taylor 2002/12/09 12:24:09
Modified: build build.xml
src/java/org/apache/jetspeed/om/security/ldap
BaseLDAPObject.java LDAPGroup.java
LDAPPermission.java LDAPRole.java LDAPUser.java
src/java/org/apache/jetspeed/services JetspeedLDAP.java
src/java/org/apache/jetspeed/services/ldap Connector.java
LDAPService.java LDAPURL.java
src/java/org/apache/jetspeed/services/security/ldap
LDAPAuthentication.java LDAPGroupManagement.java
LDAPPermissionManagement.java
LDAPRoleManagement.java LDAPUserManagement.java
UnixCrypt.java
src/java/org/apache/jetspeed/util Base64.java
src/ldap jetspeed.ldif jetspeed.schema
webapp/WEB-INF/conf JetspeedSecurity.properties
webapp/WEB-INF/db jetspeed.properties jetspeed.script
Added: src/ldap LDAP-JetspeedSecurity.properties ldap-notes.txt
Log:
LDAP implementation for release. Not quite perfect, may need a few more tweaks
before the end of the day.
Sami Leino has done a lot of cleanup, coding additions and testing. Thanks Sami
Revision Changes Path
1.174 +46 -0 jakarta-jetspeed/build/build.xml
Index: build.xml
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/build/build.xml,v
retrieving revision 1.173
retrieving revision 1.174
diff -u -r1.173 -r1.174
--- build.xml 23 Nov 2002 11:49:43 -0000 1.173
+++ build.xml 9 Dec 2002 20:24:08 -0000 1.174
@@ -1099,6 +1099,52 @@
</junit>
</target>
+ <target name="unittest-security-ldap" depends="compile"
+ description="LDAP security unit test">
+ <copy file="${webapp.dir}/WEB-INF/conf/JetspeedSecurity.properties"
tofile="${webapp.dir}/WEB-INF/conf/JetspeedSecurity.temp" overwrite="yes"/>
+ <java fork="yes"
classname="org.apache.jetspeed.util.OverwriteProperties" dir=".">
+ <classpath>
+ <pathelement location="${build.dest.dir}"/>
+ <path refid="classpath"/>
+ <pathelement location="${junit.jar}"/>
+ <pathelement location="${hsql.jar}"/>
+ </classpath>
+ <sysproperty key="DEBUG" value="true"/>
+ <arg
value="${webapp.dir}/WEB-INF/conf/JetspeedSecurity.properties"/>
+ <arg value="./src/ldap/LDAP-JetspeedSecurity.properties"/>
+ <arg value="${webapp.dir}/WEB-INF/conf/"/>
+ </java>
+ <!-- Run the tests -->
+ <antcall target="unittest-security-user"/>
+
+ <!-- restore it -->
+<!-- <copy file="${webapp.dir}/WEB-INF/conf/JetspeedSecurity.temp"
tofile="${webapp.dir}/WEB-INF/conf/JetspeedSecurity.properties" overwrite="yes"/>
+-->
+
+ </target>
+
+ <target name="x"
+ description="LDAP security unit test">
+ <copy file="${webapp.dir}/WEB-INF/conf/JetspeedSecurity.properties"
tofile="${webapp.dir}/WEB-INF/conf/JetspeedSecurity.temp" overwrite="yes"/>
+ <java fork="yes"
classname="org.apache.jetspeed.util.OverwriteProperties" dir=".">
+ <classpath>
+ <pathelement location="${build.dest.dir}"/>
+ <path refid="classpath"/>
+ <pathelement location="${junit.jar}"/>
+ <pathelement location="${hsql.jar}"/>
+ </classpath>
+ <sysproperty key="DEBUG" value="true"/>
+ <arg
value="${webapp.dir}/WEB-INF/conf/JetspeedSecurity.properties"/>
+ <arg value="./src/ldap/LDAP-JetspeedSecurity.properties"/>
+ <arg value="${webapp.dir}/WEB-INF/conf/"/>
+ </java>
+
+ <!-- restore it -->
+<!-- <copy file="${webapp.dir}/WEB-INF/conf/JetspeedSecurity.temp"
tofile="${webapp.dir}/WEB-INF/conf/JetspeedSecurity.properties" overwrite="yes"/>
+-->
+
+ </target>
+
<!-- =================================================================== -->
<!-- Run the client JUnit test cases (non-cactus) -->
<!-- =================================================================== -->
1.3 +414 -256
jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/ldap/BaseLDAPObject.java
Index: BaseLDAPObject.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/ldap/BaseLDAPObject.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- BaseLDAPObject.java 8 Dec 2002 19:33:52 -0000 1.2
+++ BaseLDAPObject.java 9 Dec 2002 20:24:08 -0000 1.3
@@ -72,366 +72,524 @@
public class BaseLDAPObject implements DirContext
{
- protected LDAPURL ldapurl;
- protected boolean updated = false;
- protected String Name;
- protected String Id;
- protected Attributes myAttrs;
- protected boolean isNew = false;
- protected BasicAttributes rmAttrs= new BasicAttributes();
- /**
- * Updated Function
- *
- * Return State of updated property
- *
- * @return boolean updated property value
- */
- public boolean getupdated(){
- return this.updated;
- }
- /**
- * ID Function
- *
- * Return Value of ID property
- *
- * @return String ID property value
- */
- public String getId() {
- return Id;
- }
- /**
- * ID Function
- *
- * Set Value of ID property
- *
- * @param Id ID property value
- */
- public void setId(String Id) {
- this.Id = Id;
- }
- public String getName() {
- return Name;
- }
- public void setName(String Name) {
-// throw new java.lang.UnsupportedOperationException();
- }
- public LDAPURL getldapurl(){
- return ldapurl;
- }
- public boolean getIsNew() {
- return isNew;
- }
+ protected LDAPURL ldapurl;
+ protected boolean updated = false;
+ protected String name;
+ protected String Id;
+ protected Attributes myAttrs;
+ protected boolean isNew = false;
+ protected BasicAttributes rmAttrs = new BasicAttributes();
+
+ /**
+ * <p>Set's the objectClass for this object.</p>
+ *
+ */
+ public void setObjectClass(String name)
+ {
+ Attribute oc = new BasicAttribute("objectclass");
+ oc.add(name);
+ myAttrs.put(oc);
+ }
+
+ /**
+ * <p>Set's multiple objectClasses for this object.</p>
+ *
+ */
+ public void setObjectClasses(String[] names)
+ {
+ Attribute oc = new BasicAttribute("objectclass");
+ for (int i=0; i < names.length; i++)
+ {
+ oc.add(names[i]);
+ }
+ myAttrs.put(oc);
+ }
+
+ /**
+ * Updated Function
+ *
+ * Return State of updated property
+ *
+ * @return boolean updated property value
+ */
+ public boolean getupdated()
+ {
+ return this.updated;
+ }
+
+ /**
+ * ID Function
+ *
+ * Return Value of ID property
+ *
+ * @return String ID property value
+ */
+ public String getId()
+ {
+ return Id;
+ }
+
+ /**
+ * ID Function
+ *
+ * Set Value of ID property
+ *
+ * @param Id ID property value
+ */
+ public void setId(String Id)
+ {
+ this.Id = Id;
+ }
+
+ public String getName()
+ {
+ return name;
+ }
+
+ public void setName(String name)
+ {
+// throw new java.lang.UnsupportedOperationException();
+ }
+
+ public LDAPURL getldapurl()
+ {
+ return ldapurl;
+ }
+
+ public void setLdapUrl(LDAPURL url)
+ {
+ ldapurl = url;
+ }
+
+ public boolean isNew()
+ {
+ return isNew;
+ }
//UTIL Funcs
- protected void removeutil(String field,boolean updatable){
- myAttrs.remove(field);
- if (updatable){
- rmAttrs.remove(field);
- }
- }
- protected void setutil(String field, String value){
- myAttrs.remove(field);
- myAttrs.put(field,value);
- updated = true;
- }
- protected void setutil(String field, Vector value){
- myAttrs.remove(field);
- for(Enumeration enum = value.elements(); enum.hasMoreElements();)
- {
- myAttrs.put(field,(String)enum.nextElement());
- }
- updated = true;
- }
- protected String getutil(String field){
- if (myAttrs.get(field) == null){
- return new String("");
- }
- else {
- try{
- return myAttrs.get(field).getAll().next().toString();
- } catch (NamingException e) {
- return new String("");
- }
- }
- }
- protected Vector getutil(String field,boolean empty){
- Vector values= null;
- String temp;
- if (empty){
- values =new Vector();
- }
-
- if (!(myAttrs.get(field) == null)){
- try{
- for(NamingEnumeration enum = myAttrs.get(field).getAll(); enum.hasMore(); )
+ protected void removeutil(String field, boolean updatable)
+ {
+ myAttrs.remove(field);
+
+ if (updatable)
+ {
+ rmAttrs.remove(field);
+ }
+ }
+ protected void setutil(String field, String value)
+ {
+ myAttrs.remove(field);
+ myAttrs.put(field, value);
+ updated = true;
+ }
+
+ protected void setutil(String field, Vector value)
+ {
+ myAttrs.remove(field);
+ for(Enumeration enum = value.elements(); enum.hasMoreElements();)
{
- temp= (String)enum.nextElement();
- if (null!= temp){
- values.add(temp);
- }
+ myAttrs.put(field, (String)enum.nextElement());
}
- } catch (NamingException e) {
- }
+ updated = true;
+ }
+
+ protected void setutil(String field, Object value)
+ {
+ myAttrs.remove(field);
+ myAttrs.put(field, value);
+ updated = true;
}
- return values;
- }
- public Attributes getAttributes(String name) throws NamingException {
- if (! name.equals("")) {
- throw new NameNotFoundException();
- }
- return myAttrs;
- }
-
- public Attributes getAttributes(Name name) throws NamingException {
- return getAttributes(name.toString());
- }
-
- public Attributes getAttributes(String name, String[] ids)
- throws NamingException {
- if (! name.equals("")) {
- throw new NameNotFoundException();
- }
-
- Attributes answer = new BasicAttributes(true);
- Attribute target;
- for (int i = 0; i < ids.length; i++) {
- target = myAttrs.get(ids[i]);
- if (target != null) {
- answer.put(target);
+
+ protected String getutil(String field)
+ {
+ if (myAttrs.get(field) == null)
+ {
+ return new String("");
+ }
+ else
+ {
+ try
+ {
+ return myAttrs.get(field).getAll().next().toString();
+ }
+ catch (NamingException e)
+ {
+ return new String("");
+ }
}
}
- return answer;
+
+ protected Vector getutil(String field,boolean empty)
+ {
+ Vector values= null;
+ String temp;
+ if (empty)
+ {
+ values = new Vector();
+ }
+
+ if (!(myAttrs.get(field) == null))
+ {
+ try
+ {
+ for(NamingEnumeration enum = myAttrs.get(field).getAll();
enum.hasMore(); )
+ {
+ temp= (String)enum.nextElement();
+ if (null != temp)
+ {
+ values.add(temp);
+ }
+ }
+ }
+ catch (NamingException e)
+ {
+ }
+ }
+ return values;
}
- public Attributes getAttributes(Name name, String[] ids)
- throws NamingException {
- return getAttributes(name.toString(), ids);
+ public Attributes getAttributes(String name) throws NamingException
+ {
+ if (! name.equals(""))
+ {
+ throw new NameNotFoundException();
+ }
+
+ return myAttrs;
}
- public String toString() {
- return ldapurl.getUrl();
+ public Attributes getAttributes(Name name) throws NamingException
+ {
+ return getAttributes(name.toString());
+ }
+
+ public Attributes getAttributes(String name, String[] ids) throws
NamingException
+ {
+ if (!name.equals(""))
+ {
+ throw new NameNotFoundException();
+ }
+
+ Attributes answer = new BasicAttributes(true);
+ Attribute target;
+
+ for (int i = 0; i < ids.length; i++)
+ {
+ target = myAttrs.get(ids[i]);
+ if (target != null)
+ {
+ answer.put(target);
+ }
+ }
+ return answer;
+ }
+
+ public Attributes getAttributes(Name name, String[] ids) throws NamingException
+ {
+ return getAttributes(name.toString(), ids);
+ }
+
+ public String toString()
+ {
+ return ldapurl.getUrl();
}
// not used for this example
- public Object lookup(Name name) throws NamingException {
- throw new OperationNotSupportedException();
+ public Object lookup(Name name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public String getNameInNamespace() throws NamingException {
- throw new OperationNotSupportedException();
+
+ public String getNameInNamespace() throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public Object lookup(String name) throws NamingException {
- throw new OperationNotSupportedException();
+
+ public Object lookup(String name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public void bind(Name name, Object obj) throws NamingException {
- throw new OperationNotSupportedException();
+ public void bind(Name name, Object obj) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public void bind(String name, Object obj) throws NamingException {
- throw new OperationNotSupportedException();
+ public void bind(String name, Object obj) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public void rebind(Name name, Object obj) throws NamingException {
- throw new OperationNotSupportedException();
+ public void rebind(Name name, Object obj) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public void rebind(String name, Object obj) throws NamingException {
- throw new OperationNotSupportedException();
+ public void rebind(String name, Object obj) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public void unbind(Name name) throws NamingException {
- throw new OperationNotSupportedException();
+ public void unbind(Name name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public void unbind(String name) throws NamingException {
- throw new OperationNotSupportedException();
+ public void unbind(String name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public void rename(Name oldName, Name newName) throws NamingException {
- throw new OperationNotSupportedException();
+ public void rename(Name oldName, Name newName) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public void rename(String oldName, String newName) throws NamingException {
- throw new OperationNotSupportedException();
+ public void rename(String oldName, String newName) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public NamingEnumeration list(Name name) throws NamingException {
- throw new OperationNotSupportedException();
+ public NamingEnumeration list(Name name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public NamingEnumeration list(String name) throws NamingException {
- throw new OperationNotSupportedException();
+ public NamingEnumeration list(String name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public NamingEnumeration listBindings(Name name) throws NamingException {
- throw new OperationNotSupportedException();
+ public NamingEnumeration listBindings(Name name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public NamingEnumeration listBindings(String name) throws NamingException {
- throw new OperationNotSupportedException();
+
+ public NamingEnumeration listBindings(String name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public void destroySubcontext(Name name) throws NamingException {
- throw new OperationNotSupportedException();
+
+ public void destroySubcontext(Name name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public void destroySubcontext(String name) throws NamingException {
- throw new OperationNotSupportedException();
+
+ public void destroySubcontext(String name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public Context createSubcontext(Name name) throws NamingException {
- throw new OperationNotSupportedException();
+
+ public Context createSubcontext(Name name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public Context createSubcontext(String name) throws NamingException {
- throw new OperationNotSupportedException();
+
+ public Context createSubcontext(String name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public Object lookupLink(Name name) throws NamingException {
- throw new OperationNotSupportedException();
+
+ public Object lookupLink(Name name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public Object lookupLink(String name) throws NamingException {
- throw new OperationNotSupportedException();
+
+ public Object lookupLink(String name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public NameParser getNameParser(Name name) throws NamingException {
- throw new OperationNotSupportedException();
+
+ public NameParser getNameParser(Name name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public NameParser getNameParser(String name) throws NamingException {
- throw new OperationNotSupportedException();
+
+ public NameParser getNameParser(String name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
+
public String composeName(String name, String prefix)
- throws NamingException {
- throw new OperationNotSupportedException();
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
public Name composeName(Name name, Name prefix)
- throws NamingException {
- throw new OperationNotSupportedException();
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
public Object addToEnvironment(String propName, Object propVal)
- throws NamingException {
- throw new OperationNotSupportedException();
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
+
public Object removeFromEnvironment(String propName)
- throws NamingException {
- throw new OperationNotSupportedException();
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public Hashtable getEnvironment() throws NamingException {
- throw new OperationNotSupportedException();
+
+ public Hashtable getEnvironment() throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public void close() throws NamingException {
- throw new OperationNotSupportedException();
+
+ public void close() throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
+
// -- DirContext
+
public void modifyAttributes(Name name, int mod_op, Attributes attrs)
- throws NamingException {
- throw new OperationNotSupportedException();
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
+
public void modifyAttributes(String name, int mod_op, Attributes attrs)
- throws NamingException {
- throw new OperationNotSupportedException();
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
+
public void modifyAttributes(Name name, ModificationItem[] mods)
- throws NamingException {
- throw new OperationNotSupportedException();
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
+
public void modifyAttributes(String name, ModificationItem[] mods)
- throws NamingException {
- throw new OperationNotSupportedException();
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
+
public void bind(Name name, Object obj, Attributes attrs)
- throws NamingException {
- throw new OperationNotSupportedException();
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
public void bind(String name, Object obj, Attributes attrs)
- throws NamingException {
- throw new OperationNotSupportedException();
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
+
public void rebind(Name name, Object obj, Attributes attrs)
- throws NamingException {
- throw new OperationNotSupportedException();
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
+
public void rebind(String name, Object obj, Attributes attrs)
- throws NamingException {
- throw new OperationNotSupportedException();
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
+
public DirContext createSubcontext(Name name, Attributes attrs)
- throws NamingException {
- throw new OperationNotSupportedException();
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
+
public DirContext createSubcontext(String name, Attributes attrs)
- throws NamingException {
- throw new OperationNotSupportedException();
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public DirContext getSchema(Name name) throws NamingException {
- throw new OperationNotSupportedException();
+ public DirContext getSchema(Name name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
- public DirContext getSchema(String name) throws NamingException {
- throw new OperationNotSupportedException();
+ public DirContext getSchema(String name) throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
public DirContext getSchemaClassDefinition(Name name)
- throws NamingException {
- throw new OperationNotSupportedException();
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
public DirContext getSchemaClassDefinition(String name)
- throws NamingException {
- throw new OperationNotSupportedException();
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
public NamingEnumeration search(Name name,
- Attributes matchingAttributes,
- String[] attributesToReturn)
- throws NamingException {
- throw new OperationNotSupportedException();
+ Attributes matchingAttributes,
+ String[] attributesToReturn)
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
public NamingEnumeration search(String name,
- Attributes matchingAttributes,
- String[] attributesToReturn)
- throws NamingException {
- throw new OperationNotSupportedException();
+ Attributes matchingAttributes,
+ String[] attributesToReturn)
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
public NamingEnumeration search(Name name,
- Attributes matchingAttributes)
- throws NamingException {
- throw new OperationNotSupportedException();
+ Attributes matchingAttributes)
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
public NamingEnumeration search(String name,
- Attributes matchingAttributes)
- throws NamingException {
- throw new OperationNotSupportedException();
+ Attributes matchingAttributes)
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
}
public NamingEnumeration search(Name name,
- String filter,
- SearchControls cons)
- throws NamingException {
- throw new OperationNotSupportedException();
- }
-
- public NamingEnumeration search(String name,
- String filter,
- SearchControls cons)
- throws NamingException {
- throw new OperationNotSupportedException();
- }
-
- public NamingEnumeration search(Name name,
- String filterExpr,
- Object[] filterArgs,
- SearchControls cons)
- throws NamingException {
- throw new OperationNotSupportedException();
- }
-
- public NamingEnumeration search(String name,
- String filterExpr,
- Object[] filterArgs,
- SearchControls cons)
- throws NamingException {
- throw new OperationNotSupportedException();
- }
+ String filter,
+ SearchControls cons)
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
+ }
+
+ public NamingEnumeration search(String name,
+ String filter,
+ SearchControls cons)
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
+ }
+
+ public NamingEnumeration search(Name name,
+ String filterExpr,
+ Object[] filterArgs,
+ SearchControls cons)
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
+ }
+
+ public NamingEnumeration search(String name,
+ String filterExpr,
+ Object[] filterArgs,
+ SearchControls cons)
+ throws NamingException
+ {
+ throw new OperationNotSupportedException();
+ }
}
1.3 +36 -19
jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/ldap/LDAPGroup.java
Index: LDAPGroup.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/ldap/LDAPGroup.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- LDAPGroup.java 8 Dec 2002 19:33:52 -0000 1.2
+++ LDAPGroup.java 9 Dec 2002 20:24:08 -0000 1.3
@@ -54,26 +54,40 @@
package org.apache.jetspeed.om.security.ldap;
-import org.apache.jetspeed.services.JetspeedLDAP;
-import org.apache.jetspeed.services.ldap.LDAPURL;
-import java.util.Vector;
-import javax.naming.*;
-import javax.naming.directory.*;
import java.util.Hashtable;
import java.util.Vector;
+import javax.naming.directory.Attribute;
+import javax.naming.directory.BasicAttribute;
+import javax.naming.directory.BasicAttributes;
import org.apache.jetspeed.om.security.Group;
+import org.apache.jetspeed.services.JetspeedLDAP;
+import org.apache.jetspeed.services.ldap.LDAPURL;
/**
*
* @author <a href="mailto:[EMAIL PROTECTED]";>Ender KILICOGLU</a>
+ * @author <a href="mailto:[EMAIL PROTECTED]";>Sami Leino</a>
+ *
* @version $Id$
*
*/
public class LDAPGroup extends BaseLDAPObject implements Group {
- protected String name;
- protected String id = null;
- protected boolean isNew = true;
+ // ---------------------------- Constants ----------------------------
+
+ protected static final String OBJECT_CLASS = "jetspeedgroup";
+ protected static final String ORGANIZATIONAL_UNIT = "ou=groups";
+
+ protected static final String ATTR_GROUP_NAME = "groupname";
+ protected static final String ATTR_GROUP_ID = "uid";
+
+ // ------------------------- Member variables ------------------------
+
+ protected String name = null;
+ protected String id = null;
+ protected boolean isNew = true;
+
+ // --------------------------- Constructors --------------------------
public LDAPGroup()
{
@@ -89,26 +103,25 @@
public LDAPGroup(String name, boolean isNew)
{
- super.ldapurl = JetspeedLDAP.buildURL("uid=" + name + ",ou=groups");
+ super.ldapurl = JetspeedLDAP.buildURL(ATTR_GROUP_ID + "=" + name + "," +
ORGANIZATIONAL_UNIT);
this.isNew = isNew;
if (isNew)
{
this.id = name;
this.name = name;
+
super.myAttrs = new BasicAttributes();
- super.myAttrs.put("uid", name);
- super.myAttrs.put("groupname", name);
+ super.myAttrs.put(ATTR_GROUP_ID, name);
+ super.myAttrs.put(ATTR_GROUP_NAME, name);
- Attribute oc = new BasicAttribute("objectclass");
- oc.add("jetspeedgroup");
- super.myAttrs.put(oc);
+ super.setObjectClass(OBJECT_CLASS);
}
else
{
super.myAttrs = JetspeedLDAP.read(ldapurl);
- this.id = getutil("uid");
- this.name = getutil("groupname");
+ this.id = getutil(ATTR_GROUP_ID);
+ this.name = getutil(ATTR_GROUP_NAME);
}
}
@@ -116,10 +129,12 @@
{
super.ldapurl = ldapurl;
super.myAttrs = JetspeedLDAP.read(ldapurl);
- this.id = getutil("uid");
- this.name = getutil("groupname");
+ this.id = getutil(ATTR_GROUP_ID);
+ this.name = getutil(ATTR_GROUP_NAME);
}
+ // --------------------- Persistence operations ----------------------
+
public boolean update(boolean create)
{
removeutil("createTimeStamp", false);
@@ -141,6 +156,8 @@
return true;
}
+
+ // ------------------------ Accessor methods -------------------------
/**
* Get the name of the Group
1.3 +31 -14
jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/ldap/LDAPPermission.java
Index: LDAPPermission.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/ldap/LDAPPermission.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- LDAPPermission.java 8 Dec 2002 19:33:52 -0000 1.2
+++ LDAPPermission.java 9 Dec 2002 20:24:08 -0000 1.3
@@ -66,14 +66,28 @@
/**
*
* @author <a href="mailto:[EMAIL PROTECTED]";>Ender KILICOGLU</a>
+ * @author <a href="mailto:[EMAIL PROTECTED]";>Sami Leino</a>
+ *
* @version $Id$
*
*/
public class LDAPPermission extends BaseLDAPObject implements Permission {
- protected String name;
- protected String id = null;
- protected boolean isNew = true;
+ // ---------------------------- Constants ----------------------------
+
+ protected static final String OBJECT_CLASS = "jetspeedpermission";
+ protected static final String ORGANIZATIONAL_UNIT = "ou=permissions";
+
+ protected static final String ATTR_PERMISSION_NAME = "permissionname";
+ protected static final String ATTR_PERMISSION_ID = "uid";
+
+ // ------------------------- Member variables ------------------------
+
+ protected String name = null;
+ protected String id = null;
+ protected boolean isNew = true;
+
+ // --------------------------- Constructors --------------------------
public LDAPPermission()
{
@@ -89,26 +103,25 @@
public LDAPPermission(String name, boolean isNew)
{
- super.ldapurl = JetspeedLDAP.buildURL("uid=" + name + ",ou=permissions");
+ super.ldapurl = JetspeedLDAP.buildURL(ATTR_PERMISSION_ID + "=" + name + ","
+ ORGANIZATIONAL_UNIT);
this.isNew = isNew;
if (isNew)
{
this.id = name;
this.name = name;
+
super.myAttrs = new BasicAttributes();
- myAttrs.put("uid", id);
- myAttrs.put("permissionname", name);
+ myAttrs.put(ATTR_PERMISSION_ID, id);
+ myAttrs.put(ATTR_PERMISSION_NAME, name);
- Attribute oc = new BasicAttribute("objectclass");
- oc.add("jetspeedpermission");
- super.myAttrs.put(oc);
+ super.setObjectClass(OBJECT_CLASS);
}
else
{
super.myAttrs = JetspeedLDAP.read(ldapurl);
- this.id = getutil("uid");
- this.name = getutil("permissionname");
+ this.id = getutil(ATTR_PERMISSION_ID);
+ this.name = getutil(ATTR_PERMISSION_NAME);
}
}
@@ -116,10 +129,12 @@
{
super.ldapurl = ldapurl;
super.myAttrs = JetspeedLDAP.read(ldapurl);
- this.id = getutil("uid");
- this.name = getutil("permissionname");
+ this.id = getutil(ATTR_PERMISSION_ID);
+ this.name = getutil(ATTR_PERMISSION_NAME);
}
+ // --------------------- Persistence operations ----------------------
+
public boolean update(boolean create)
{
removeutil("createTimeStamp", false);
@@ -141,6 +156,8 @@
return true;
}
+
+ // ------------------------ Accessor methods -------------------------
/**
* Get the name of the Permission
1.3 +95 -78
jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/ldap/LDAPRole.java
Index: LDAPRole.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/ldap/LDAPRole.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- LDAPRole.java 8 Dec 2002 19:33:52 -0000 1.2
+++ LDAPRole.java 9 Dec 2002 20:24:08 -0000 1.3
@@ -54,28 +54,42 @@
package org.apache.jetspeed.om.security.ldap;
-import org.apache.jetspeed.services.JetspeedLDAP;
-import org.apache.jetspeed.services.ldap.LDAPURL;
-import java.util.Vector;
-import javax.naming.*;
-import javax.naming.directory.*;
import java.util.Hashtable;
import java.util.Vector;
-
+import javax.naming.directory.Attribute;
+import javax.naming.directory.BasicAttribute;
+import javax.naming.directory.BasicAttributes;
import org.apache.jetspeed.om.security.Role;
+import org.apache.jetspeed.services.JetspeedLDAP;
+import org.apache.jetspeed.services.ldap.LDAPURL;
/**
*
* @author <a href="mailto:[EMAIL PROTECTED]";>Ender KILICOGLU</a>
+ * @author <a href="mailto:[EMAIL PROTECTED]";>Sami Leino</a>
+ *
* @version $Id$
*
*/
public class LDAPRole extends BaseLDAPObject implements Role {
- protected String name = null;
- protected String id = null;
- protected boolean isNew = true;
- protected Vector rolePermissions;
+ // ---------------------------- Constants ----------------------------
+
+ protected static final String OBJECT_CLASS = "jetspeedrole";
+ protected static final String ORGANIZATIONAL_UNIT = "ou=roles";
+
+ protected static final String ATTR_ROLE_PERMISSIONS = "rolepermissions";
+ protected static final String ATTR_ROLE_NAME = "rolename";
+ protected static final String ATTR_ROLE_ID = "uid";
+
+ // ------------------------- Member variables ------------------------
+
+ protected String name = null;
+ protected String id = null;
+ protected Vector rolePermissions = null;
+ protected boolean isNew = true;
+
+ // --------------------------- Constructors --------------------------
public LDAPRole()
{
@@ -92,8 +106,9 @@
}
public LDAPRole(String name, boolean isNew)
+
{
- super.ldapurl = JetspeedLDAP.buildURL("uid=" + name + ",ou=roles");
+ super.ldapurl = JetspeedLDAP.buildURL(ATTR_ROLE_ID + "=" + name + "," +
ORGANIZATIONAL_UNIT);
this.isNew = isNew;
if (isNew)
@@ -103,19 +118,16 @@
this.name = name;
super.myAttrs = new BasicAttributes();
- super.myAttrs.put("uid", this.id);
- super.myAttrs.put("roleName", this.name);
-
- Attribute oc = new BasicAttribute("objectclass");
- oc.add("jetspeedrole");
- super.myAttrs.put(oc);
+ super.myAttrs.put(ATTR_ROLE_ID, this.id);
+ super.myAttrs.put(ATTR_ROLE_NAME, this.name);
+ super.setObjectClass(OBJECT_CLASS);
}
else
{
- super.myAttrs = JetspeedLDAP.read(super.ldapurl);
- this.id = getutil("uid");
- this.name = getutil("rolename");
- this.rolePermissions = getutil("rolepermissions", true);
+ super.myAttrs = JetspeedLDAP.read(super.ldapurl);
+ this.id = getutil(ATTR_ROLE_ID);
+ this.name = getutil(ATTR_ROLE_NAME);
+ this.rolePermissions = getutil(ATTR_ROLE_PERMISSIONS, true);
}
}
@@ -123,11 +135,69 @@
{
super.ldapurl = ldapurl;
super.myAttrs = JetspeedLDAP.read(ldapurl);
- this.id = getutil("uid");
- this.name = getutil("rolename");
- this.rolePermissions = getutil("rolepermissions", true);
+ this.id = getutil(ATTR_ROLE_ID);
+ this.name = getutil(ATTR_ROLE_NAME);
+ this.rolePermissions = getutil(ATTR_ROLE_PERMISSIONS, true);
}
+ // --------------------- Persistence operations ----------------------
+
+
+ public boolean update(boolean create)
+ {
+ removeutil("createTimeStamp", false);
+ removeutil("modifyTimeStamp", false);
+
+ if (JetspeedLDAP.exists(super.ldapurl))
+ {
+ removePreviousPermissionsFromLDAP();
+ JetspeedLDAP.deleteAttrs(super.ldapurl, super.rmAttrs);
+ super.myAttrs.put(toAttribute(ATTR_ROLE_PERMISSIONS, rolePermissions));
+ JetspeedLDAP.updateEntry(super.ldapurl, super.myAttrs);
+ }
+ else if (create)
+ {
+ JetspeedLDAP.addEntry(super.ldapurl, super.myAttrs);
+ }
+ else
+ {
+ return false;
+ }
+
+ return true;
+ }
+
+ public void removePreviousPermissionsFromLDAP()
+ {
+ Vector previousPermissions = getutil(ATTR_ROLE_PERMISSIONS, true);
+ BasicAttributes attrs = new BasicAttributes();
+
+ for (int i=0; i < previousPermissions.size(); i++)
+ {
+ String uid = (String)previousPermissions.get(i);
+ //Log.debug("Deleting value '" + uid + "' from rolepermissions.");
+ attrs.put(ATTR_ROLE_PERMISSIONS, uid);
+ }
+
+ JetspeedLDAP.deleteAttrs(super.ldapurl, attrs);
+ }
+
+ public Attribute toAttribute(String id, Vector values)
+ {
+ Attribute attr = new BasicAttribute(id);
+
+ for (int i=0; i < values.size(); i++)
+ {
+ String uid = (String)values.get(i);
+ //Log.debug("Adding value '" + uid + "' to rolepermissions.");
+ attr.add(uid);
+ }
+
+ return attr;
+ }
+
+ // ------------------------ Accessor methods -------------------------
+
/**
* Get the name of the Role
*
@@ -209,59 +279,6 @@
{
return false;
}
- }
-
- public boolean update(boolean create)
- {
- removeutil("createTimeStamp", false);
- removeutil("modifyTimeStamp", false);
-
- if (JetspeedLDAP.exists(super.ldapurl))
- {
- removePreviousPermissionsFromLDAP();
- JetspeedLDAP.deleteAttrs(super.ldapurl, super.rmAttrs);
- super.myAttrs.put(toAttribute("rolepermissions", rolePermissions));
- JetspeedLDAP.updateEntry(super.ldapurl, super.myAttrs);
- }
- else if (create)
- {
- JetspeedLDAP.addEntry(super.ldapurl, super.myAttrs);
- }
- else
- {
- return false;
- }
-
- return true;
- }
-
- public void removePreviousPermissionsFromLDAP()
- {
- Vector previousPermissions = getutil("rolepermissions", true);
- BasicAttributes attrs = new BasicAttributes();
-
- for (int i=0; i < previousPermissions.size(); i++)
- {
- String uid = (String)previousPermissions.get(i);
- //Log.debug("Deleting value '" + uid + "' from rolepermissions.");
- attrs.put("rolepermissions", uid);
- }
-
- JetspeedLDAP.deleteAttrs(super.ldapurl, attrs);
- }
-
- public Attribute toAttribute(String id, Vector values)
- {
- Attribute attr = new BasicAttribute(id);
-
- for (int i=0; i < values.size(); i++)
- {
- String uid = (String)values.get(i);
- //Log.debug("Adding value '" + uid + "' to rolepermissions.");
- attr.add(uid);
- }
-
- return attr;
}
1.3 +152 -12
jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/ldap/LDAPUser.java
Index: LDAPUser.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/om/security/ldap/LDAPUser.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- LDAPUser.java 8 Dec 2002 19:33:52 -0000 1.2
+++ LDAPUser.java 9 Dec 2002 20:24:08 -0000 1.3
@@ -60,6 +60,7 @@
import org.apache.turbine.om.security.User;
import java.io.ByteArrayOutputStream;
import java.io.PrintWriter;
+import java.text.SimpleDateFormat;
import java.util.Vector;
import java.util.Enumeration;
import java.util.Date;
@@ -71,23 +72,41 @@
import org.apache.jetspeed.services.JetspeedLDAP;
import org.apache.jetspeed.services.security.ldap.UnixCrypt;
import org.apache.jetspeed.services.ldap.LDAPURL;
+import org.apache.jetspeed.util.Base64;
import javax.naming.*;
import javax.naming.directory.*;
+import java.io.*;
/**
*
* @author <a href="mailto:[EMAIL PROTECTED]";>Ender KILICOGLU</a>
+ * @author <a href="mailto:[EMAIL PROTECTED]";>Sami Leino</a>
+ *
* @version $Id$
*
*/
public class LDAPUser extends BaseLDAPObject implements JetspeedUser {
+ // ---------------------------- Constants ----------------------------
+
+ protected static final String OBJECT_CLASS = "jetspeedpermission";
+ protected static final String ORGANIZATIONAL_UNIT = "ou=permissions";
+
+ protected static final String ATTR_USER_ID = "uid";
+ protected static final String ATTR_OBJECT_DATA = "objectdata";
+
+ protected static final boolean SAVE_EXTRA_ATTRIBUTES = false;
+ protected static final String LDAP_DATE_PATTERN = "yyyy.MM.dd G 'at'
hh:mm:ss a zzz";
+
+ // ------------------------- Member variables ------------------------
+
/** The date on which the user account was created. */
private Date createDate = null;
/** The date on which the user last accessed the application. */
private Date lastAccessDate = null;
+ /** The date on which the user last changed his password. */
private Date passwordChanged = null;
/** This is data that will survive a servlet engine restart. */
@@ -102,6 +121,8 @@
private Vector groupRoles = null;
+ // --------------------------- Constructors --------------------------
+
public LDAPUser()
{
this("TempUser", true);
@@ -117,6 +138,7 @@
this.isNew = isNew;
createDate = new Date();
+ lastAccessDate = createDate;
tempStorage = new Hashtable(10);
permStorage = new Hashtable(10);
groupRoles = new Vector();
@@ -126,7 +148,6 @@
{
setDisabled(false);
setUserName(username);
-
myAttrs = new BasicAttributes();
myAttrs.put("uid", username);
Attribute oc = new BasicAttribute("objectclass");
@@ -142,6 +163,21 @@
setLastName(getutil("sn"));
setUserName(username);
this.groupRoles = getutil("usergrouprole", true);
+
+ setLastLogin(parseDate(getutil("lastlogindate")));
+ lastAccessDate = parseDate(getutil("lastmodifieddate"));
+ setCreateDate(parseDate(getutil("creationdate")));
+ String temp = getutil("disabled");
+ if (temp != null && temp.equals("TRUE")) setDisabled(true);
+ else setDisabled(false);
+
+ try
+ {
+ setPermStorage(deserializePerm(getutil(ATTR_OBJECT_DATA)));
+ }
+ catch (Exception e)
+ {
+ }
}
}
@@ -154,6 +190,14 @@
groupRoles = new Vector();
this.ldapurl = ldapurl;
myAttrs = JetspeedLDAP.read(ldapurl);
+
+ try
+ {
+ setPermStorage(deserializePerm(getutil(ATTR_OBJECT_DATA)));
+ }
+ catch (Exception e)
+ {
+ }
setUserName(getutil("uid"));
setEmail(getutil("mail"));
@@ -162,6 +206,13 @@
setName(getutil("name"));
setConfirmed(getutil("confirm"));
+ setLastLogin(parseDate(getutil("lastlogindate")));
+ lastAccessDate = parseDate(getutil("lastmodifieddate"));
+ setCreateDate(parseDate(getutil("creationdate")));
+ String temp = getutil("disabled");
+ if (temp != null && temp.equals("TRUE")) setDisabled(true);
+ else setDisabled(false);
+
try
{
setPassword(new String ((byte[])
myAttrs.get("userPassword").getAll().nextElement()));
@@ -173,6 +224,8 @@
this.groupRoles = getutil( "usergrouprole", true );
}
+ // --------------------- Persistence operations ----------------------
+
public boolean update(boolean create)
{
removeutil("createTimeStamp", false);
@@ -183,12 +236,30 @@
setutil("confirm",(String)getPerm(User.CONFIRM_VALUE));
setutil("sn",(String)getPerm(User.LAST_NAME));
setutil("givenName",(String)getPerm(User.FIRST_NAME));
- setutil("usergrouprole",groupRoles);
+
+ setutil("usergrouprole", groupRoles);
+
+ if (SAVE_EXTRA_ATTRIBUTES)
+ {
+ try
+ {
+ setutil("lastlogindate", formatDate(getLastLogin()));
+ setutil("lastmodifieddate", formatDate(getLastAccessDate()));
+ setutil("creationdate", formatDate(getCreateDate()));
+ if (getDisabled() == true) setutil("disabled", "TRUE");
+ else setutil("disabled", "FALSE");
+ setutil(ATTR_OBJECT_DATA, serializePerm(permStorage));
+ }
+ catch (Exception e)
+ {
+ Log.warn("Setting extra user attributes failed!", e);
+ }
+ }
if (JetspeedLDAP.exists(ldapurl))
{
- JetspeedLDAP.deleteAttrs(ldapurl,rmAttrs);
- JetspeedLDAP.updateEntry(ldapurl,myAttrs);
+ JetspeedLDAP.deleteAttrs(ldapurl, rmAttrs);
+ JetspeedLDAP.updateEntry(ldapurl, myAttrs);
}
else if (create)
{
@@ -204,6 +275,71 @@
return true;
}
+ // ----------------------- Utility operations ------------------------
+
+ protected String formatDate(Date date)
+ {
+ if (date == null)
+ {
+ date = new Date();
+ }
+
+ SimpleDateFormat formatter = new SimpleDateFormat(LDAP_DATE_PATTERN);
+ return formatter.format(date);
+ }
+
+ protected Date parseDate(String value)
+ {
+ try
+ {
+ SimpleDateFormat parser = new SimpleDateFormat(LDAP_DATE_PATTERN);
+ return parser.parse(value);
+ }
+ catch (Exception e)
+ {
+ return new Date();
+ }
+ }
+
+ /*
+ protected byte[] serializePerm(Hashtable permStorage)
+ throws Exception
+ {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ ObjectOutputStream os = new ObjectOutputStream(baos);
+ os.writeObject(permStorage);
+ return baos.toByteArray();
+ }
+
+ protected Hashtable deserializePerm(byte[] permStorageContentsEncoded)
+ throws Exception
+ {
+ ByteArrayInputStream bais = new
ByteArrayInputStream(permStorageContentsEncoded);
+ ObjectInputStream is = new ObjectInputStream(bais);
+ return (Hashtable)is.readObject();
+ }
+ */
+
+ protected String serializePerm(Hashtable permStorage)
+ throws Exception
+ {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ ObjectOutputStream os = new ObjectOutputStream(baos);
+ os.writeObject(permStorage);
+ return Base64.encodeAsString(baos.toByteArray());
+ }
+
+ protected Hashtable deserializePerm(String permStorageContentsEncoded)
+ throws Exception
+ {
+ byte[] decoded = Base64.decodeAsByteArray(permStorageContentsEncoded);
+ ByteArrayInputStream bais = new ByteArrayInputStream(decoded);
+ ObjectInputStream is = new ObjectInputStream(bais);
+ return (Hashtable)is.readObject();
+ }
+
+ // ------------------------ Accessor methods -------------------------
+
public Vector getGroupRoles()
{
return this.groupRoles;
@@ -235,8 +371,6 @@
{
groupRoles.remove(groupRoleStr);
}
-
-
}
}
@@ -246,9 +380,9 @@
* @return the user id.
*/
public String getUserId()
-
{
String tmp = null;
+
try
{
tmp = (String) getPerm (JetspeedUser.USER_ID);
@@ -301,6 +435,7 @@
catch (Exception e)
{
return 0;
+
}
}
@@ -323,16 +458,15 @@
*/
public java.util.Date getLastAccessDate()
{
-
-
if (lastAccessDate == null)
{
- setLastAccessDate();
+ setLastAccessDate();
}
return lastAccessDate;
}
/**
+
* Get last login date/time for this user.
*
* @return A Java Date with the last login date for the user.
@@ -376,6 +510,7 @@
try
{
Object val = permStorage.get (name);
+
return (val == null ? def : val);
}
catch (Exception e)
@@ -498,6 +633,8 @@
if (tmp.length() == 0) tmp = null;
}
catch (Exception e)
+
+
{
}
return tmp;
@@ -517,6 +654,7 @@
/**
* Returns the email address for this user.
+
*
* @return A String with the user's email address.
*/
@@ -731,7 +869,6 @@
setPerm(User.LAST_NAME, lastName);
}
-
/**
* Sets the email address.
*
@@ -816,6 +953,7 @@
{
java.util.Date now = new java.util.Date();
+
if (this.hasLoggedIn())
{
if ( JetspeedResources.getBoolean("automatic.logout.save", false) )
@@ -893,6 +1031,7 @@
this.name = name;
}
+
public boolean isNew()
{
return isNew;
@@ -907,6 +1046,7 @@
* Returns the date of last password change
*
* @return date
+
*/
public Date getPasswordChanged()
{
1.2 +1 -1
jakarta-jetspeed/src/java/org/apache/jetspeed/services/JetspeedLDAP.java
Index: JetspeedLDAP.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/JetspeedLDAP.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
1.2 +1 -1
jakarta-jetspeed/src/java/org/apache/jetspeed/services/ldap/Connector.java
Index: Connector.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/ldap/Connector.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
1.3 +10 -30
jakarta-jetspeed/src/java/org/apache/jetspeed/services/ldap/LDAPService.java
Index: LDAPService.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/ldap/LDAPService.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- LDAPService.java 8 Dec 2002 19:33:53 -0000 1.2
+++ LDAPService.java 9 Dec 2002 20:24:08 -0000 1.3
@@ -94,6 +94,8 @@
+
+
private int limit;
private int timeout;
private int version;
@@ -153,12 +155,11 @@
*/
public DirContext connect(LDAPURL url)
{
-//System.out.println("LDAPService: connect = " + url);
-
String base = url.getBase();
DirContext ctx = (DirContext)connections.get(base);
if(ctx != null)
- return ctx;
+ return ctx;
+
setDefaultEnv();
env.put("java.naming.provider.url", base);
do
@@ -366,8 +367,6 @@
*/
public boolean exists(LDAPURL url)
{
-//System.out.println("LDAPService: exists = " + url);
-
DirContext ctx = connect(url);
if(ctx == null)
return false;
@@ -461,6 +460,7 @@
}
return true;
}
+
/**
* Build LDAPURL Function
*
@@ -469,12 +469,11 @@
* @param DN DN value for object.
* @return LDAPURL build with given DN.
*/
- public LDAPURL buildURL(String DN){
-
-//System.out.println("LDAPService: buildURL: " + DN + " ---> " + new
LDAPURL(host,port,DN + "," + basedn));
-
+ public LDAPURL buildURL(String DN)
+ {
return new LDAPURL(host,port,DN + "," + basedn);
}
+
/**
* Read Attributes Function
*
@@ -993,9 +992,6 @@
private NamingEnumeration search(DirContext ctx, String dn, String filter,
String attribs[], int type)
throws NamingException
{
-////System.out.println("LDAPService: search: dn = " + dn);
-////System.out.println("LDAPService: search: filter = " + filter);
-
return search(ctx, dn, filter, attribs, type, true);
}
@@ -1016,9 +1012,6 @@
private NamingEnumeration search(DirContext ctx, String dn, String filter,
String attribs[], int type, boolean setLimits)
throws NamingException
{
-////System.out.println("LDAPService: search2: dn = " + dn);
-////System.out.println("LDAPService: search2: filter = " + filter);
-
SearchControls constraints = new SearchControls();
constraints.setSearchScope(type);
constraints.setReturningAttributes(attribs);
@@ -1043,9 +1036,6 @@
*/
public Vector search(LDAPURL url, String filter, String attribs[], boolean
subTreeScope)
{
-////System.out.println("LDAPService: search3: url = " + url);
-////System.out.println("LDAPService: search3: filter = " + filter);
-
Vector results = new Vector();
String attrs[] = new String[attribs.length + 1];
attrs[0] = "objectclass";
@@ -1053,7 +1043,6 @@
int scope = subTreeScope ? 2 : 1;
subSearch(url, filter, attrs, scope, results);
-////System.out.println("LDAPService: search3: results = " + results.size());
return results;
}
/**
@@ -1071,13 +1060,8 @@
private boolean subSearch(LDAPURL url, String filter, String attribs[], int
scope, Vector rs)
{
-//System.out.println("LDAPService: search4: url = " + url);
-//System.out.println("LDAPService: search4: filter = " + filter);
-
DirContext ctx = connect(url);
-//System.out.println("LDAPService: ctx = " + ctx);
-
if(ctx == null)
return false;
String entryDN = null;
@@ -1087,8 +1071,6 @@
int subscope = 0;
String baseDN = url.getDN();
-//System.out.println("LDAPService: subSearch: baseDN = " + baseDN);
-
boolean moreReferrals = true;
while(moreReferrals)
try
@@ -1174,9 +1156,6 @@
private String getFixedDN(String rdn, String base)
{
-//System.out.println("LDAPService: getFixedDn: rdn = " + rdn);
-//System.out.println("LDAPService: getFixedDn: base = " + base);
-//System.out.println("LDAPService: getFixedDn: result = " + getDN(fixName(rdn),
base));
return getDN(fixName(rdn), base);
}
@@ -1325,6 +1304,7 @@
this.securityAuthentication =
serviceConf.getString("securityauthentication","simple");
this.securityProtocol = serviceConf.getString("securityprotocol");
this.socketFactory = serviceConf.getString("socketfactory");
+
this.jndiprovider = serviceConf.getString("jndiprovider",DEFAULT_CTX);
this.saslclientpckgs = serviceConf.getString("saslclientpckgs");
mainConnect(new LDAPURL(host,port,basedn));
1.4 +1 -1
jakarta-jetspeed/src/java/org/apache/jetspeed/services/ldap/LDAPURL.java
Index: LDAPURL.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/ldap/LDAPURL.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
1.3 +1 -1
jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/ldap/LDAPAuthentication.java
Index: LDAPAuthentication.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/ldap/LDAPAuthentication.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
1.4 +1 -1
jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/ldap/LDAPGroupManagement.java
Index: LDAPGroupManagement.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/ldap/LDAPGroupManagement.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
1.3 +6 -7
jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/ldap/LDAPPermissionManagement.java
Index: LDAPPermissionManagement.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/ldap/LDAPPermissionManagement.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- LDAPPermissionManagement.java 8 Dec 2002 19:33:53 -0000 1.2
+++ LDAPPermissionManagement.java 9 Dec 2002 20:24:08 -0000 1.3
@@ -120,7 +120,7 @@
private final static boolean DEFAULT_CASCADE_DELETE = true;
private boolean cascadeDelete;
private final static String CACHING_ENABLE = "caching.enable";
- private boolean cachingEnable = false;
+ private boolean cachingEnable = true;
String[] attrs = {"ou", "uid"};
///////////////////////////////////////////////////////////////////////////
@@ -190,7 +190,10 @@
* @exception InsufficientPrivilegeException when the requestor is denied due
to insufficient privilege
*/
public Iterator getPermissions()
- throws JetspeedSecurityException
+ throws JetspeedSecurityException
+
+
+
@@ -331,7 +334,6 @@
if (cachingEnable)
{
-System.out.println("Adding permission " + permissionName + " to Security cache.");
JetspeedSecurityCache.addPermission(roleName, permission);
}
@@ -528,8 +530,5 @@
cascadeDelete = serviceConf.getBoolean( CASCADE_DELETE,
DEFAULT_CASCADE_DELETE );
cachingEnable = serviceConf.getBoolean( CACHING_ENABLE, cachingEnable );
setInit(true);
-
-//cachingEnable = false;
-System.out.println("LDAPPermissionManagement: cache = " + cachingEnable);
}
}
1.5 +5 -2
jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/ldap/LDAPRoleManagement.java
Index: LDAPRoleManagement.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/ldap/LDAPRoleManagement.java,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- LDAPRoleManagement.java 8 Dec 2002 19:38:21 -0000 1.4
+++ LDAPRoleManagement.java 9 Dec 2002 20:24:08 -0000 1.5
@@ -232,6 +232,7 @@
throw new RoleException("The role '" +
role.getName() + "' already exists");
}
+
try
{
new LDAPRole(role.getName(),true).update(true) ;
@@ -263,6 +264,7 @@
throw new RoleException("failed to add default PSML for Role resource",
e);
}
}
+
protected void addDefaultRolePSML(Role role)
throws RoleException
{
@@ -373,7 +375,8 @@
user = (LDAPUser)JetspeedSecurity.getUser(new
UserNamePrincipal(username));
role = (LDAPRole)JetspeedSecurity.getRole(roleName);
}
- catch(JetspeedSecurityException e)
+ catch(JetspeedSecurityException e)
+
{
throw new RoleException("Failed to Retrieve User or Role: ", e);
}
1.4 +9 -3
jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/ldap/LDAPUserManagement.java
Index: LDAPUserManagement.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/ldap/LDAPUserManagement.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- LDAPUserManagement.java 8 Dec 2002 19:33:53 -0000 1.3
+++ LDAPUserManagement.java 9 Dec 2002 20:24:08 -0000 1.4
@@ -286,7 +286,6 @@
public void addUser(JetspeedUser user)
throws JetspeedSecurityException
{
-
String initialPassword = user.getPassword();
String encrypted = JetspeedSecurity.encryptPassword(initialPassword);
user.setPassword(encrypted);
@@ -440,6 +439,7 @@
// is lost somehow before it is saved at session's expiry.
saveUser(user);
}
+
/**
* This method provides client-side encryption of passwords.
*
@@ -459,10 +459,16 @@
{
return password;
}
- if(password == null)
+ else if(password == null)
{
return null;
}
+ else if(password.startsWith(passwordsSuffix))
+ {
+ // A kludge
+ return password;
+ }
+
return passwordsSuffix + UnixCrypt.crypt(password);
}
1.2 +1 -1
jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/ldap/UnixCrypt.java
Index: UnixCrypt.java
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/ldap/UnixCrypt.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
1.2 +42 -26 jakarta-jetspeed/src/java/org/apache/jetspeed/util/Base64.java
Index: Base64.java
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/util/Base64.java,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- Base64.java 30 Mar 2002 00:13:31 -0000 1.1
+++ Base64.java 9 Dec 2002 20:24:09 -0000 1.2
@@ -58,6 +58,7 @@
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStreamReader;
+import java.io.InputStream;
/**
* Simple Base64 string decoding function
@@ -74,39 +75,54 @@
public class Base64 {
- public static BufferedReader decode(String b64string) throws Exception {
- return new BufferedReader(
- new InputStreamReader(
- MimeUtility.decode(
- new ByteArrayInputStream(
- b64string.getBytes()), "base64")));
+ public static String decodeAsString(String b64string) throws Exception
+ {
+ return new String(decodeAsByteArray(b64string));
}
- public static String decodeAsString(String b64string) throws Exception {
- return decode(b64string).readLine().trim();
+ public static byte[] decodeAsByteArray(String b64string) throws Exception
+ {
+ InputStream in = MimeUtility.decode(new ByteArrayInputStream(
+ b64string.getBytes()), "base64");
+
+ ByteArrayOutputStream out = new ByteArrayOutputStream();
+
+ while(true)
+ {
+ int b = in.read();
+ if (b == -1) break;
+ else out.write(b);
+ }
+
+ return out.toByteArray();
}
- public static ByteArrayOutputStream encode(String plaintext)
- throws Exception {
- ByteArrayOutputStream out = new ByteArrayOutputStream();
- byte[] in = plaintext.getBytes();
- ByteArrayOutputStream inStream = new ByteArrayOutputStream();
- inStream.write(in, 0, in.length);
- // pad
- if ((in.length % 3 ) == 1){
+ public static String encodeAsString(String plaintext) throws Exception
+ {
+ return encodeAsString(plaintext.getBytes());
+ }
+
+ public static String encodeAsString(byte[] plaindata) throws Exception
+ {
+ ByteArrayOutputStream out = new ByteArrayOutputStream();
+ ByteArrayOutputStream inStream = new ByteArrayOutputStream();
+
+ inStream.write(plaindata, 0, plaindata.length);
+
+ // pad
+ if ((plaindata.length % 3 ) == 1)
+ {
inStream.write(0);
inStream.write(0);
- } else if((in.length % 3 ) == 2){
+ }
+ else if((plaindata.length % 3 ) == 2)
+ {
inStream.write(0);
- }
- inStream.writeTo( MimeUtility.encode(out, "base64") );
- return out;
- }
+ }
- public static String encodeAsString(String plaintext) throws Exception {
- return encode(plaintext).toString();
+ inStream.writeTo(MimeUtility.encode(out, "base64"));
+ return out.toString();
}
-
}
1.2 +102 -40 jakarta-jetspeed/src/ldap/jetspeed.ldif
Index: jetspeed.ldif
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/ldap/jetspeed.ldif,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- jetspeed.ldif 21 Oct 2002 22:37:29 -0000 1.1
+++ jetspeed.ldif 9 Dec 2002 20:24:09 -0000 1.2
@@ -1,29 +1,36 @@
-dn: ou=jetspeed, o=EBIT
-ou: jetspeed
+dn: ou=jetspeed, o=apache
+description: Jetspeed Portal
objectClass: top
objectClass: organizationalUnit
+ou: jetspeed
-dn: ou=groups, ou=jetspeed, o=EBIT
+dn: cn=ldapadmin, ou=jetspeed, o=apache
+description: LDAP Directory Administrator
+objectClass: top
+objectClass: organizationalRole
+cn: ldapadmin
+
+dn: ou=groups, ou=jetspeed, o=apache
ou: groups
objectClass: top
objectClass: organizationalUnit
-dn: ou=roles, ou=jetspeed, o=EBIT
+dn: ou=roles, ou=jetspeed, o=apache
ou: roles
objectClass: top
objectClass: organizationalUnit
-dn: uid=Jetspeed,ou=groups, ou=jetspeed, o=EBIT
+dn: uid=Jetspeed, ou=groups, ou=jetspeed, o=apache
groupname: Jetspeed
uid: Jetspeed
objectClass: jetspeedgroup
-dn: uid=apache,ou=groups, ou=jetspeed, o=EBIT
+dn: uid=apache, ou=groups, ou=jetspeed, o=apache
groupname: apache
uid: apache
objectClass: jetspeedgroup
-dn: uid=user,ou=roles, ou=jetspeed, o=EBIT
+dn: uid=user, ou=roles, ou=jetspeed, o=apache
rolepermissions: view
rolepermissions: customize
rolepermissions: maximize
@@ -34,7 +41,7 @@
uid: user
objectClass: jetspeedrole
-dn: uid=admin,ou=roles, ou=jetspeed, o=EBIT
+dn: uid=admin, ou=roles, ou=jetspeed, o=apache
rolepermissions: view
rolepermissions: customize
rolepermissions: maximize
@@ -46,71 +53,126 @@
uid: admin
objectClass: jetspeedrole
-dn: uid=guest,ou=roles, ou=jetspeed, o=EBIT
+dn: uid=guest, ou=roles, ou=jetspeed, o=apache
+rolepermissions: view
rolename: guest
uid: guest
objectClass: jetspeedrole
-dn: ou=users, ou=jetspeed, o=EBIT
+dn: ou=users, ou=jetspeed, o=apache
ou: users
objectClass: top
objectClass: organizationalUnit
-dn: uid=ender,ou=users, ou=jetspeed, o=EBIT
-mail: [EMAIL PROTECTED]
-confirm: CONFIRMED
-name: ender
-userPassword:: e2NyeXB0fXlLZHJDZmtZanJTSVk=
-uid: ender
-usergrouprole: Jetspeed,user
-objectClass: jetspeeduser
-
-dn: uid=anon,ou=users, ou=jetspeed, o=EBIT
-mail: [EMAIL PROTECTED]
-name: anon
-userPassword:: e2NyeXB0fXlLZHJDZmtZanJTSVk=
-uid: anon
-usergrouprole: Jetspeed,user
-objectClass: jetspeeduser
-sn: anon
-
-dn: ou=permissions, ou=jetspeed, o=EBIT
+dn: ou=permissions, ou=jetspeed, o=apache
ou: permissions
objectClass: top
objectClass: organizationalUnit
-dn: uid=view,ou=permissions, ou=jetspeed, o=EBIT
+dn: uid=view, ou=permissions, ou=jetspeed, o=apache
uid: view
objectClass: jetspeedpermission
permissionname: view
-dn: uid=customize,ou=permissions, ou=jetspeed, o=EBIT
-uid: customize
-objectClass: jetspeedpermission
-permissionname: customize
-
-dn: uid=maximize,ou=permissions, ou=jetspeed, o=EBIT
+dn: uid=maximize, ou=permissions, ou=jetspeed, o=apache
uid: maximize
objectClass: jetspeedpermission
permissionname: maximize
-dn: uid=minimize,ou=permissions, ou=jetspeed, o=EBIT
+dn: uid=minimize, ou=permissions, ou=jetspeed, o=apache
uid: minimize
objectClass: jetspeedpermission
permissionname: minimize
-dn: uid=personalize,ou=permissions, ou=jetspeed, o=EBIT
+dn: uid=personalize, ou=permissions, ou=jetspeed, o=apache
uid: personalize
objectClass: jetspeedpermission
permissionname: personalize
-dn: uid=info,ou=permissions, ou=jetspeed, o=EBIT
+dn: uid=info, ou=permissions, ou=jetspeed, o=apache
uid: info
objectClass: jetspeedpermission
permissionname: info
-dn: uid=close,ou=permissions, ou=jetspeed, o=EBIT
+dn: uid=close, ou=permissions, ou=jetspeed, o=apache
uid: close
objectClass: jetspeedpermission
permissionname: close
+
+dn: uid=turbine, ou=users, ou=jetspeed, o=apache
+confirm: CONFIRMED
+creationdate: 2002.12.08 AD at 11:05:35 PM GMT+02:00
+name: turbine
+givenName: Tommy
+sn: Turbine
+userPassword:: e2NyeXB0fUkyWFlZb0RtdjJlbHc=
+disabled: FALSE
+mail: [EMAIL PROTECTED]
+objectdata:: ck8wQUJYTnlBQk5xWVhaaExuVjBhV3d1U0dGemFIUmhZbXhsRTdzUEpTRks1TGdE
+ QUFKR0FBcHNiMkZrUm1GamRHOXlTUUFKZEdoeQ0KWlhOb2IyeGtlSEEvUUFBQUFBQUFEM2NJQUFB
+ QUNRQUFBQWwwQUFwTVQwZEpUbDlPUVUxRmRBQUhkSFZ5WW1sdVpYUUFEbEJCVTFOWA0KVDFKRVgx
+ WkJURlZGZEFBVWUyTnllWEIwZlVreVdGbFpiMFJ0ZGpKbGJIZDBBQVZGVFVGSlRIUUFHblJ2Ylcx
+ NVFHcGhhMkZ5ZEdFdA0KYW1WMGMzQmxaV1F1WTI5dGRBQUtURUZUVkY5TVQwZEpUbk55QUE1cVlY
+ WmhMblYwYVd3dVJHRjBaV2hxZ1FGTFdYUVpBd0FBZUhCMw0KQ0FBQUFQSUFZallRZUhRQUNVeEJV
+ MVJmVGtGTlJYUUFCMVIxY21KcGJtVjBBQXBHU1ZKVFZGOU9RVTFGZEFBRlZHOXRiWGwwQUFoRQ0K
+ U1ZOQlFreEZSSFFBQVVaMEFBcGphR1ZsYzJWMFpYTjBkQUFIWTJobFpHUmhjblFBRFVOUFRrWkpV
+ azFmVmtGTVZVVjBBQWxEVDA1Rw0KU1ZKTlJVUjQ=
+lastmodifieddate: 2002.12.09 AD at 03:26:29 AM GMT+02:00
+objectClass: jetspeeduser
+uid: turbine
+lastlogindate: 2002.12.09 AD at 01:02:02 AM GMT+02:00
+usergrouprole: Jetspeed,user
+
+dn: uid=anon, ou=users, ou=jetspeed, o=apache
+confirm: CONFIRMED
+creationdate: 2002.12.09 AD at 01:01:56 AM GMT+02:00
+name: anon
+givenName: Anonymous
+sn: User
+userPassword:: e2NyeXB0fVZoMlBqaGdrLzZSSlU=
+disabled: FALSE
+mail: [EMAIL PROTECTED]
+objectdata:: ck8wQUJYTnlBQk5xWVhaaExuVjBhV3d1U0dGemFIUmhZbXhsRTdzUEpTRks1TGdE
+ QUFKR0FBcHNiMkZrUm1GamRHOXlTUUFKZEdoeQ0KWlhOb2IyeGtlSEEvUUFBQUFBQUFEM2NJQUFB
+ QUNRQUFBQWwwQUFwTVQwZEpUbDlPUVUxRmRBQUVZVzV2Ym5RQURsQkJVMU5YVDFKRQ0KWDFaQlRG
+ VkZkQUFVZTJOeWVYQjBmVlpvTWxCcWFHZHJMelpTU2xWMEFBVkZUVUZKVEhRQUdXRnViMjVBYW1G
+ cllYSjBZUzFxWlhSeg0KY0dWbFpDNWpiMjEwQUFwTVFWTlVYMHhQUjBsT2MzSUFEbXBoZG1FdWRY
+ UnBiQzVFWVhSbGFHcUJBVXRaZEJrREFBQjRjSGNJQUFBQQ0KOGdCaUhxQjRkQUFKVEVGVFZGOU9R
+ VTFGZEFBRVZYTmxjblFBQ2taSlVsTlVYMDVCVFVWMEFBbEJibTl1ZVcxdmRYTjBBQWhFU1ZOQg0K
+ UWt4RlJIUUFBVVowQUFwamFHVmxjMlYwWlhOMGRBQUhZMmhsWkdSaGNuUUFEVU5QVGtaSlVrMWZW
+ a0ZNVlVWMEFBbERUMDVHU1ZKTg0KUlVSNA==
+lastmodifieddate: 2002.12.09 AD at 03:26:24 AM GMT+02:00
+uid: anon
+objectClass: jetspeeduser
+lastlogindate: 2002.12.09 AD at 01:01:56 AM GMT+02:00
+usergrouprole: Jetspeed,guest
+
+dn: uid=admin, ou=users, ou=jetspeed, o=apache
+confirm: CONFIRMED
+creationdate: 2002.12.09 AD at 01:01:49 AM GMT+02:00
+name: admin
+givenName: Jetspeed
+sn: Admin
+userPassword:: e2NyeXB0fVJVbFNoa1NoQUpPVm8=
+disabled: FALSE
+mail: [EMAIL PROTECTED]
+objectdata:: ck8wQUJYTnlBQk5xWVhaaExuVjBhV3d1U0dGemFIUmhZbXhsRTdzUEpTRks1TGdE
+ QUFKR0FBcHNiMkZrUm1GamRHOXlTUUFKZEdoeQ0KWlhOb2IyeGtlSEEvUUFBQUFBQUFEM2NJQUFB
+ QUNRQUFBQWwwQUFwTVQwZEpUbDlPUVUxRmRBQUZZV1J0YVc1MEFBNVFRVk5UVjA5Uw0KUkY5V1FV
+ eFZSWFFBRkh0amNubHdkSDFTVld4VGFHdFRhRUZLVDFadmRBQUZSVTFCU1V4MEFCcGhaRzFwYmtC
+ cVlXdGhjblJoTFdwbA0KZEhOd1pXVmtMbU52YlhRQUNreEJVMVJmVEU5SFNVNXpjZ0FPYW1GMllT
+ NTFkR2xzTGtSaGRHVm9hb0VCUzFsMEdRTUFBSGh3ZHdnQQ0KQUFEeUFHSURTSGgwQUFsTVFWTlVY
+ MDVCVFVWMEFBVkJaRzFwYm5RQUNrWkpVbE5VWDA1QlRVVjBBQWhLWlhSemNHVmxaSFFBQ0VSSg0K
+ VTBGQ1RFVkVkQUFCUm5RQUNtTm9aV1Z6WlhSbGMzUjBBQWRqYUdWa1pHRnlkQUFOUTA5T1JrbFNU
+ VjlXUVV4VlJYUUFDVU5QVGtaSg0KVWsxRlJIZ0E=
+lastmodifieddate: 2002.12.09 AD at 03:26:19 AM GMT+02:00
+uid: admin
+objectClass: jetspeeduser
+lastlogindate: 2002.12.09 AD at 01:01:49 AM GMT+02:00
+usergrouprole: Jetspeed,admin
+
+dn: uid=customize, ou=permissions, ou=jetspeed, o=apache
+uid: customize
+objectClass: jetspeedpermission
+permissionname: customize
1.2 +62 -49 jakarta-jetspeed/src/ldap/jetspeed.schema
Index: jetspeed.schema
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/src/ldap/jetspeed.schema,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- jetspeed.schema 21 Oct 2002 22:37:29 -0000 1.1
+++ jetspeed.schema 9 Dec 2002 20:24:09 -0000 1.2
@@ -1,64 +1,77 @@
attributetype ( 1.3.6.1.4.1.7915.1.2.3.1 NAME 'groupname'
- DESC 'group name'
- EQUALITY caseIgnoreIA5Match
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
- SINGLE-VALUE )
+ DESC 'group name'
+ EQUALITY caseIgnoreIA5Match
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
+ SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7915.1.2.3.2 NAME 'rolename'
- DESC 'role name'
- EQUALITY caseIgnoreIA5Match
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
- SINGLE-VALUE )
+ DESC 'role name'
+ EQUALITY caseIgnoreIA5Match
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
+ SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7915.1.2.3.3 NAME 'permissionname'
- DESC 'role name'
- EQUALITY caseIgnoreIA5Match
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
- SINGLE-VALUE )
-
+ DESC 'role name'
+ EQUALITY caseIgnoreIA5Match
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
+ SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7915.1.2.3.4 NAME 'rolepermissions'
- DESC 'role rigth'
- EQUALITY caseExactIA5Match
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.44)
-
+ DESC 'role rigth'
+ EQUALITY caseExactIA5Match
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44)
attributetype ( 1.3.6.1.4.1.7915.1.2.3.5 NAME 'members'
- DESC 'member list'
- EQUALITY caseExactIA5Match
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.44)
-
+ DESC 'member list'
+ EQUALITY caseExactIA5Match
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44)
attributetype ( 1.3.6.1.4.1.7915.1.2.3.6 NAME 'confirm'
- DESC 'Confirm value'
- EQUALITY caseIgnoreIA5Match
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
- SINGLE-VALUE )
+ DESC 'Confirm value'
+ EQUALITY caseIgnoreIA5Match
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
+ SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7915.1.2.3.7 NAME 'psml'
- DESC 'PSML'
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
- SINGLE-VALUE )
+ DESC 'PSML'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+ SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.7915.1.2.3.8 NAME 'usergrouprole'
- DESC 'User Group Role'
- SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
- SINGLE-VALUE )
+ DESC 'User Group Role'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+ SINGLE-VALUE )
+attributetype ( 1.3.6.1.4.1.7915.1.2.3.9 NAME 'lastlogindate'
+ DESC 'Last Login Date'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+ SINGLE-VALUE )
+attributetype ( 1.3.6.1.4.1.7915.1.2.3.10 NAME 'lastmodifieddate'
+ DESC 'Last Modified Date'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+ SINGLE-VALUE )
+attributetype ( 1.3.6.1.4.1.7915.1.2.3.11 NAME 'creationdate'
+ DESC 'Account Creation Date'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+ SINGLE-VALUE )
+attributetype ( 1.3.6.1.4.1.7915.1.2.3.12 NAME 'disabled'
+ DESC 'User Disable Flag'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+ SINGLE-VALUE )
+attributetype ( 1.3.6.1.4.1.7915.1.2.3.13 NAME 'objectdata'
+ DESC 'Extraneous User Data'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{65536}
+ SINGLE-VALUE )
objectclass ( 1.3.6.1.4.1.7915.1.2.4.1 NAME 'jetspeedgroup'
- DESC 'Jetspeed Group'
- MUST ( groupname $ uid)
- MAY ( members ) )
-
+ DESC 'Jetspeed Group'
+ MUST ( groupname $ uid)
+ MAY ( members ) )
objectclass ( 1.3.6.1.4.1.7915.1.2.4.2 NAME 'jetspeedrole'
- DESC 'Jetspeed Role'
- MUST ( rolename $ uid)
- MAY (rolepermissions) )
-
+ DESC 'Jetspeed Role'
+ MUST ( rolename $ uid)
+ MAY (rolepermissions) )
objectclass ( 1.3.6.1.4.1.7915.1.2.4.3 NAME 'jetspeedpermission'
- DESC 'Jetspeed Permission'
- MUST ( permissionname $ uid) )
-
+ DESC 'Jetspeed Permission'
+ MUST ( permissionname $ uid) )
objectclass ( 1.3.6.1.4.1.7915.1.2.4.4 NAME 'jetspeeduser'
- DESC 'Jetspeed User'
- MUST ( uid $ userPassword )
- MAY ( mail $ name $ sn $ confirm $ usergrouprole) )
-
+ DESC 'Jetspeed User'
+ MUST ( uid $ userPassword )
+ MAY ( mail $ name $ givenName $ sn $ uidnumber $ lastlogindate $
lastmodifieddate $ creationdate $ disabled $ objectdata $ confirm $ usergrouprole) )
objectclass ( 1.3.6.1.4.1.7915.1.2.4.5 NAME 'jetspeedpsml'
- DESC 'Jetspeed PSML'
- MUST ( uid )
- MAY ( psml ) )
+ DESC 'Jetspeed PSML'
+ MUST ( uid )
+ MAY ( psml ) )
1.1 jakarta-jetspeed/src/ldap/LDAP-JetspeedSecurity.properties
Index: LDAP-JetspeedSecurity.properties
===================================================================
services.JetspeedSecurity.programmatic.cascade.delete=false
services.PortalAuthentication.classname=org.apache.jetspeed.services.security.ldap.LDAPAuthentication
services.PortalAccessController.classname=org.apache.jetspeed.services.security.registry.RegistryAccessController
services.UserManagement.classname=org.apache.jetspeed.services.security.ldap.LDAPUserManagement
services.JetspeedSecurity.user.class=org.apache.jetspeed.om.security.ldap.LDAPUser
services.RoleManagement.classname=org.apache.jetspeed.services.security.ldap.LDAPRoleManagement
services.JetspeedSecurity.role.class=org.apache.jetspeed.om.security.ldap.LDAPRole
services.GroupManagement.classname=org.apache.jetspeed.services.security.ldap.LDAPGroupManagement
services.JetspeedSecurity.group.class=org.apache.jetspeed.om.security.ldap.LDAPGroup
services.PermissionManagement.classname=org.apache.jetspeed.services.security.ldap.LDAPPermissionManagement
services.JetspeedSecurity.permission.class=org.apache.jetspeed.om.security.ldap.LDAPPermission
services.ldap.classname=org.apache.jetspeed.services.ldap.LDAPService
services.ldap.host=195.16.202.3
services.ldap.port=15000
services.ldap.sslport=636
#services.ldap.basedn=o/netotest%c/fi
services.ldap.basedn=o/apache%u/jetspeed
services.ldap.managerdn=cn/ldapadmin%o/apache%u/jetspeed
services.ldap.password=secret
services.ldap.anonymousbind=false
services.ldap.securityauthentication=simple
#services.ldap.securityprotocol=ssl
#services.ldap.socketfactory=javax.net.ssl.SSLSocketFactory
#services.ldap.jndiprovider=com.sun.jndi.ldap.LdapCtxFactory
#services.ldap.saslclientpckgs=
services.ldap.limit=0
services.ldap.timeout=0
services.ldap.version=3
LocalWords: SHA
1.1 jakarta-jetspeed/src/ldap/ldap-notes.txt
Index: ldap-notes.txt
===================================================================
LDAP user management
--------------------
This version of Jetspeed contains an LDAP-based user management service.
The module is experimental, and provided as is. It may lack features
present in other user management implementations.
The module is tested using OpenLDAP slapd 2.0.25 Release having the
following schemas included:
core.schema
cosine.schema
inetorgperson.schema
nis.schema
jetspeed.schema
All the other schemas are provided as a part of OpenLDAP, but
"jetspeed.schema" is provided as a part of Jetspeed Portal platform.
You must put the followind entries to the "slapd.conf" configuration
file in order to make Jetspeed work with LDAP:
database ldbm
suffix "ou=jetspeed,o=apache"
rootdn "cn=ldapadmin,ou=jetspeed,o=apache"
rootpw secret
... and the following entry to "ldap.conf" configuration file:
BASE ou=jetspeed,o=apache
Then copy the schema file "jetspeed.schema" to your LDAP server's
schema directory.
Start slapd, and import the LDIF file "jetspeed.ldif" using your
favourite LDAP tool. Jetspeed's LDIF file contains the same user,
group, roles and permission definitions than the database version.
On the portal side you can enable LDAP user management by renaming the
provided "JetspeedSecurity.ldap" file to "JetspeedSecurity.properties",
and set the "services.ldap.host" property to point to your LDAP
server. Then you should have everything up and running.
If you don't get Jetspeed to work with LDAP but you are sure that
your LDAP tree is properly built, you can contact Sami Leino
([EMAIL PROTECTED]) and he will try to help you.
1.47 +22 -9 jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedSecurity.properties
Index: JetspeedSecurity.properties
===================================================================
RCS file:
/home/cvs/jakarta-jetspeed/webapp/WEB-INF/conf/JetspeedSecurity.properties,v
retrieving revision 1.46
retrieving revision 1.47
diff -u -r1.46 -r1.47
--- JetspeedSecurity.properties 3 Dec 2002 19:36:25 -0000 1.46
+++ JetspeedSecurity.properties 9 Dec 2002 20:24:09 -0000 1.47
@@ -19,7 +19,7 @@
# Authentication Service #
#########################################
-services.PortalAuthentication.classname=org.apache.jetspeed.services.security.turbine.TurbineAuthentication
+services.PortalAuthentication.classname=org.apache.jetspeed.services.security.ldap.LDAPAuthentication
#########################################
# Authorization Service #
@@ -31,31 +31,31 @@
# User Management Service #
#########################################
-services.UserManagement.classname=org.apache.jetspeed.services.security.turbine.TurbineUserManagement
-services.JetspeedSecurity.user.class=org.apache.jetspeed.om.security.BaseJetspeedUser
+services.UserManagement.classname=org.apache.jetspeed.services.security.ldap.LDAPUserManagement
+services.JetspeedSecurity.user.class=org.apache.jetspeed.om.security.ldap.LDAPUser
#########################################
# Role Management Service #
#########################################
-services.RoleManagement.classname=org.apache.jetspeed.services.security.turbine.TurbineRoleManagement
-services.JetspeedSecurity.role.class=org.apache.jetspeed.om.security.BaseJetspeedRole
+services.RoleManagement.classname=org.apache.jetspeed.services.security.ldap.LDAPRoleManagement
+services.JetspeedSecurity.role.class=org.apache.jetspeed.om.security.ldap.LDAPRole
services.JetspeedSecurity.role.default=user
#########################################
# Group Management Service #
#########################################
-services.GroupManagement.classname=org.apache.jetspeed.services.security.turbine.TurbineGroupManagement
-services.JetspeedSecurity.group.class=org.apache.jetspeed.om.security.BaseJetspeedGroup
+services.GroupManagement.classname=org.apache.jetspeed.services.security.ldap.LDAPGroupManagement
+services.JetspeedSecurity.group.class=org.apache.jetspeed.om.security.ldap.LDAPGroup
#########################################
# Permission Management Service #
#########################################
-services.PermissionManagement.classname=org.apache.jetspeed.services.security.turbine.TurbinePermissionManagement
-services.JetspeedSecurity.permission.class=org.apache.jetspeed.om.security.BaseJetspeedPermission
+services.PermissionManagement.classname=org.apache.jetspeed.services.security.ldap.LDAPPermissionManagement
+services.JetspeedSecurity.permission.class=org.apache.jetspeed.om.security.ldap.LDAPPermission
#########################################
# Security Cache Service #
@@ -134,3 +134,16 @@
+services.ldap.classname=org.apache.jetspeed.services.ldap.LDAPService
+services.ldap.host=195.16.202.3
+services.ldap.port=15000
+services.ldap.sslport=636
+services.ldap.basedn=o/apache%ou/jetspeed
+services.ldap.managerdn=cn/ldapadmin%o/apache%ou/jetspeed
+services.ldap.password=secret
+services.ldap.anonymousbind=false
+services.ldap.securityauthentication=simple
+services.ldap.limit=0
+services.ldap.timeout=0
+services.ldap.version=3
+LocalWords: SHA
1.24 +1 -1 jakarta-jetspeed/webapp/WEB-INF/db/jetspeed.properties
Index: jetspeed.properties
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/db/jetspeed.properties,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- jetspeed.properties 8 Dec 2002 19:33:53 -0000 1.23
+++ jetspeed.properties 9 Dec 2002 20:24:09 -0000 1.24
@@ -1,5 +1,5 @@
#HSQL database
-#Sat Dec 07 22:50:05 PST 2002
+#Mon Dec 09 11:55:21 PST 2002
sql.strict_fk=false
readonly=false
sql.strong_fk=true
1.26 +0 -64 jakarta-jetspeed/webapp/WEB-INF/db/jetspeed.script
Index: jetspeed.script
===================================================================
RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/db/jetspeed.script,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- jetspeed.script 8 Dec 2002 19:33:53 -0000 1.25
+++ jetspeed.script 9 Dec 2002 20:24:09 -0000 1.26
@@ -228,67 +228,3 @@
SET READONLY FALSE
SET AUTOCOMMIT TRUE
SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
-SET AUTOCOMMIT TRUE
-SET READONLY FALSE
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
