute attr = attrs.get(roleName[0]);
            if (attr != null) {
            	// MXT 2-13-2002 Add enumeration & while to loop through all roles.
              NamingEnumeration rolesList = attr.getAll();
              while (rolesList.hasMore())
              {
                // String role = (String) attr.get();
                String role = (String) rolesList.next();
                if (debug >= 3)
                    log("  Found role '" + role + "'");
                list.add(role);
              }
            }
        }



--
To unsubscribe:   <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>