Apache
/
archiva-redback-core
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

baseDn can be different from groups dn 

git-svn-id: https://svn.apache.org/repos/asf/archiva/redback/redback-core/trunk@1428586 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Olivier Lamy 2013-01-03 20:50:23 +00:00
parent 520d2a5353
commit 3baf51d440
4 changed files with 195 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
redback-rbac/redback-rbac-providers/redback-rbac-ldap/src/main/java/org/apache/archiva/redback/rbac/ldap/DefaultLdapRoleMapper.java
View File

@ -69,12 +69,16 @@ public class DefaultLdapRoleMapper
private String groupsDn;
private String baseDn;
@PostConstruct
public void initialize()
{
this.ldapGroupClass = userConf.getString( UserConfigurationKeys.LDAP_GROUPS_CLASS, this.ldapGroupClass );
this.groupsDn = userConf.getString( UserConfigurationKeys.LDAP_GROUPS_BASEDN, this.groupsDn );
this.baseDn = userConf.getString( UserConfigurationKeys.LDAP_BASEDN, this.baseDn );
}
public String getLdapGroup( String role )
@ -225,6 +229,7 @@ public class DefaultLdapRoleMapper
throws MappingException
{
// TODO caching and a filter with uid
List<String> allGroups = getAllGroups();
List<String> userGroups = new ArrayList<String>();
for ( String group : allGroups )
@ -236,6 +241,81 @@ public class DefaultLdapRoleMapper
}
}
return userGroups;
/*
List<String> userGroups = new ArrayList<String>();
LdapConnection ldapConnection = null;
NamingEnumeration<SearchResult> namingEnumeration = null;
try
{
ldapConnection = ldapConnectionFactory.getConnection();
DirContext context = ldapConnection.getDirContext();
SearchControls searchControls = new SearchControls();
searchControls.setDerefLinkFlag( true );
searchControls.setSearchScope( SearchControls.SUBTREE_SCOPE );
//String filter =
// "(&(objectClass=" + getLdapGroupClass() + ") (uniquemember=uid" + username + "," + this.getGroupsDn()
// + "))";
String filter =
new StringBuilder().append( "(&" ).append( "(objectClass=" + getLdapGroupClass() + ")" ).append(
"(uniquemember=" ).append( "uid=" + username + "," + this.getBaseDn() ).append( ")" ).append(
")" ).toString();
namingEnumeration = context.search( getGroupsDn(), filter, searchControls );
List<String> allMembers = new ArrayList<String>();
while ( namingEnumeration.hasMore() )
{
SearchResult searchResult = namingEnumeration.next();
Attribute uniqueMemberAttr = searchResult.getAttributes().get( "uniquemember" );
if ( uniqueMemberAttr != null )
{
NamingEnumeration<String> allMembersEnum = (NamingEnumeration<String>) uniqueMemberAttr.getAll();
while ( allMembersEnum.hasMore() )
{
String userName = allMembersEnum.next();
// uid=blabla we only want bla bla
userName = StringUtils.substringAfter( userName, "=" );
userName = StringUtils.substringBefore( userName, "," );
//log.debug( "found group for username {}: '{}", group, userName );
allMembers.add( userName );
}
close( allMembersEnum );
}
}
return userGroups;
}
catch ( LdapException e )
{
throw new MappingException( e.getMessage(), e );
}
catch ( NamingException e )
{
throw new MappingException( e.getMessage(), e );
}
finally
{
if ( ldapConnection != null )
{
ldapConnection.close();
}
close( namingEnumeration );
}
*/
}
private void close( NamingEnumeration namingEnumeration )
@ -303,4 +383,14 @@ public class DefaultLdapRoleMapper
{
this.ldapConnectionFactory = ldapConnectionFactory;
}
public String getBaseDn()
{
return baseDn;
}
public void setBaseDn( String baseDn )
{
this.baseDn = baseDn;
}
}

79
redback-rbac/redback-rbac-providers/redback-rbac-ldap/src/main/resources/META-INF/spring-context.xml
View File

@ -31,85 +31,6 @@
<context:component-scan
base-package="org.apache.archiva.redback.rbac.ldap"/>
<bean name="cache#operations" class="org.apache.archiva.redback.components.cache.ehcache.EhcacheCache"
init-method="initialize">
<property name="diskPersistent" value="false"/>
<property name="eternal" value="false"/>
<property name="maxElementsInMemory" value="1000"/>
<property name="memoryEvictionPolicy" value="LRU"/>
<property name="name" value="operations"/>
<property name="timeToIdleSeconds" value="1800"/>
<property name="timeToLiveSeconds" value="14400"/>
</bean>
<bean name="cache#permissions" class="org.apache.archiva.redback.components.cache.ehcache.EhcacheCache"
init-method="initialize">
<property name="diskPersistent" value="false"/>
<property name="eternal" value="false"/>
<property name="maxElementsInMemory" value="1000"/>
<property name="memoryEvictionPolicy" value="LRU"/>
<property name="name" value="permissions"/>
<property name="timeToIdleSeconds" value="1800"/>
<property name="timeToLiveSeconds" value="14400"/>
</bean>
<bean name="cache#resources" class="org.apache.archiva.redback.components.cache.ehcache.EhcacheCache"
init-method="initialize">
<property name="diskPersistent" value="false"/>
<property name="eternal" value="false"/>
<property name="maxElementsInMemory" value="1000"/>
<property name="memoryEvictionPolicy" value="LRU"/>
<property name="name" value="resources"/>
<property name="timeToIdleSeconds" value="1800"/>
<property name="timeToLiveSeconds" value="14400"/>
</bean>
<bean name="cache#roles" class="org.apache.archiva.redback.components.cache.ehcache.EhcacheCache"
init-method="initialize">
<property name="diskPersistent" value="false"/>
<property name="eternal" value="false"/>
<property name="maxElementsInMemory" value="1000"/>
<property name="memoryEvictionPolicy" value="LRU"/>
<property name="name" value="roles"/>
<property name="timeToIdleSeconds" value="1800"/>
<property name="timeToLiveSeconds" value="14400"/>
</bean>
<bean name="cache#effectiveRoleSet" class="org.apache.archiva.redback.components.cache.ehcache.EhcacheCache"
init-method="initialize">
<property name="diskPersistent" value="false"/>
<property name="eternal" value="false"/>
<property name="maxElementsInMemory" value="1000"/>
<property name="memoryEvictionPolicy" value="LRU"/>
<property name="name" value="effectiveRoleSet"/>
<property name="timeToIdleSeconds" value="1800"/>
<property name="timeToLiveSeconds" value="14400"/>
</bean>
<!-- ================================================================
Caches with Short Term entries
================================================================ -->
<bean name="cache#userAssignments" class="org.apache.archiva.redback.components.cache.ehcache.EhcacheCache"
init-method="initialize">
<property name="diskPersistent" value="false"/>
<property name="eternal" value="false"/>
<property name="maxElementsInMemory" value="1000"/>
<property name="memoryEvictionPolicy" value="LRU"/>
<property name="name" value="userAssignments"/>
<property name="timeToIdleSeconds" value="300"/>
<property name="timeToLiveSeconds" value="600"/>
</bean>
<bean name="cache#userPermissions" class="org.apache.archiva.redback.components.cache.ehcache.EhcacheCache"
init-method="initialize">
<property name="diskPersistent" value="false"/>
<property name="eternal" value="false"/>
<property name="maxElementsInMemory" value="1000"/>
<property name="memoryEvictionPolicy" value="LRU"/>
<property name="name" value="userPermissions"/>
<property name="timeToIdleSeconds" value="300"/>
<property name="timeToLiveSeconds" value="600"/>
</bean>
</beans>

19
redback-rbac/redback-rbac-providers/redback-rbac-ldap/src/test/java/org/apache/archiva/redback/rbac/ldap/TestLdapRoleMapper.java
View File

@ -37,6 +37,7 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import javax.inject.Inject;
import javax.inject.Named;
import javax.naming.NameClassPair;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
@ -110,15 +111,27 @@ public class TestLdapRoleMapper
passwordEncoder = new SHA1PasswordEncoder();
groupSuffix = "dc=archiva,dc=apache,dc=org";
groupSuffix = apacheDs.addSimplePartition( "test", new String[]{ "archiva", "apache", "org" } ).getSuffix();
log.info( "groupSuffix: {}", groupSuffix );
suffix = apacheDs.addSimplePartition( "test", new String[]{ "archiva", "apache", "org" } ).getSuffix();
suffix = "ou=People,dc=archiva,dc=apache,dc=org";
log.info( "DN Suffix: {}", suffix );
apacheDs.startServer();
BasicAttribute objectClass = new BasicAttribute( "objectClass" );
objectClass.add( "top" );
objectClass.add( "organizationalUnit" );
Attributes attributes = new BasicAttributes( true );
attributes.put( objectClass );
attributes.put( "organizationalUnitName", "foo" );
//attributes.put( "ou", "People" );
apacheDs.getAdminContext().createSubcontext( suffix, attributes );
clearManyUsers();
makeUsers();
@ -145,6 +158,8 @@ public class TestLdapRoleMapper
context.unbind( createGroupDn( group.getKey() ) );
}
context.unbind( suffix );
apacheDs.stopServer();
super.tearDown();

88
redback-rbac/redback-rbac-providers/redback-rbac-ldap/src/test/resources/spring-context.xml
View File

@ -54,8 +54,96 @@
<bean name="ldapRoleMapper#test" class="org.apache.archiva.redback.rbac.ldap.DefaultLdapRoleMapper">
<property name="groupsDn" value="dc=archiva,dc=apache,dc=org"/>
<property name="ldapGroupClass" value="groupOfUniqueNames"/>
<property name="baseDn" value="ou=People,dc=archiva,dc=apache,dc=org"/>
<property name="ldapConnectionFactory" ref="ldapConnectionFactory#configurable"/>
<property name="userConf" ref="userConfiguration#default"/>
</bean>
<bean name="cache#operations" class="org.apache.archiva.redback.components.cache.ehcache.EhcacheCache"
init-method="initialize">
<property name="diskPersistent" value="false"/>
<property name="eternal" value="false"/>
<property name="maxElementsInMemory" value="1000"/>
<property name="memoryEvictionPolicy" value="LRU"/>
<property name="name" value="operations"/>
<property name="timeToIdleSeconds" value="1800"/>
<property name="timeToLiveSeconds" value="14400"/>
</bean>
<bean name="cache#permissions" class="org.apache.archiva.redback.components.cache.ehcache.EhcacheCache"
init-method="initialize">
<property name="diskPersistent" value="false"/>
<property name="eternal" value="false"/>
<property name="maxElementsInMemory" value="1000"/>
<property name="memoryEvictionPolicy" value="LRU"/>
<property name="name" value="permissions"/>
<property name="timeToIdleSeconds" value="1800"/>
<property name="timeToLiveSeconds" value="14400"/>
</bean>
<bean name="cache#resources" class="org.apache.archiva.redback.components.cache.ehcache.EhcacheCache"
init-method="initialize">
<property name="diskPersistent" value="false"/>
<property name="eternal" value="false"/>
<property name="maxElementsInMemory" value="1000"/>
<property name="memoryEvictionPolicy" value="LRU"/>
<property name="name" value="resources"/>
<property name="timeToIdleSeconds" value="1800"/>
<property name="timeToLiveSeconds" value="14400"/>
</bean>
<bean name="cache#roles" class="org.apache.archiva.redback.components.cache.ehcache.EhcacheCache"
init-method="initialize">
<property name="diskPersistent" value="false"/>
<property name="eternal" value="false"/>
<property name="maxElementsInMemory" value="1000"/>
<property name="memoryEvictionPolicy" value="LRU"/>
<property name="name" value="roles"/>
<property name="timeToIdleSeconds" value="1800"/>
<property name="timeToLiveSeconds" value="14400"/>
</bean>
<bean name="cache#effectiveRoleSet" class="org.apache.archiva.redback.components.cache.ehcache.EhcacheCache"
init-method="initialize">
<property name="diskPersistent" value="false"/>
<property name="eternal" value="false"/>
<property name="maxElementsInMemory" value="1000"/>
<property name="memoryEvictionPolicy" value="LRU"/>
<property name="name" value="effectiveRoleSet"/>
<property name="timeToIdleSeconds" value="1800"/>
<property name="timeToLiveSeconds" value="14400"/>
</bean>
<!-- ================================================================
Caches with Short Term entries
================================================================ -->
<bean name="cache#userAssignments" class="org.apache.archiva.redback.components.cache.ehcache.EhcacheCache"
init-method="initialize">
<property name="diskPersistent" value="false"/>
<property name="eternal" value="false"/>
<property name="maxElementsInMemory" value="1000"/>
<property name="memoryEvictionPolicy" value="LRU"/>
<property name="name" value="userAssignments"/>
<property name="timeToIdleSeconds" value="300"/>
<property name="timeToLiveSeconds" value="600"/>
</bean>
<bean name="cache#userPermissions" class="org.apache.archiva.redback.components.cache.ehcache.EhcacheCache"
init-method="initialize">
<property name="diskPersistent" value="false"/>
<property name="eternal" value="false"/>
<property name="maxElementsInMemory" value="1000"/>
<property name="memoryEvictionPolicy" value="LRU"/>
<property name="name" value="userPermissions"/>
<property name="timeToIdleSeconds" value="300"/>
<property name="timeToLiveSeconds" value="600"/>
</bean>
</beans>