Compare commits
44 Commits
master
...
dependabot
Author | SHA1 | Date |
---|---|---|
dependabot[bot] | 347d025df6 | |
dependabot[bot] | 85f263ac18 | |
dependabot[bot] | cc108fe9f2 | |
dependabot[bot] | 376920265f | |
dependabot[bot] | 63ac0a99ff | |
Olivier Lamy | 5f07fb3dac | |
Olivier Lamy | d612ad484f | |
Olivier Lamy | fe735f37f7 | |
dependabot[bot] | 5faca8935a | |
Olivier Lamy | 87aeec790f | |
Olivier Lamy | 2ac0e25ab9 | |
Olivier Lamy | 45cd5a6345 | |
Olivier Lamy | e6935e5849 | |
Olivier Lamy | a074c4a036 | |
Olivier Lamy | c11fd5dded | |
Olivier Lamy | ec6df33649 | |
Olivier Lamy | c1de0a3417 | |
Olivier Lamy | f478b4d8a5 | |
Olivier Lamy | de0c39b216 | |
Olivier Lamy | 18b3716969 | |
dependabot[bot] | ed1f852dd0 | |
Olivier Lamy | 9b51d330dc | |
Olivier Lamy | 963c09c974 | |
Olivier Lamy | e8378c3ef8 | |
dependabot[bot] | 83afadd0eb | |
dependabot[bot] | 3c7d2cdf60 | |
Olivier Lamy | a81f80f23f | |
Olivier Lamy | a07b32b9cc | |
Olivier Lamy | cefcb3f7da | |
Olivier Lamy | 21b3c47f36 | |
Martin Schreier | 5698540871 | |
Martin Stockhammer | e9a7c70b89 | |
Martin Stockhammer | cd3eeac72e | |
Martin Stockhammer | fa8d654bba | |
Martin Stockhammer | 38b9554710 | |
Martin Stockhammer | ee8f38dd0c | |
Martin Stockhammer | 7bb6d8eba2 | |
Martin Stockhammer | 68a7bc4c2a | |
Martin Stockhammer | 1e7c84322b | |
Martin Stockhammer | a3bc5ee7ff | |
Martin Stockhammer | 31c72fc424 | |
Martin Stockhammer | 3c212ed127 | |
Martin Stockhammer | 4a98784031 | |
Martin Stockhammer | cd9334ce74 |
|
@ -0,0 +1,54 @@
|
|||
# Licensed to the Apache Software Foundation (ASF) under one
|
||||
# or more contributor license agreements. See the NOTICE file
|
||||
# distributed with this work for additional information
|
||||
# regarding copyright ownership. The ASF licenses this file
|
||||
# to you under the Apache License, Version 2.0 (the
|
||||
# "License"); you may not use this file except in compliance
|
||||
# with the License. You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing,
|
||||
# software distributed under the License is distributed on an
|
||||
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
# KIND, either express or implied. See the License for the
|
||||
# specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
version: 2
|
||||
|
||||
registries:
|
||||
maven-central:
|
||||
type: maven-repository
|
||||
url: https://repo.maven.apache.org/maven2
|
||||
username: ""
|
||||
password: ""
|
||||
|
||||
updates:
|
||||
- package-ecosystem: "maven"
|
||||
directory: "/"
|
||||
registries:
|
||||
- maven-central
|
||||
target-branch: "redback-2.6.x"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
|
||||
- package-ecosystem: "maven"
|
||||
directory: "/"
|
||||
registries:
|
||||
- maven-central
|
||||
target-branch: "master"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
|
||||
- package-ecosystem: "github-actions"
|
||||
directory: "/"
|
||||
target-branch: "master"
|
||||
schedule:
|
||||
interval: "daily"
|
||||
|
||||
- package-ecosystem: "github-actions"
|
||||
directory: "/"
|
||||
target-branch: "redback-2.6.x"
|
||||
schedule:
|
||||
interval: "daily"
|
|
@ -0,0 +1,22 @@
|
|||
# Licensed to the Apache Software Foundation (ASF) under one
|
||||
# or more contributor license agreements. See the NOTICE file
|
||||
# distributed with this work for additional information
|
||||
# regarding copyright ownership. The ASF licenses this file
|
||||
# to you under the Apache License, Version 2.0 (the
|
||||
# "License"); you may not use this file except in compliance
|
||||
# with the License. You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing,
|
||||
# software distributed under the License is distributed on an
|
||||
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
# KIND, either express or implied. See the License for the
|
||||
# specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
_extends: archiva-parent
|
||||
tag-template: redback-2.6.x-$NEXT_MINOR_VERSION
|
||||
name-template: 2.6.x
|
||||
filter-by-commitish: true
|
||||
commitish: redback-2.6.x
|
|
@ -0,0 +1,48 @@
|
|||
# Licensed to the Apache Software Foundation (ASF) under one
|
||||
# or more contributor license agreements. See the NOTICE file
|
||||
# distributed with this work for additional information
|
||||
# regarding copyright ownership. The ASF licenses this file
|
||||
# to you under the Apache License, Version 2.0 (the
|
||||
# "License"); you may not use this file except in compliance
|
||||
# with the License. You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing,
|
||||
# software distributed under the License is distributed on an
|
||||
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
# KIND, either express or implied. See the License for the
|
||||
# specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
name: GitHub CI
|
||||
|
||||
on:
|
||||
push:
|
||||
pull_request:
|
||||
|
||||
|
||||
jobs:
|
||||
build:
|
||||
|
||||
strategy:
|
||||
matrix:
|
||||
os: [ubuntu-latest, windows-latest]
|
||||
java: [8]
|
||||
fail-fast: true
|
||||
|
||||
runs-on: ${{ matrix.os }}
|
||||
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
|
||||
- name: Set up JDK
|
||||
uses: actions/setup-java@v3.3.0
|
||||
with:
|
||||
distribution: temurin
|
||||
java-version: ${{ matrix.java }}
|
||||
cache: 'maven'
|
||||
|
||||
- name: Build with Maven
|
||||
run: mvn -e -B -V install
|
|
@ -0,0 +1,31 @@
|
|||
# Licensed to the Apache Software Foundation (ASF) under one
|
||||
# or more contributor license agreements. See the NOTICE file
|
||||
# distributed with this work for additional information
|
||||
# regarding copyright ownership. The ASF licenses this file
|
||||
# to you under the Apache License, Version 2.0 (the
|
||||
# "License"); you may not use this file except in compliance
|
||||
# with the License. You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing,
|
||||
# software distributed under the License is distributed on an
|
||||
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
# KIND, either express or implied. See the License for the
|
||||
# specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
name: Release Drafter 2.6.x
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- redback-2.6.x
|
||||
jobs:
|
||||
update_release_draft:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: release-drafter/release-drafter@v5
|
||||
with:
|
||||
config-name: release-drafter-2.6.x.yml # located in .github/ in default branch
|
||||
env:
|
||||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
16
.travis.yml
16
.travis.yml
|
@ -1,16 +0,0 @@
|
|||
language: java
|
||||
jdk:
|
||||
- openjdk7
|
||||
- oraclejdk7
|
||||
|
||||
script: "mvn clean install"
|
||||
|
||||
cache:
|
||||
directories:
|
||||
- $HOME/.m2
|
||||
branches:
|
||||
except:
|
||||
- gh-pages
|
||||
notifications:
|
||||
email:
|
||||
- olamy@apache.org
|
|
@ -1,71 +1,93 @@
|
|||
node {
|
||||
// System Dependent Locations
|
||||
def mvntool = tool name: 'maven3', type: 'hudson.tasks.Maven$MavenInstallation'
|
||||
def jdktool = tool name: 'jdk8', type: 'hudson.model.JDK'
|
||||
/*
|
||||
* Licensed to the Apache Software Foundation (ASF) under one
|
||||
* or more contributor license agreements. See the NOTICE file
|
||||
* distributed with this work for additional information
|
||||
* regarding copyright ownership. The ASF licenses this file
|
||||
* to you under the Apache License, Version 2.0 (the
|
||||
* "License"); you may not use this file except in compliance
|
||||
* with the License. You may obtain a copy of the License at
|
||||
*
|
||||
* http://www.apache.org/licenses/LICENSE-2.0
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the License is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
* KIND, either express or implied. See the License for the
|
||||
* specific language governing permissions and limitations
|
||||
* under the License.
|
||||
*/
|
||||
|
||||
// Environment
|
||||
List mvnEnv = ["PATH+MVN=${mvntool}/bin", "PATH+JDK=${jdktool}/bin", "JAVA_HOME=${jdktool}/", "MAVEN_HOME=${mvntool}"]
|
||||
mvnEnv.add("MAVEN_OPTS=-Xms256m -Xmx1024m -Djava.awt.headless=true")
|
||||
/**
|
||||
* Main build file for Jenkins Multibranch pipeline.
|
||||
*
|
||||
* The pipeline builds, runs the test and deploys to the archiva snapshot repository.
|
||||
*
|
||||
* Uses one stage for build and deploy to avoid running it multiple times.
|
||||
* The settings for deployment with the credentials must be provided by a MavenSettingsProvider.
|
||||
*
|
||||
* Only the war and zip artifacts are archived in the jenkins build archive.
|
||||
*/
|
||||
LABEL = 'ubuntu'
|
||||
buildJdk = 'jdk_1.8_latest'
|
||||
buildJdk11 = 'jdk_11_latest'
|
||||
mavenVersion = 'maven_3.5.4'
|
||||
|
||||
try
|
||||
{
|
||||
stage 'Checkout'
|
||||
checkout scm
|
||||
} catch (Exception e) {
|
||||
//notifyBuild("Checkout Failure")
|
||||
throw e
|
||||
}
|
||||
def defaultPublishers = [artifactsPublisher(disabled: false), junitPublisher(ignoreAttachments: false, disabled: false),
|
||||
findbugsPublisher(disabled: true), openTasksPublisher(disabled: true),
|
||||
dependenciesFingerprintPublisher(disabled: false), invokerPublisher(disabled: true),
|
||||
pipelineGraphPublisher(disabled: false),mavenLinkerPublisher(disabled: false)]
|
||||
|
||||
try
|
||||
{
|
||||
stage 'Build'
|
||||
withEnv(mvnEnv) {
|
||||
timeout(60) {
|
||||
// Run test phase / ignore test failures
|
||||
sh "mvn -B clean install -Dmaven.test.failure.ignore=true -e"
|
||||
// Report failures in the jenkins UI
|
||||
step([$class: 'JUnitResultArchiver', testResults: '**/target/surefire-reports/TEST-*.xml'])
|
||||
}
|
||||
if(isUnstable())
|
||||
{
|
||||
//notifyBuild("Unstable / Test Errors")
|
||||
}
|
||||
pipeline {
|
||||
agent { label "${LABEL}" }
|
||||
parameters {
|
||||
string(name: 'THREADS', defaultValue: '2', description: 'Number of threads for the mvn build (-T option). Must be a integer value>0.')
|
||||
}
|
||||
options {
|
||||
disableConcurrentBuilds()
|
||||
durabilityHint('PERFORMANCE_OPTIMIZED')
|
||||
buildDiscarder(logRotator(numToKeepStr: '5', artifactNumToKeepStr: '2'))
|
||||
timeout(time: 120, unit: 'MINUTES')
|
||||
}
|
||||
|
||||
stages {
|
||||
stage( 'JDK8' ) {
|
||||
steps {
|
||||
script{
|
||||
if (env.NONAPACHEORG_RUN != 'y' && ( env.BRANCH_NAME == 'master' || env.BRANCH_NAME == 'redback-2.6.x' ) )
|
||||
{
|
||||
asfStandardBuild.mavenBuild( buildJdk, "clean deploy -U -fae -T${params.THREADS}", mavenVersion,
|
||||
defaultPublishers )
|
||||
} else {
|
||||
asfStandardBuild.mavenBuild( buildJdk, "clean install -U -fae -T${params.THREADS}", mavenVersion,
|
||||
defaultPublishers )
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
post {
|
||||
always {
|
||||
cleanWs deleteDirs: true, notFailBuild: true, patterns: [[pattern: '.repository', type: 'EXCLUDE']]
|
||||
}
|
||||
unstable {
|
||||
script{
|
||||
asfStandardBuild.notifyBuild( "Unstable Build ")
|
||||
}
|
||||
}
|
||||
failure {
|
||||
script{
|
||||
asfStandardBuild.notifyBuild( "Error in redback core build ")
|
||||
}
|
||||
}
|
||||
success {
|
||||
script {
|
||||
def previousResult = currentBuild.previousBuild?.result
|
||||
if (previousResult && !currentBuild.resultIsWorseOrEqualTo( previousResult ) ) {
|
||||
asfStandardBuild.notifyBuild( "Fixed" )
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
} catch(Exception e) {
|
||||
notifyBuild("Test Failure")
|
||||
throw e
|
||||
}
|
||||
}
|
||||
|
||||
// Test if the Jenkins Pipeline or Step has marked the
|
||||
// current build as unstable
|
||||
def isUnstable()
|
||||
{
|
||||
return currentBuild.result == "UNSTABLE"
|
||||
}
|
||||
|
||||
// Send a notification about the build status
|
||||
def notifyBuild(String buildStatus)
|
||||
{
|
||||
// default the value
|
||||
buildStatus = buildStatus ?: "UNKNOWN"
|
||||
|
||||
def email = "${env.EMAILADDRESS}"
|
||||
def summary = "${env.JOB_NAME}#${env.BUILD_NUMBER} - ${buildStatus}"
|
||||
def detail = """<h4>Job: <a href='${env.JOB_URL}'>${env.JOB_NAME}</a> [#${env.BUILD_NUMBER}]</h4>
|
||||
<p><b>${buildStatus}</b></p>
|
||||
<table>
|
||||
<tr><td>Build</td><td><a href='${env.BUILD_URL}'>${env.BUILD_URL}</a></td><tr>
|
||||
<tr><td>Console</td><td><a href='${env.BUILD_URL}console'>${env.BUILD_URL}console</a></td><tr>
|
||||
<tr><td>Test Report</td><td><a href='${env.BUILD_URL}testReport/'>${env.BUILD_URL}testReport/</a></td><tr>
|
||||
</table>
|
||||
"""
|
||||
|
||||
emailext (
|
||||
to: email,
|
||||
subject: summary,
|
||||
body: detail
|
||||
)
|
||||
}
|
||||
|
||||
// vim: et:ts=2:sw=2:ft=groovy
|
||||
// vim: et:ts=4:sw=4:ft=groovy
|
||||
|
|
49
pom.xml
49
pom.xml
|
@ -28,7 +28,7 @@
|
|||
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
|
||||
<packaging>pom</packaging>
|
||||
<name>Apache Archiva Redback</name>
|
||||
|
@ -57,8 +57,8 @@
|
|||
</modules>
|
||||
|
||||
<scm>
|
||||
<connection>scm:git:https://git-wip-us.apache.org/repos/asf/archiva-redback-core.git</connection>
|
||||
<developerConnection>scm:git:https://git-wip-us.apache.org/repos/asf/archiva-redback-core.git</developerConnection>
|
||||
<connection>scm:git:https://github.com/apache/archiva-redback-core.git</connection>
|
||||
<developerConnection>scm:git:https://github.com/apache/archiva-redback-core.git</developerConnection>
|
||||
<url>https://github.com/apache/archiva-redback-core</url>
|
||||
<tag>redback-2.6</tag>
|
||||
</scm>
|
||||
|
@ -72,12 +72,12 @@
|
|||
|
||||
<properties>
|
||||
<springVersion>4.2.1.RELEASE</springVersion>
|
||||
<slf4jVersion>1.7.12</slf4jVersion>
|
||||
<log4j2Version>2.3</log4j2Version>
|
||||
<slf4jVersion>1.7.32</slf4jVersion>
|
||||
<log4j2Version>2.17.1</log4j2Version>
|
||||
|
||||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
|
||||
<gpg.useagent>true</gpg.useagent>
|
||||
<cxf.version>3.0.3</cxf.version>
|
||||
<cxf.version>3.5.2</cxf.version>
|
||||
<!--
|
||||
<redbackTestJdbcUrl>jdbc:derby:memory:users-test;create=true</redbackTestJdbcUrl>
|
||||
<redbackTestJdbcDriver>org.apache.derby.jdbc.EmbeddedDriver</redbackTestJdbcDriver>
|
||||
|
@ -320,12 +320,12 @@
|
|||
<dependency>
|
||||
<groupId>org.codehaus.plexus</groupId>
|
||||
<artifactId>plexus-utils</artifactId>
|
||||
<version>3.0</version>
|
||||
<version>3.4.2</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.codehaus.plexus</groupId>
|
||||
<artifactId>plexus-interpolation</artifactId>
|
||||
<version>1.9</version>
|
||||
<version>1.26</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.archiva.redback.components.cache</groupId>
|
||||
|
@ -438,7 +438,7 @@
|
|||
<dependency>
|
||||
<groupId>commons-codec</groupId>
|
||||
<artifactId>commons-codec</artifactId>
|
||||
<version>1.6</version>
|
||||
<version>1.15</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.slf4j</groupId>
|
||||
|
@ -839,37 +839,6 @@
|
|||
<artifactId>maven-project-info-reports-plugin</artifactId>
|
||||
<version>${maven-project-info-reports-plugin.version}</version>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-surefire-report-plugin</artifactId>
|
||||
<version>${surefireVersion}</version>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-checkstyle-plugin</artifactId>
|
||||
<version>${checkstyleVersion}</version>
|
||||
<inherited>false</inherited>
|
||||
<configuration>
|
||||
<configLocation>config/maven_checks.xml</configLocation>
|
||||
<headerLocation>config/maven-header.txt</headerLocation>
|
||||
</configuration>
|
||||
<reportSets>
|
||||
<reportSet>
|
||||
<reports>
|
||||
<report>checkstyle-aggregate</report>
|
||||
</reports>
|
||||
</reportSet>
|
||||
</reportSets>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-jxr-plugin</artifactId>
|
||||
<version>${jxrVersion}</version>
|
||||
<inherited>false</inherited>
|
||||
<configuration>
|
||||
<aggregate>true</aggregate>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-javadoc-plugin</artifactId>
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
<artifactId>redback-authentication</artifactId>
|
||||
<name>Redback :: Authentication</name>
|
||||
|
|
|
@ -23,7 +23,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-authentication</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-authentication-api</artifactId>
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-authentication</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
<artifactId>redback-authentication-providers</artifactId>
|
||||
<name>Redback :: Authentication Providers</name>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-authentication-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-authentication-ldap</artifactId>
|
||||
|
|
|
@ -20,6 +20,7 @@ package org.apache.archiva.redback.authentication.ldap;
|
|||
*/
|
||||
|
||||
import org.apache.archiva.redback.authentication.AbstractAuthenticator;
|
||||
import org.apache.archiva.redback.common.ldap.LdapUtils;
|
||||
import org.apache.archiva.redback.common.ldap.connection.DefaultLdapConnection;
|
||||
import org.apache.archiva.redback.common.ldap.connection.LdapConnection;
|
||||
import org.apache.archiva.redback.common.ldap.user.UserMapper;
|
||||
|
@ -100,7 +101,7 @@ public class LdapBindAuthenticator
|
|||
|
||||
String filter = "(&(objectClass=" + mapper.getUserObjectClass() + ")" + ( mapper.getUserFilter() != null
|
||||
? mapper.getUserFilter()
|
||||
: "" ) + "(" + mapper.getUserIdAttribute() + "=" + source.getUsername() + "))";
|
||||
: "" ) + "(" + mapper.getUserIdAttribute() + "=" + LdapUtils.encodeFilterValue( source.getUsername() ) + "))";
|
||||
|
||||
log.debug( "Searching for users with filter: '{}' from base dn: {}", filter, mapper.getUserBaseDn() );
|
||||
|
||||
|
|
|
@ -137,6 +137,17 @@ public class LdapBindAuthenticatorTest
|
|||
assertTrue( result.isAuthenticated() );
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testAuthenticationWithInvalidChar()
|
||||
throws Exception
|
||||
{
|
||||
PasswordBasedAuthenticationDataSource authDs = new PasswordBasedAuthenticationDataSource();
|
||||
authDs.setPrincipal( "jesse)(mail=foo" );
|
||||
authDs.setPassword( passwordEncoder.encodePassword( "foo" ) );
|
||||
AuthenticationResult result = authnr.authenticate( authDs );
|
||||
assertFalse( result.isAuthenticated() );
|
||||
}
|
||||
|
||||
// REDBACK-289/MRM-1488
|
||||
@Test
|
||||
public void testAuthenticationFromCache()
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-authentication-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-authentication-memory</artifactId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-authentication-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-authentication-open</artifactId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-authentication-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-authentication-users</artifactId>
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
<artifactId>redback-authorization</artifactId>
|
||||
<name>Redback :: Authorization</name>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-authorization</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-authorization-api</artifactId>
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-authorization</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
<artifactId>redback-authorization-providers</artifactId>
|
||||
<name>Redback :: Authorization Providers</name>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-authorization-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-authorization-open</artifactId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-authorization-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-authorization-rbac</artifactId>
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
<artifactId>redback-common</artifactId>
|
||||
<name>Redback :: Commons</name>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-common</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-common-jdo</artifactId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-common</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-common-ldap</artifactId>
|
||||
|
|
|
@ -19,10 +19,14 @@ package org.apache.archiva.redback.common.ldap;
|
|||
* under the License.
|
||||
*/
|
||||
|
||||
import javax.naming.CompositeName;
|
||||
import javax.naming.InvalidNameException;
|
||||
import javax.naming.NamingEnumeration;
|
||||
import javax.naming.NamingException;
|
||||
import javax.naming.directory.Attribute;
|
||||
import javax.naming.directory.Attributes;
|
||||
import javax.naming.ldap.LdapName;
|
||||
import javax.naming.ldap.Rdn;
|
||||
|
||||
/**
|
||||
*
|
||||
|
@ -30,6 +34,28 @@ import javax.naming.directory.Attributes;
|
|||
*/
|
||||
public final class LdapUtils
|
||||
{
|
||||
|
||||
private static String[] FILTER_ESCAPE_TABLE = new String['\\' + 1];
|
||||
|
||||
|
||||
// Characters that must be escaped in a user filter
|
||||
static {
|
||||
|
||||
// Filter encoding table -------------------------------------
|
||||
// fill with char itself
|
||||
for (char c = 0; c < FILTER_ESCAPE_TABLE.length; c++) {
|
||||
FILTER_ESCAPE_TABLE[c] = String.valueOf(c);
|
||||
}
|
||||
|
||||
// escapes (RFC2254)
|
||||
FILTER_ESCAPE_TABLE['*'] = "\\2a";
|
||||
FILTER_ESCAPE_TABLE['('] = "\\28";
|
||||
FILTER_ESCAPE_TABLE[')'] = "\\29";
|
||||
FILTER_ESCAPE_TABLE['\\'] = "\\5c";
|
||||
FILTER_ESCAPE_TABLE[0] = "\\00";
|
||||
}
|
||||
|
||||
|
||||
private LdapUtils()
|
||||
{
|
||||
// no op
|
||||
|
@ -129,4 +155,77 @@ public final class LdapUtils
|
|||
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a LDAP name from a given RDN string. The <code>name</code> parameter must be a string
|
||||
* representation of a composite name (as returned by ldapsearch result getName())
|
||||
* @param name The string of the RDN (may be escaped)
|
||||
* @return The LdapName that corresponds to this string
|
||||
* @throws InvalidNameException If the string cannot be parsed as LDAP name
|
||||
*/
|
||||
public static LdapName getLdapNameFromString(final String name) throws InvalidNameException
|
||||
{
|
||||
CompositeName coName = new CompositeName( name );
|
||||
LdapName ldapName = new LdapName( "" );
|
||||
ldapName.addAll( coName );
|
||||
return ldapName;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the first RDN value that matches the given type.
|
||||
* E.g. for the RDN ou=People,dc=test,dc=de, and type dc it will return 'test'.
|
||||
*
|
||||
* @param name the ldap name
|
||||
* @param type the type of the RDN entry
|
||||
* @return
|
||||
*/
|
||||
public static String findFirstRdnValue(LdapName name, String type) {
|
||||
for ( Rdn rdn : name.getRdns() )
|
||||
{
|
||||
if ( rdn.getType( ).equals( type ) )
|
||||
{
|
||||
Object val = rdn.getValue( );
|
||||
if (val!=null) {
|
||||
return val.toString( );
|
||||
} else {
|
||||
return "";
|
||||
}
|
||||
}
|
||||
}
|
||||
return "";
|
||||
}
|
||||
|
||||
/**
|
||||
* Escape a value for use in a filter.
|
||||
* This method is copied from the spring framework class org.springframework.security.ldap.authentication.LdapEncoder
|
||||
*
|
||||
* @param value the value to escape.
|
||||
* @return a properly escaped representation of the supplied value.
|
||||
*/
|
||||
public static String encodeFilterValue(String value) {
|
||||
|
||||
if (value == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
// make buffer roomy
|
||||
StringBuilder encodedValue = new StringBuilder(value.length() * 2);
|
||||
|
||||
int length = value.length();
|
||||
|
||||
for (int i = 0; i < length; i++) {
|
||||
|
||||
char c = value.charAt(i);
|
||||
|
||||
if (c < FILTER_ESCAPE_TABLE.length) {
|
||||
encodedValue.append(FILTER_ESCAPE_TABLE[c]);
|
||||
}
|
||||
else {
|
||||
// default: add the char
|
||||
encodedValue.append(c);
|
||||
}
|
||||
}
|
||||
|
||||
return encodedValue.toString();
|
||||
}
|
||||
}
|
||||
|
|
|
@ -48,6 +48,7 @@ import javax.naming.directory.DirContext;
|
|||
import javax.naming.directory.ModificationItem;
|
||||
import javax.naming.directory.SearchControls;
|
||||
import javax.naming.directory.SearchResult;
|
||||
import javax.naming.ldap.LdapName;
|
||||
import javax.naming.ldap.Rdn;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collection;
|
||||
|
@ -66,7 +67,7 @@ public class DefaultLdapRoleMapper
|
|||
implements LdapRoleMapper
|
||||
{
|
||||
|
||||
private Logger log = LoggerFactory.getLogger( getClass() );
|
||||
private Logger log = LoggerFactory.getLogger( getClass( ) );
|
||||
|
||||
@Inject
|
||||
@Named( value = "ldapConnectionFactory#configurable" )
|
||||
|
@ -96,7 +97,7 @@ public class DefaultLdapRoleMapper
|
|||
|
||||
private String baseDn;
|
||||
|
||||
private String ldapGroupMember = "uniqueMember";
|
||||
private String ldapGroupMemberAttribute = "uniqueMember";
|
||||
|
||||
private boolean useDefaultRoleName = false;
|
||||
|
||||
|
@ -106,13 +107,28 @@ public class DefaultLdapRoleMapper
|
|||
* possible to user cn=beer or uid=beer or sn=beer etc
|
||||
* so make it configurable
|
||||
*/
|
||||
private String userIdAttribute = "uid";
|
||||
public static String DEFAULT_USER_ID_ATTRIBUTE = "uid";
|
||||
private String userIdAttribute = DEFAULT_USER_ID_ATTRIBUTE;
|
||||
|
||||
public static String DEFAULT_GROUP_NAME_ATTRIBUTE = "cn";
|
||||
private String groupNameAttribute = DEFAULT_GROUP_NAME_ATTRIBUTE;
|
||||
|
||||
// True, if the member attribute stores the DN, otherwise the userkey is used as entry value
|
||||
private boolean useDnAsMemberValue = true;
|
||||
|
||||
private static final String POSIX_GROUP = "posixGroup";
|
||||
|
||||
@PostConstruct
|
||||
public void initialize()
|
||||
public void initialize( )
|
||||
{
|
||||
this.ldapGroupClass = userConf.getString( UserConfigurationKeys.LDAP_GROUPS_CLASS, this.ldapGroupClass );
|
||||
|
||||
if (StringUtils.equalsIgnoreCase( POSIX_GROUP, this.ldapGroupClass )) {
|
||||
this.useDnAsMemberValue = false;
|
||||
}
|
||||
|
||||
this.useDnAsMemberValue = userConf.getBoolean( UserConfigurationKeys.LDAP_GROUPS_USE_DN_AS_MEMBER_VALUE, this.useDnAsMemberValue );
|
||||
|
||||
this.baseDn = userConf.getConcatenatedList( UserConfigurationKeys.LDAP_BASEDN, this.baseDn );
|
||||
|
||||
this.groupsDn = userConf.getConcatenatedList( UserConfigurationKeys.LDAP_GROUPS_BASEDN, this.groupsDn );
|
||||
|
@ -127,11 +143,30 @@ public class DefaultLdapRoleMapper
|
|||
this.useDefaultRoleName =
|
||||
userConf.getBoolean( UserConfigurationKeys.LDAP_GROUPS_USE_ROLENAME, this.useDefaultRoleName );
|
||||
|
||||
this.userIdAttribute = userConf.getString( UserConfigurationKeys.LDAP_USER_ID_ATTRIBUTE, this.userIdAttribute );
|
||||
this.userIdAttribute = userConf.getString( UserConfigurationKeys.LDAP_USER_ID_ATTRIBUTE, DEFAULT_USER_ID_ATTRIBUTE );
|
||||
|
||||
this.ldapGroupMember = userConf.getString( UserConfigurationKeys.LDAP_GROUPS_MEMBER, this.ldapGroupMember );
|
||||
this.ldapGroupMemberAttribute = userConf.getString( UserConfigurationKeys.LDAP_GROUPS_MEMBER, this.ldapGroupMemberAttribute );
|
||||
|
||||
this.dnAttr = userConf.getString( UserConfigurationKeys.LDAP_DN_ATTRIBUTE, this.dnAttr );
|
||||
|
||||
this.groupNameAttribute = userConf.getString( UserConfigurationKeys.LDAP_GROUP_NAME_ATTRIBUTE, DEFAULT_GROUP_NAME_ATTRIBUTE );
|
||||
}
|
||||
|
||||
|
||||
private String getGroupNameFromResult( SearchResult searchResult ) throws NamingException
|
||||
{
|
||||
Attribute gNameAtt = searchResult.getAttributes( ).get( groupNameAttribute );
|
||||
if ( gNameAtt != null )
|
||||
{
|
||||
return gNameAtt.get( ).toString( );
|
||||
}
|
||||
else
|
||||
{
|
||||
log.error( "Could not get group name from attribute {}. Group DN: {}", groupNameAttribute, searchResult.getNameInNamespace( ) );
|
||||
return "";
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
public List<String> getAllGroups( DirContext context )
|
||||
|
@ -142,45 +177,43 @@ public class DefaultLdapRoleMapper
|
|||
try
|
||||
{
|
||||
|
||||
SearchControls searchControls = new SearchControls();
|
||||
SearchControls searchControls = new SearchControls( );
|
||||
|
||||
searchControls.setDerefLinkFlag( true );
|
||||
searchControls.setSearchScope( SearchControls.SUBTREE_SCOPE );
|
||||
searchControls.setReturningAttributes( new String[]{ this.getLdapDnAttribute(), "objectClass", groupNameAttribute} );
|
||||
|
||||
String filter = "objectClass=" + getLdapGroupClass();
|
||||
String filter = "objectClass=" + getLdapGroupClass( );
|
||||
|
||||
if ( !StringUtils.isEmpty( this.groupFilter ) )
|
||||
{
|
||||
filter = "(&(" + filter + ")(" + this.groupFilter + "))";
|
||||
}
|
||||
|
||||
namingEnumeration = context.search( getGroupsDn(), filter, searchControls );
|
||||
namingEnumeration = context.search( getGroupsDn( ), filter, searchControls );
|
||||
|
||||
List<String> allGroups = new ArrayList<String>();
|
||||
List<String> allGroups = new ArrayList<String>( );
|
||||
|
||||
while ( namingEnumeration.hasMore() )
|
||||
while ( namingEnumeration.hasMore( ) )
|
||||
{
|
||||
SearchResult searchResult = namingEnumeration.next();
|
||||
|
||||
String groupName = searchResult.getName();
|
||||
// cn=blabla we only want bla bla
|
||||
groupName = StringUtils.substringAfter( groupName, "=" );
|
||||
|
||||
log.debug( "found groupName: '{}", groupName );
|
||||
|
||||
allGroups.add( groupName );
|
||||
|
||||
SearchResult searchResult = namingEnumeration.next( );
|
||||
String groupName = getGroupNameFromResult( searchResult );
|
||||
if ( StringUtils.isNotEmpty( groupName ) )
|
||||
{
|
||||
log.debug( "Found groupName: '{}", groupName );
|
||||
allGroups.add( groupName );
|
||||
}
|
||||
}
|
||||
|
||||
return allGroups;
|
||||
}
|
||||
catch ( LdapException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
}
|
||||
catch ( NamingException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
}
|
||||
|
||||
finally
|
||||
|
@ -195,7 +228,7 @@ public class DefaultLdapRoleMapper
|
|||
{
|
||||
try
|
||||
{
|
||||
namingEnumeration.close();
|
||||
namingEnumeration.close( );
|
||||
}
|
||||
catch ( NamingException e )
|
||||
{
|
||||
|
@ -225,16 +258,16 @@ public class DefaultLdapRoleMapper
|
|||
try
|
||||
{
|
||||
|
||||
SearchControls searchControls = new SearchControls();
|
||||
SearchControls searchControls = new SearchControls( );
|
||||
|
||||
searchControls.setDerefLinkFlag( true );
|
||||
searchControls.setSearchScope( SearchControls.SUBTREE_SCOPE );
|
||||
|
||||
String filter = "objectClass=" + getLdapGroupClass();
|
||||
String filter = "objectClass=" + getLdapGroupClass( );
|
||||
|
||||
namingEnumeration = context.search( "cn=" + groupName + "," + getGroupsDn(), filter, searchControls );
|
||||
namingEnumeration = context.search( groupNameAttribute + "=" + groupName + "," + getGroupsDn( ), filter, searchControls );
|
||||
|
||||
return namingEnumeration.hasMore();
|
||||
return namingEnumeration.hasMore( );
|
||||
}
|
||||
catch ( NameNotFoundException e )
|
||||
{
|
||||
|
@ -243,11 +276,11 @@ public class DefaultLdapRoleMapper
|
|||
}
|
||||
catch ( LdapException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
}
|
||||
catch ( NamingException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
}
|
||||
|
||||
finally
|
||||
|
@ -261,14 +294,14 @@ public class DefaultLdapRoleMapper
|
|||
{
|
||||
List<String> groups = getAllGroups( context );
|
||||
|
||||
if ( groups.isEmpty() )
|
||||
if ( groups.isEmpty( ) )
|
||||
{
|
||||
return Collections.emptyList();
|
||||
return Collections.emptyList( );
|
||||
}
|
||||
|
||||
Set<String> roles = new HashSet<String>( groups.size() );
|
||||
Set<String> roles = new HashSet<String>( groups.size( ) );
|
||||
|
||||
Map<String, Collection<String>> mapping = ldapRoleMapperConfiguration.getLdapGroupMappings();
|
||||
Map<String, Collection<String>> mapping = ldapRoleMapperConfiguration.getLdapGroupMappings( );
|
||||
|
||||
for ( String group : groups )
|
||||
{
|
||||
|
@ -293,30 +326,29 @@ public class DefaultLdapRoleMapper
|
|||
try
|
||||
{
|
||||
|
||||
SearchControls searchControls = new SearchControls();
|
||||
SearchControls searchControls = new SearchControls( );
|
||||
|
||||
searchControls.setDerefLinkFlag( true );
|
||||
searchControls.setSearchScope( SearchControls.SUBTREE_SCOPE );
|
||||
|
||||
String filter = "objectClass=" + getLdapGroupClass();
|
||||
String filter = "objectClass=" + getLdapGroupClass( );
|
||||
|
||||
namingEnumeration = context.search( "cn=" + group + "," + getGroupsDn(), filter, searchControls );
|
||||
namingEnumeration = context.search( groupNameAttribute + "=" + group + "," + getGroupsDn( ), filter, searchControls );
|
||||
|
||||
List<String> allMembers = new ArrayList<String>();
|
||||
List<String> allMembers = new ArrayList<String>( );
|
||||
|
||||
while ( namingEnumeration.hasMore() )
|
||||
while ( namingEnumeration.hasMore( ) )
|
||||
{
|
||||
SearchResult searchResult = namingEnumeration.next();
|
||||
SearchResult searchResult = namingEnumeration.next( );
|
||||
|
||||
Attribute uniqueMemberAttr = searchResult.getAttributes().get( getLdapGroupMember() );
|
||||
Attribute uniqueMemberAttr = searchResult.getAttributes( ).get( getLdapGroupMemberAttribute( ) );
|
||||
|
||||
if ( uniqueMemberAttr != null )
|
||||
{
|
||||
NamingEnumeration<String> allMembersEnum = (NamingEnumeration<String>) uniqueMemberAttr.getAll();
|
||||
while ( allMembersEnum.hasMore() )
|
||||
NamingEnumeration<?> allMembersEnum = uniqueMemberAttr.getAll( );
|
||||
while ( allMembersEnum.hasMore( ) )
|
||||
{
|
||||
String userName = allMembersEnum.next();
|
||||
// uid=blabla we only want bla bla
|
||||
String userName = allMembersEnum.next( ).toString( );
|
||||
userName = StringUtils.substringAfter( userName, "=" );
|
||||
userName = StringUtils.substringBefore( userName, "," );
|
||||
log.debug( "found userName for group {}: '{}", group, userName );
|
||||
|
@ -333,11 +365,11 @@ public class DefaultLdapRoleMapper
|
|||
}
|
||||
catch ( LdapException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
}
|
||||
catch ( NamingException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
}
|
||||
|
||||
finally
|
||||
|
@ -346,32 +378,39 @@ public class DefaultLdapRoleMapper
|
|||
}
|
||||
}
|
||||
|
||||
private String getUserDnFromId(String userKey) {
|
||||
return new StringBuilder().append( this.userIdAttribute ).append( "=" ).append( userKey ).append( "," ).append(
|
||||
getBaseDn( ) ).toString();
|
||||
}
|
||||
|
||||
public List<String> getGroups( String username, DirContext context )
|
||||
throws MappingException
|
||||
{
|
||||
|
||||
List<String> userGroups = new ArrayList<String>();
|
||||
Set<String> userGroups = new HashSet<String>( );
|
||||
|
||||
NamingEnumeration<SearchResult> namingEnumeration = null;
|
||||
try
|
||||
{
|
||||
|
||||
SearchControls searchControls = new SearchControls();
|
||||
SearchControls searchControls = new SearchControls( );
|
||||
|
||||
searchControls.setDerefLinkFlag( true );
|
||||
searchControls.setSearchScope( SearchControls.SUBTREE_SCOPE );
|
||||
|
||||
|
||||
String groupEntry = null;
|
||||
try
|
||||
{
|
||||
//try to look the user up
|
||||
User user = userManager.findUser( username );
|
||||
if ( user instanceof LdapUser )
|
||||
if ( user != null && user instanceof LdapUser )
|
||||
{
|
||||
LdapUser ldapUser = LdapUser.class.cast( user );
|
||||
Attribute dnAttribute = ldapUser.getOriginalAttributes().get( getLdapDnAttribute() );
|
||||
LdapUser ldapUser = (LdapUser) user ;
|
||||
Attribute dnAttribute = ldapUser.getOriginalAttributes( ).get( getLdapDnAttribute( ) );
|
||||
if ( dnAttribute != null )
|
||||
{
|
||||
groupEntry = String.class.cast( dnAttribute.get() );
|
||||
groupEntry = dnAttribute.get( ).toString();
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -387,82 +426,47 @@ public class DefaultLdapRoleMapper
|
|||
if ( groupEntry == null )
|
||||
{
|
||||
//failed to look up the user's groupEntry directly
|
||||
StringBuilder builder = new StringBuilder();
|
||||
String posixGroup = "posixGroup";
|
||||
if ( posixGroup.equals( getLdapGroupClass() ) )
|
||||
|
||||
if ( this.useDnAsMemberValue )
|
||||
{
|
||||
builder.append( username );
|
||||
groupEntry = getUserDnFromId( username );
|
||||
}
|
||||
else
|
||||
{
|
||||
builder.append( this.userIdAttribute ).append( "=" ).append( username ).append( "," ).append(
|
||||
getBaseDn() );
|
||||
groupEntry = username;
|
||||
}
|
||||
groupEntry = builder.toString();
|
||||
}
|
||||
|
||||
String filter =
|
||||
new StringBuilder().append( "(&" ).append( "(objectClass=" + getLdapGroupClass() + ")" ).append(
|
||||
"(" ).append( getLdapGroupMember() ).append( "=" ).append( Rdn.escapeValue(groupEntry) ).append( ")" ).append(
|
||||
")" ).toString();
|
||||
new StringBuilder( ).append( "(&" ).append( "(objectClass=" + getLdapGroupClass( ) + ")" ).append(
|
||||
"(" ).append( getLdapGroupMemberAttribute( ) ).append( "=" ).append( Rdn.escapeValue( groupEntry ) ).append( ")" ).append(
|
||||
")" ).toString( );
|
||||
|
||||
log.debug( "filter: {}", filter );
|
||||
|
||||
namingEnumeration = context.search( getGroupsDn(), filter, searchControls );
|
||||
namingEnumeration = context.search( getGroupsDn( ), filter, searchControls );
|
||||
|
||||
while ( namingEnumeration.hasMore() )
|
||||
while ( namingEnumeration.hasMore( ) )
|
||||
{
|
||||
SearchResult searchResult = namingEnumeration.next();
|
||||
SearchResult groupSearchResult = namingEnumeration.next( );
|
||||
String groupName = getGroupNameFromResult( groupSearchResult );
|
||||
|
||||
List<String> allMembers = new ArrayList<String>();
|
||||
|
||||
Attribute uniqueMemberAttr = searchResult.getAttributes().get( getLdapGroupMember() );
|
||||
|
||||
if ( uniqueMemberAttr != null )
|
||||
{
|
||||
NamingEnumeration<String> allMembersEnum = (NamingEnumeration<String>) uniqueMemberAttr.getAll();
|
||||
while ( allMembersEnum.hasMore() )
|
||||
{
|
||||
|
||||
String userName = allMembersEnum.next();
|
||||
//the original dn
|
||||
allMembers.add( userName );
|
||||
// uid=blabla we only want bla bla
|
||||
userName = StringUtils.substringAfter( userName, "=" );
|
||||
userName = StringUtils.substringBefore( userName, "," );
|
||||
allMembers.add( userName );
|
||||
}
|
||||
close( allMembersEnum );
|
||||
}
|
||||
|
||||
if ( allMembers.contains( username ) )
|
||||
{
|
||||
String groupName = searchResult.getName();
|
||||
// cn=blabla we only want bla bla
|
||||
groupName = StringUtils.substringAfter( groupName, "=" );
|
||||
userGroups.add( groupName );
|
||||
|
||||
}
|
||||
else if ( allMembers.contains( groupEntry ) )
|
||||
{
|
||||
String groupName = searchResult.getName();
|
||||
// cn=blabla we only want bla bla
|
||||
groupName = StringUtils.substringAfter( groupName, "=" );
|
||||
if (StringUtils.isNotEmpty( groupName )) {
|
||||
userGroups.add( groupName );
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
return userGroups;
|
||||
return new ArrayList( userGroups );
|
||||
}
|
||||
catch ( LdapException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
}
|
||||
catch ( NamingException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
}
|
||||
finally
|
||||
{
|
||||
|
@ -475,9 +479,9 @@ public class DefaultLdapRoleMapper
|
|||
{
|
||||
List<String> groups = getGroups( username, context );
|
||||
|
||||
Map<String, Collection<String>> rolesMapping = ldapRoleMapperConfiguration.getLdapGroupMappings();
|
||||
Map<String, Collection<String>> rolesMapping = ldapRoleMapperConfiguration.getLdapGroupMappings( );
|
||||
|
||||
Set<String> roles = new HashSet<String>( groups.size() );
|
||||
Set<String> roles = new HashSet<String>( groups.size( ) );
|
||||
|
||||
for ( String group : groups )
|
||||
{
|
||||
|
@ -504,26 +508,26 @@ public class DefaultLdapRoleMapper
|
|||
{
|
||||
try
|
||||
{
|
||||
namingEnumeration.close();
|
||||
namingEnumeration.close( );
|
||||
}
|
||||
catch ( NamingException e )
|
||||
{
|
||||
log.warn( "fail to close namingEnumeration: {}", e.getMessage() );
|
||||
log.warn( "fail to close namingEnumeration: {}", e.getMessage( ) );
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public String getGroupsDn()
|
||||
public String getGroupsDn( )
|
||||
{
|
||||
return this.groupsDn;
|
||||
}
|
||||
|
||||
public String getLdapGroupClass()
|
||||
public String getLdapGroupClass( )
|
||||
{
|
||||
return this.ldapGroupClass;
|
||||
}
|
||||
|
||||
public String getLdapDnAttribute()
|
||||
public String getLdapDnAttribute( )
|
||||
{
|
||||
return this.dnAttr;
|
||||
}
|
||||
|
@ -564,16 +568,16 @@ public class DefaultLdapRoleMapper
|
|||
objectClass.add( "top" );
|
||||
objectClass.add( "groupOfUniqueNames" );
|
||||
attributes.put( objectClass );
|
||||
attributes.put( "cn", groupName );
|
||||
attributes.put( this.groupNameAttribute, groupName );
|
||||
|
||||
// attribute mandatory when created a group so add admin as default member
|
||||
BasicAttribute basicAttribute = new BasicAttribute( getLdapGroupMember() );
|
||||
basicAttribute.add( this.userIdAttribute + "=admin," + getBaseDn() );
|
||||
BasicAttribute basicAttribute = new BasicAttribute( getLdapGroupMemberAttribute( ) );
|
||||
basicAttribute.add( this.userIdAttribute + "=admin," + getBaseDn( ) );
|
||||
attributes.put( basicAttribute );
|
||||
|
||||
try
|
||||
{
|
||||
String dn = "cn=" + groupName + "," + this.groupsDn;
|
||||
String dn = this.groupNameAttribute + "=" + groupName + "," + this.groupsDn;
|
||||
|
||||
context.createSubcontext( dn, attributes );
|
||||
|
||||
|
@ -588,12 +592,12 @@ public class DefaultLdapRoleMapper
|
|||
}
|
||||
catch ( LdapException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
|
||||
}
|
||||
catch ( NamingException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -612,31 +616,31 @@ public class DefaultLdapRoleMapper
|
|||
NamingEnumeration<SearchResult> namingEnumeration = null;
|
||||
try
|
||||
{
|
||||
SearchControls searchControls = new SearchControls();
|
||||
SearchControls searchControls = new SearchControls( );
|
||||
|
||||
searchControls.setDerefLinkFlag( true );
|
||||
searchControls.setSearchScope( SearchControls.SUBTREE_SCOPE );
|
||||
|
||||
String filter = "objectClass=" + getLdapGroupClass();
|
||||
String filter = "objectClass=" + getLdapGroupClass( );
|
||||
|
||||
namingEnumeration = context.search( "cn=" + groupName + "," + getGroupsDn(), filter, searchControls );
|
||||
namingEnumeration = context.search( this.groupNameAttribute + "=" + groupName + "," + getGroupsDn( ), filter, searchControls );
|
||||
|
||||
while ( namingEnumeration.hasMore() )
|
||||
if ( namingEnumeration.hasMore() )
|
||||
{
|
||||
SearchResult searchResult = namingEnumeration.next();
|
||||
Attribute attribute = searchResult.getAttributes().get( getLdapGroupMember() );
|
||||
SearchResult searchResult = namingEnumeration.next( );
|
||||
Attribute attribute = searchResult.getAttributes( ).get( getLdapGroupMemberAttribute( ) );
|
||||
if ( attribute == null )
|
||||
{
|
||||
BasicAttribute basicAttribute = new BasicAttribute( getLdapGroupMember() );
|
||||
basicAttribute.add( this.userIdAttribute + "=" + username + "," + getBaseDn() );
|
||||
context.modifyAttributes( "cn=" + groupName + "," + getGroupsDn(), new ModificationItem[]{
|
||||
new ModificationItem( DirContext.ADD_ATTRIBUTE, basicAttribute ) } );
|
||||
BasicAttribute basicAttribute = new BasicAttribute( getLdapGroupMemberAttribute( ) );
|
||||
basicAttribute.add( this.userIdAttribute + "=" + username + "," + getBaseDn( ) );
|
||||
context.modifyAttributes( this.groupNameAttribute + "=" + groupName + "," + getGroupsDn( ), new ModificationItem[]{
|
||||
new ModificationItem( DirContext.ADD_ATTRIBUTE, basicAttribute )} );
|
||||
}
|
||||
else
|
||||
{
|
||||
attribute.add( this.userIdAttribute + "=" + username + "," + getBaseDn() );
|
||||
context.modifyAttributes( "cn=" + groupName + "," + getGroupsDn(), new ModificationItem[]{
|
||||
new ModificationItem( DirContext.REPLACE_ATTRIBUTE, attribute ) } );
|
||||
attribute.add( this.userIdAttribute + "=" + username + "," + getBaseDn( ) );
|
||||
context.modifyAttributes( this.groupNameAttribute + "=" + groupName + "," + getGroupsDn( ), new ModificationItem[]{
|
||||
new ModificationItem( DirContext.REPLACE_ATTRIBUTE, attribute )} );
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
@ -645,11 +649,11 @@ public class DefaultLdapRoleMapper
|
|||
}
|
||||
catch ( LdapException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
}
|
||||
catch ( NamingException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
}
|
||||
|
||||
finally
|
||||
|
@ -658,7 +662,7 @@ public class DefaultLdapRoleMapper
|
|||
{
|
||||
try
|
||||
{
|
||||
namingEnumeration.close();
|
||||
namingEnumeration.close( );
|
||||
}
|
||||
catch ( NamingException e )
|
||||
{
|
||||
|
@ -683,25 +687,25 @@ public class DefaultLdapRoleMapper
|
|||
try
|
||||
{
|
||||
|
||||
SearchControls searchControls = new SearchControls();
|
||||
SearchControls searchControls = new SearchControls( );
|
||||
|
||||
searchControls.setDerefLinkFlag( true );
|
||||
searchControls.setSearchScope( SearchControls.SUBTREE_SCOPE );
|
||||
|
||||
String filter = "objectClass=" + getLdapGroupClass();
|
||||
String filter = "objectClass=" + getLdapGroupClass( );
|
||||
|
||||
namingEnumeration = context.search( "cn=" + groupName + "," + getGroupsDn(), filter, searchControls );
|
||||
namingEnumeration = context.search( groupNameAttribute + "=" + groupName + "," + getGroupsDn( ), filter, searchControls );
|
||||
|
||||
while ( namingEnumeration.hasMore() )
|
||||
if ( namingEnumeration.hasMore() )
|
||||
{
|
||||
SearchResult searchResult = namingEnumeration.next();
|
||||
Attribute attribute = searchResult.getAttributes().get( getLdapGroupMember() );
|
||||
SearchResult searchResult = namingEnumeration.next( );
|
||||
Attribute attribute = searchResult.getAttributes( ).get( getLdapGroupMemberAttribute( ) );
|
||||
if ( attribute != null )
|
||||
{
|
||||
BasicAttribute basicAttribute = new BasicAttribute( getLdapGroupMember() );
|
||||
basicAttribute.add( this.userIdAttribute + "=" + username + "," + getGroupsDn() );
|
||||
context.modifyAttributes( "cn=" + groupName + "," + getGroupsDn(), new ModificationItem[]{
|
||||
new ModificationItem( DirContext.REMOVE_ATTRIBUTE, basicAttribute ) } );
|
||||
BasicAttribute basicAttribute = new BasicAttribute( getLdapGroupMemberAttribute( ) );
|
||||
basicAttribute.add( this.userIdAttribute + "=" + username + "," + getGroupsDn( ) );
|
||||
context.modifyAttributes( groupNameAttribute + "=" + groupName + "," + getGroupsDn( ), new ModificationItem[]{
|
||||
new ModificationItem( DirContext.REMOVE_ATTRIBUTE, basicAttribute )} );
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
@ -710,11 +714,11 @@ public class DefaultLdapRoleMapper
|
|||
}
|
||||
catch ( LdapException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
}
|
||||
catch ( NamingException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
}
|
||||
|
||||
finally
|
||||
|
@ -723,7 +727,7 @@ public class DefaultLdapRoleMapper
|
|||
{
|
||||
try
|
||||
{
|
||||
namingEnumeration.close();
|
||||
namingEnumeration.close( );
|
||||
}
|
||||
catch ( NamingException e )
|
||||
{
|
||||
|
@ -733,33 +737,58 @@ public class DefaultLdapRoleMapper
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
public void removeAllRoles( DirContext context )
|
||||
throws MappingException
|
||||
{
|
||||
//all mapped roles
|
||||
Collection<String> groups = ldapRoleMapperConfiguration.getLdapGroupMappings().keySet();
|
||||
Collection<String> groups = ldapRoleMapperConfiguration.getLdapGroupMappings( ).keySet( );
|
||||
|
||||
try
|
||||
{
|
||||
for ( String groupName : groups )
|
||||
{
|
||||
|
||||
String dn = "cn=" + groupName + "," + this.groupsDn;
|
||||
|
||||
context.unbind( dn );
|
||||
|
||||
log.debug( "deleted group with dn:'{}", dn );
|
||||
removeGroupByName( context, groupName );
|
||||
}
|
||||
|
||||
}
|
||||
catch ( LdapException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
|
||||
}
|
||||
catch ( NamingException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
}
|
||||
}
|
||||
|
||||
private void removeGroupByName( DirContext context, String groupName ) throws NamingException
|
||||
{
|
||||
NamingEnumeration<SearchResult> namingEnumeration = null;
|
||||
try
|
||||
{
|
||||
SearchControls searchControls = new SearchControls( );
|
||||
|
||||
searchControls.setDerefLinkFlag( true );
|
||||
searchControls.setSearchScope( SearchControls.SUBTREE_SCOPE );
|
||||
String filter = "(&(objectClass=" + getLdapGroupClass( ) + ")(" + groupNameAttribute + "=" + Rdn.escapeValue( groupName ) + "))";
|
||||
// String filter = "(&(objectClass=" + getLdapGroupClass( ) + "))";
|
||||
namingEnumeration = context.search( getGroupsDn( ), filter, searchControls );
|
||||
|
||||
// We delete only the first found group
|
||||
if ( namingEnumeration != null && namingEnumeration.hasMore( ) )
|
||||
{
|
||||
SearchResult result = namingEnumeration.next( );
|
||||
String dn = result.getNameInNamespace( );
|
||||
context.unbind( new LdapName( dn ) );
|
||||
log.debug( "Deleted group with dn:'{}", dn );
|
||||
}
|
||||
}
|
||||
finally
|
||||
{
|
||||
closeNamingEnumeration( namingEnumeration );
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -768,25 +797,24 @@ public class DefaultLdapRoleMapper
|
|||
{
|
||||
|
||||
String groupName = findGroupName( roleName );
|
||||
|
||||
if (StringUtils.isEmpty( groupName )) {
|
||||
log.warn( "No group for the given role found: role={}", roleName );
|
||||
return;
|
||||
}
|
||||
try
|
||||
{
|
||||
|
||||
String dn = "cn=" + groupName + "," + this.groupsDn;
|
||||
|
||||
context.unbind( dn );
|
||||
|
||||
log.info( "deleted group with dn:'{}", dn );
|
||||
removeGroupByName( context, groupName );
|
||||
|
||||
}
|
||||
catch ( LdapException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
|
||||
}
|
||||
catch ( NamingException e )
|
||||
{
|
||||
throw new MappingException( e.getMessage(), e );
|
||||
throw new MappingException( e.getMessage( ), e );
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -819,7 +847,7 @@ public class DefaultLdapRoleMapper
|
|||
this.ldapConnectionFactory = ldapConnectionFactory;
|
||||
}
|
||||
|
||||
public String getBaseDn()
|
||||
public String getBaseDn( )
|
||||
{
|
||||
return baseDn;
|
||||
}
|
||||
|
@ -829,14 +857,14 @@ public class DefaultLdapRoleMapper
|
|||
this.baseDn = baseDn;
|
||||
}
|
||||
|
||||
public String getLdapGroupMember()
|
||||
public String getLdapGroupMemberAttribute( )
|
||||
{
|
||||
return ldapGroupMember;
|
||||
return ldapGroupMemberAttribute;
|
||||
}
|
||||
|
||||
public void setLdapGroupMember( String ldapGroupMember )
|
||||
public void setLdapGroupMemberAttribute( String ldapGroupMemberAttribute )
|
||||
{
|
||||
this.ldapGroupMember = ldapGroupMember;
|
||||
this.ldapGroupMemberAttribute = ldapGroupMemberAttribute;
|
||||
}
|
||||
|
||||
//-------------------
|
||||
|
@ -846,20 +874,20 @@ public class DefaultLdapRoleMapper
|
|||
protected String findGroupName( String role )
|
||||
throws MappingException
|
||||
{
|
||||
Map<String, Collection<String>> mapping = ldapRoleMapperConfiguration.getLdapGroupMappings();
|
||||
Map<String, Collection<String>> mapping = ldapRoleMapperConfiguration.getLdapGroupMappings( );
|
||||
|
||||
for ( Map.Entry<String, Collection<String>> entry : mapping.entrySet() )
|
||||
for ( Map.Entry<String, Collection<String>> entry : mapping.entrySet( ) )
|
||||
{
|
||||
if ( entry.getValue().contains( role ) )
|
||||
if ( entry.getValue( ).contains( role ) )
|
||||
{
|
||||
return entry.getKey();
|
||||
return entry.getKey( );
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
public String getUserIdAttribute()
|
||||
public String getUserIdAttribute( )
|
||||
{
|
||||
return userIdAttribute;
|
||||
}
|
||||
|
@ -869,7 +897,7 @@ public class DefaultLdapRoleMapper
|
|||
this.userIdAttribute = userIdAttribute;
|
||||
}
|
||||
|
||||
public boolean isUseDefaultRoleName()
|
||||
public boolean isUseDefaultRoleName( )
|
||||
{
|
||||
return useDefaultRoleName;
|
||||
}
|
||||
|
|
|
@ -88,7 +88,7 @@ public class TestLdapRoleMapper
|
|||
LdapConnectionFactory ldapConnectionFactory;
|
||||
|
||||
List<String> roleNames =
|
||||
Arrays.asList( "Archiva System Administrator", "Internal Repo Manager", "Internal Repo Observer" );
|
||||
Arrays.asList( "Archiva System Administrator", "Internal Repo Manager", "Internal Repo Observer", "Ldap Group Test Role" );
|
||||
|
||||
LdapConnection ldapConnection;
|
||||
|
||||
|
@ -109,6 +109,7 @@ public class TestLdapRoleMapper
|
|||
usersPerGroup.put( "internal-repo-manager", Arrays.asList( "admin", "user.9" ) );
|
||||
usersPerGroup.put( "internal-repo-observer", Arrays.asList( "admin", "user.7", "user.8" ) );
|
||||
usersPerGroup.put( "archiva-admin", Arrays.asList( "admin", "user.7" ) );
|
||||
usersPerGroup.put( "archiva/group-with-slash", Arrays.asList( "user.8", "user.9" ) );
|
||||
|
||||
users = new ArrayList<String>( 4 );
|
||||
users.add( "admin" );
|
||||
|
@ -161,7 +162,12 @@ public class TestLdapRoleMapper
|
|||
|
||||
for ( Map.Entry<String, List<String>> group : usersPerGroup.entrySet() )
|
||||
{
|
||||
context.unbind( createGroupDn( group.getKey() ) );
|
||||
try
|
||||
{
|
||||
context.unbind( createGroupDn( group.getKey( ) ) );
|
||||
} catch (Exception ex) {
|
||||
// Ignore
|
||||
}
|
||||
}
|
||||
|
||||
context.unbind( suffix );
|
||||
|
@ -298,7 +304,7 @@ public class TestLdapRoleMapper
|
|||
|
||||
log.info( "allGroups: {}", allGroups );
|
||||
|
||||
assertThat( allGroups ).isNotNull().isNotEmpty().contains( "archiva-admin",
|
||||
assertThat( allGroups ).isNotNull().isNotEmpty().contains( "archiva/group-with-slash", "archiva-admin",
|
||||
"internal-repo-manager" );
|
||||
}
|
||||
|
||||
|
@ -331,7 +337,7 @@ public class TestLdapRoleMapper
|
|||
|
||||
groups = ldapRoleMapper.getGroups( "user.8", getDirContext() );
|
||||
|
||||
assertThat( groups ).isNotNull().isNotEmpty().hasSize( 1 ).contains( "internal-repo-observer" );
|
||||
assertThat( groups ).isNotNull().isNotEmpty().hasSize( 2 ).contains( "internal-repo-observer", "archiva/group-with-slash" );
|
||||
|
||||
groups = ldapRoleMapper.getGroups( "user.7", getDirContext() );
|
||||
|
||||
|
@ -362,7 +368,7 @@ public class TestLdapRoleMapper
|
|||
|
||||
log.info( "roles for user.8: {}", roles );
|
||||
|
||||
assertThat( roles ).isNotNull().isNotEmpty().hasSize( 1 ).contains( "Internal Repo Observer" );
|
||||
assertThat( roles ).isNotNull().isNotEmpty().hasSize( 2 ).contains( "Internal Repo Observer" );
|
||||
|
||||
}
|
||||
|
||||
|
@ -380,5 +386,19 @@ public class TestLdapRoleMapper
|
|||
assertFalse( ldapRoleMapper.hasRole( getDirContext(), "Australian wine is good but not as French! " ) );
|
||||
}
|
||||
|
||||
@Test
|
||||
public void removeRole() throws Exception
|
||||
{
|
||||
assertTrue( ldapRoleMapper.getAllGroups( getDirContext( ) ).contains( "archiva-admin" ) );
|
||||
ldapRoleMapper.removeRole( "Archiva System Administrator", getDirContext() );
|
||||
assertFalse( ldapRoleMapper.getAllGroups( getDirContext( ) ).contains( "archiva-admin" ) );
|
||||
}
|
||||
|
||||
@Test
|
||||
public void removeAllRoles() throws Exception
|
||||
{
|
||||
assertEquals( 4, ldapRoleMapper.getAllGroups( getDirContext( ) ).size() );
|
||||
ldapRoleMapper.removeAllRoles( getDirContext() );
|
||||
assertEquals( 0, ldapRoleMapper.getAllGroups( getDirContext( ) ).size() );
|
||||
}
|
||||
}
|
||||
|
|
|
@ -16,4 +16,5 @@
|
|||
# under the License.
|
||||
ldap.config.groups.role.archiva-admin=Archiva System Administrator
|
||||
ldap.config.groups.role.internal-repo-manager=Internal Repo Manager
|
||||
ldap.config.groups.role.internal-repo-observer=Internal Repo Observer
|
||||
ldap.config.groups.role.internal-repo-observer=Internal Repo Observer
|
||||
ldap.config.groups.role.archiva/group-with-slash=Ldap Group Test Role
|
|
@ -22,7 +22,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-common</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-common-test-resources</artifactId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-configuration</artifactId>
|
||||
|
|
|
@ -92,10 +92,14 @@ public interface UserConfigurationKeys
|
|||
|
||||
String LDAP_GROUPS_USE_ROLENAME = "ldap.config.groups.use.rolename";
|
||||
|
||||
String LDAP_GROUPS_USE_DN_AS_MEMBER_VALUE = "ldap.config.groups.useDnAsMemberValue";
|
||||
|
||||
String LDAP_WRITABLE = "ldap.config.writable";
|
||||
|
||||
String LDAP_USER_ID_ATTRIBUTE = "ldap.config.user.attribute";
|
||||
|
||||
String LDAP_GROUP_NAME_ATTRIBUTE = "ldap.config.groups.name.attribute";
|
||||
|
||||
String APPLICATION_URL = "application.url";
|
||||
|
||||
String EMAIL_URL_PATH = "email.url.path";
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<artifactId>redback</artifactId>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-data-management</artifactId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-features</artifactId>
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
<artifactId>redback-integrations</artifactId>
|
||||
<name>Redback :: Integrations</name>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-integrations</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-common-integrations</artifactId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<artifactId>redback-integrations</artifactId>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-integrations-security</artifactId>
|
||||
|
|
|
@ -27,46 +27,46 @@ package org.apache.archiva.redback.integration.security.role;
|
|||
*/
|
||||
public interface RedbackRoleConstants
|
||||
{
|
||||
public static final String ADMINISTRATOR_ACCOUNT_NAME = "admin";
|
||||
String ADMINISTRATOR_ACCOUNT_NAME = "admin";
|
||||
|
||||
// roles
|
||||
public static final String SYSTEM_ADMINISTRATOR_ROLE = "System Administrator";
|
||||
String SYSTEM_ADMINISTRATOR_ROLE = "System Administrator";
|
||||
|
||||
public static final String USER_ADMINISTRATOR_ROLE = "User Administrator";
|
||||
String USER_ADMINISTRATOR_ROLE = "User Administrator";
|
||||
|
||||
public static final String REGISTERED_USER_ROLE = "Registered User";
|
||||
String REGISTERED_USER_ROLE = "Registered User";
|
||||
|
||||
/**
|
||||
* @since 1.4
|
||||
*/
|
||||
public static final String REGISTERED_USER_ROLE_ID = "registered-user";
|
||||
String REGISTERED_USER_ROLE_ID = "registered-user";
|
||||
|
||||
public static final String GUEST_ROLE = "Guest";
|
||||
String GUEST_ROLE = "Guest";
|
||||
|
||||
// guest access operation
|
||||
public static final String GUEST_ACCESS_OPERATION = "guest-access";
|
||||
String GUEST_ACCESS_OPERATION = "guest-access";
|
||||
|
||||
// operations against configuration
|
||||
public static final String CONFIGURATION_EDIT_OPERATION = "configuration-edit";
|
||||
String CONFIGURATION_EDIT_OPERATION = "configuration-edit";
|
||||
|
||||
// operations against user
|
||||
public static final String USER_MANAGEMENT_USER_CREATE_OPERATION = "user-management-user-create";
|
||||
String USER_MANAGEMENT_USER_CREATE_OPERATION = "user-management-user-create";
|
||||
|
||||
public static final String USER_MANAGEMENT_USER_EDIT_OPERATION = "user-management-user-edit";
|
||||
String USER_MANAGEMENT_USER_EDIT_OPERATION = "user-management-user-edit";
|
||||
|
||||
public static final String USER_MANAGEMENT_USER_ROLE_OPERATION = "user-management-user-role";
|
||||
String USER_MANAGEMENT_USER_ROLE_OPERATION = "user-management-user-role";
|
||||
|
||||
public static final String USER_MANAGEMENT_USER_DELETE_OPERATION = "user-management-user-delete";
|
||||
String USER_MANAGEMENT_USER_DELETE_OPERATION = "user-management-user-delete";
|
||||
|
||||
public static final String USER_MANAGEMENT_USER_LIST_OPERATION = "user-management-user-list";
|
||||
String USER_MANAGEMENT_USER_LIST_OPERATION = "user-management-user-list";
|
||||
|
||||
// operations against user assignment.
|
||||
public static final String USER_MANAGEMENT_ROLE_GRANT_OPERATION = "user-management-role-grant";
|
||||
String USER_MANAGEMENT_ROLE_GRANT_OPERATION = "user-management-role-grant";
|
||||
|
||||
public static final String USER_MANAGEMENT_ROLE_DROP_OPERATION = "user-management-role-drop";
|
||||
String USER_MANAGEMENT_ROLE_DROP_OPERATION = "user-management-role-drop";
|
||||
|
||||
// operations against rbac objects.
|
||||
public static final String USER_MANAGEMENT_RBAC_ADMIN_OPERATION = "user-management-rbac-admin";
|
||||
String USER_MANAGEMENT_RBAC_ADMIN_OPERATION = "user-management-rbac-admin";
|
||||
|
||||
public static final String USER_MANAGEMENT_MANAGE_DATA = "user-management-manage-data";
|
||||
String USER_MANAGEMENT_MANAGE_DATA = "user-management-manage-data";
|
||||
}
|
||||
|
|
|
@ -21,7 +21,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-integrations</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<artifactId>redback-rest</artifactId>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-rest-api</artifactId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<artifactId>redback-rest</artifactId>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-rest-services</artifactId>
|
||||
|
|
|
@ -72,6 +72,7 @@ import javax.ws.rs.core.Response;
|
|||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
|
@ -372,6 +373,27 @@ public class DefaultUserService
|
|||
public Boolean updateUser( User user )
|
||||
throws RedbackServiceException
|
||||
{
|
||||
|
||||
// check username == one in the session
|
||||
RedbackRequestInformation redbackRequestInformation = RedbackAuthenticationThreadLocal.get();
|
||||
if ( redbackRequestInformation == null || redbackRequestInformation.getUser() == null )
|
||||
{
|
||||
log.warn( "RedbackRequestInformation from ThreadLocal is null" );
|
||||
throw new RedbackServiceException( new ErrorMessage( "you must be logged to update your profile" ),
|
||||
Response.Status.FORBIDDEN.getStatusCode() );
|
||||
}
|
||||
if ( user == null )
|
||||
{
|
||||
throw new RedbackServiceException( new ErrorMessage( "user parameter is mandatory" ),
|
||||
Response.Status.BAD_REQUEST.getStatusCode() );
|
||||
}
|
||||
if ( !StringUtils.equals( redbackRequestInformation.getUser().getUsername(), user.getUsername() )
|
||||
&& !StringUtils.equals( redbackRequestInformation.getUser().getUsername(), RedbackRoleConstants.ADMINISTRATOR_ACCOUNT_NAME) )
|
||||
{
|
||||
throw new RedbackServiceException( new ErrorMessage( "you can update only your profile" ),
|
||||
Response.Status.FORBIDDEN.getStatusCode() );
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
org.apache.archiva.redback.users.User rawUser = userManager.findUser( user.getUsername(), false );
|
||||
|
@ -587,7 +609,7 @@ public class DefaultUserService
|
|||
applicationUrl = getBaseUrl();
|
||||
}
|
||||
|
||||
mailer.sendPasswordResetEmail( Arrays.asList( user.getEmail() ), authkey, applicationUrl );
|
||||
mailer.sendPasswordResetEmail( Collections.singletonList( user.getEmail() ), authkey, applicationUrl );
|
||||
log.info( "password reset request for username {}", username );
|
||||
}
|
||||
catch ( UserNotFoundException e )
|
||||
|
@ -679,7 +701,7 @@ public class DefaultUserService
|
|||
|
||||
log.debug( "register user {} with email {} and app url {}", u.getUsername(), u.getEmail(), baseUrl );
|
||||
|
||||
mailer.sendAccountValidationEmail( Arrays.asList( u.getEmail() ), authkey, baseUrl );
|
||||
mailer.sendAccountValidationEmail( Collections.singletonList( u.getEmail() ), authkey, baseUrl );
|
||||
|
||||
securityPolicy.setEnabled( false );
|
||||
userManager.addUser( u );
|
||||
|
|
|
@ -94,8 +94,6 @@ public class RoleManagementServiceTest
|
|||
catch ( ForbiddenException e )
|
||||
{
|
||||
assertEquals( 403, e.getResponse().getStatus() );
|
||||
|
||||
|
||||
}
|
||||
|
||||
// assign the role and retry
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
<artifactId>redback-keys</artifactId>
|
||||
<name>Redback :: Key Management</name>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-authentication-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
<relativePath>../../redback-authentication/redback-authentication-providers/pom.xml</relativePath>
|
||||
</parent>
|
||||
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-keys</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-keys-api</artifactId>
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-keys</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
<artifactId>redback-keys-providers</artifactId>
|
||||
<name>Redback :: Key Management Providers</name>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-keys-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-keys-cached</artifactId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-keys-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-keys-jdo</artifactId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-keys-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-keys-memory</artifactId>
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-keys</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
<artifactId>redback-keys-tests</artifactId>
|
||||
<name>Redback :: Key Management Test Harness</name>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-policy</artifactId>
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
<artifactId>redback-rbac</artifactId>
|
||||
<name>Redback :: Role Based Access Control</name>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-rbac</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-rbac-model</artifactId>
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-rbac</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
<artifactId>redback-rbac-providers</artifactId>
|
||||
<name>Redback :: RBAC Providers</name>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-rbac-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-rbac-cached</artifactId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-rbac-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-rbac-jdo</artifactId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-rbac-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-rbac-ldap</artifactId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-rbac-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-rbac-memory</artifactId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-rbac</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-rbac-role-manager</artifactId>
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-rbac</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
<artifactId>redback-rbac-tests</artifactId>
|
||||
<name>Redback :: RBAC Test Framework</name>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-system</artifactId>
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
<artifactId>redback-users</artifactId>
|
||||
<name>Redback :: User Management</name>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-users</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-users-api</artifactId>
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-users</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
<artifactId>redback-users-providers</artifactId>
|
||||
<name>Redback :: Users Providers</name>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-users-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-users-cached</artifactId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-users-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-users-configurable</artifactId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-users-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-users-jdo</artifactId>
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-users-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-users-ldap</artifactId>
|
||||
|
|
|
@ -19,6 +19,7 @@ package org.apache.archiva.redback.users.ldap;
|
|||
* under the License.
|
||||
*/
|
||||
|
||||
import org.apache.archiva.redback.common.ldap.LdapUtils;
|
||||
import org.apache.archiva.redback.common.ldap.user.UserMapper;
|
||||
import org.apache.archiva.redback.users.AbstractUserQuery;
|
||||
|
||||
|
@ -49,13 +50,13 @@ public class LdapUserQuery
|
|||
String filter = "";
|
||||
if (this.getEmail() != null )
|
||||
{
|
||||
filter += "(" + mapper.getEmailAddressAttribute() + "=" + this.getEmail() + ")";
|
||||
filter += "(" + mapper.getEmailAddressAttribute() + "=" + LdapUtils.encodeFilterValue( this.getEmail() ) + ")";
|
||||
}
|
||||
if ( this.getFullName() != null )
|
||||
{
|
||||
filter += "(" + mapper.getUserFullNameAttribute() + "=" + this.getFullName() + ")";
|
||||
filter += "(" + mapper.getUserFullNameAttribute() + "=" + LdapUtils.encodeFilterValue( this.getFullName() ) + ")";
|
||||
}
|
||||
filter += "(" + mapper.getUserIdAttribute() + "=" + ( this.getUsername() != null ? this.getUsername() : "*" ) + ")";
|
||||
filter += "(" + mapper.getUserIdAttribute() + "=" + ( this.getUsername() != null ? LdapUtils.encodeFilterValue( this.getUsername() ) : "*" ) + ")";
|
||||
|
||||
return filter;
|
||||
}
|
||||
|
|
|
@ -234,6 +234,21 @@ public class LdapUserManagerTest
|
|||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testUserWithInvalidChars()
|
||||
throws Exception
|
||||
{
|
||||
try
|
||||
{
|
||||
userManager.findUser( "jesse)(mail=jesse@apache.org" );
|
||||
fail( "UserNotFoundException should be thrown, if invalid filter chars are in the username" );
|
||||
}
|
||||
catch ( UserNotFoundException e )
|
||||
{
|
||||
// cool it works !
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testWithManyUsers()
|
||||
throws Exception
|
||||
|
|
|
@ -24,7 +24,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-users-providers</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
|
||||
<artifactId>redback-users-memory</artifactId>
|
||||
|
|
|
@ -22,7 +22,7 @@
|
|||
<parent>
|
||||
<groupId>org.apache.archiva.redback</groupId>
|
||||
<artifactId>redback-users</artifactId>
|
||||
<version>2.6</version>
|
||||
<version>2.6.3-SNAPSHOT</version>
|
||||
</parent>
|
||||
<artifactId>redback-users-tests</artifactId>
|
||||
<name>Redback :: User Tests</name>
|
||||
|
|
Loading…
Reference in New Issue